===================================================================== CERT-Renater Note d'Information No. 2006/VULN305 _____________________________________________________________________ DATE : 06/06/2006 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running SpamAssassin. ====================================================================== http://www.nabble.com/forum/ViewPost.jtp?post=4717572&framed=y http://www.nabble.com/forum/ViewPost.jtp?post=4717543&framed=y ______________________________________________________________________ Apache SpamAssassin 3.0.6 is now available! This is a maintainance release of the 3.0.x branch. Downloads are available from: http://spamassassin.apache.org/downloads.cgi?update=200606050750 The release file will also be available via CPAN in the near future. md5sum of archive files: 423eb193db9f7757c6d957f5c04550cb Mail-SpamAssassin-3.0.6.tar.bz2 bf0a1e1a7f6e5dd719deda6293b83e35 Mail-SpamAssassin-3.0.6.tar.gz 72c012d51f8507c2839a34f900c80412 Mail-SpamAssassin-3.0.6.zip sha1sum of archive files: 10d42d954c421f40fbbd9411a5ff096e29240c6f Mail-SpamAssassin-3.0.6.tar.bz2 78358df8ea26513a8fbe466f484d19e487e5438f Mail-SpamAssassin-3.0.6.tar.gz 17031fd2c9b54846d4e41d7ea3945639659fd91e Mail-SpamAssassin-3.0.6.zip The release files also have a .asc accompanying them. The file serves as an external GPG signature for the given release file. The signing key is available via the wwwkeys.pgp.net key server, as well as http://spamassassin.apache.org/released/GPG-SIGNING-KEY The key information is: pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B 3.0.6 fixes a remote code execution vulnerability if spamd is run with the "--vpopmail" and "-P" options. If either/both of those options are not used, there is no vulnerability. Changelog: - bug 4926: given a certain set of parameters to spamd and a specially formatted input message, users could cause spamd to execute arbitrary commands as the spamd user ------------------------------------------------------------------------- Apache SpamAssassin 3.1.3 is now available! This is a maintainance release of the 3.1.x branch. Downloads are available from: http://spamassassin.apache.org/downloads.cgi?update=200606050750 The release file will also be available via CPAN in the near future. md5sum of archive files: 5f049f0b9fc63585a85593a3c68409bb Mail-SpamAssassin-3.1.3.tar.bz2 32ad78f3cdaddb02cdf0f55572604d07 Mail-SpamAssassin-3.1.3.tar.gz 6cb6fc27c4466091b2bc4e04af8c39bf Mail-SpamAssassin-3.1.3.zip sha1sum of archive files: e1f4489ec8805985e0ca79765bde586bf0286725 Mail-SpamAssassin-3.1.3.tar.bz2 ed9e18fae6db86d0b77ce48d8262194e06df9ef8 Mail-SpamAssassin-3.1.3.tar.gz 090dfd3eaa0481789fbf94f67bcf9c2dd6387959 Mail-SpamAssassin-3.1.3.zip The release files also have a .asc accompanying them. The file serves as an external GPG signature for the given release file. The signing key is available via the wwwkeys.pgp.net key server, as well as http://spamassassin.apache.org/released/GPG-SIGNING-KEY The key information is: pub 1024D/265FA05B 2003-06-09 SpamAssassin Signing Key Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24 F6D7 DEE0 1987 265F A05B 3.1.3 fixes a remote code execution vulnerability if spamd is run with the "--vpopmail" and "-P" options. If either/both of those options are not used, there is no vulnerability. There was also a fix for the userstate directory and prefs file not being created. Changelog: - bug 4926: given a certain set of parameters to spamd and a specially formatted input message, users could cause spamd to execute arbitrary commands as the spamd user - bug 4932: the userstate dir and userprefs file would not be created under certain conditions. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================