Package "spamassassin"

  spamassassin (3.4.2-0ubuntu0.18.04.5) bionic-security; urgency=medium

  * SECURITY UPDATE: OS Command Injection in cf file parsing
    - debian/patches/CVE-2020-1946.patch: fix header rule parsing in
      lib/Mail/SpamAssassin/Conf/Parser.pm.
    - CVE-2020-1946

 -- Marc Deslauriers <email address hidden> Mon, 29 Mar 2021 12:56:53 -0400

  spamassassin (3.4.2-0ubuntu0.18.04.3) bionic-security; urgency=medium

  * SECURITY UPDATE: code execution via nefarious CF files
    - debian/patches/CVE-2020-1930.patch: improve logic in
      lib/Mail/SpamAssassin/Plugin/OneLineBodyRuleType.pm.
    - debian/patches/CVE-2020-1931.patch: improve logic in
      lib/Mail/SpamAssassin/Conf.pm, lib/Mail/SpamAssassin/Constants.pm.
    - CVE-2020-1930
    - CVE-2020-1931
  * Thanks to Debian for the patches.

 -- Marc Deslauriers <email address hidden> Tue, 04 Feb 2020 07:52:51 -0500

  spamassassin (3.4.2-0ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: code execution via nefarious CF files
    - debian/patches/CVE-2018-11805: improve rule parsing.
    - CVE-2018-11805
  * SECURITY UPDATE: resource consumption issue
    - debian/patches/CVE-2019-12420: limit checked mime parts.
    - CVE-2019-12420
  * debian/patches/broken_regex_test.patch: disable some broken tests
    causing a FTBFS with certain perl versions.
  * Thanks to Debian for the patches.

 -- Marc Deslauriers <email address hidden> Fri, 10 Jan 2020 11:52:53 -0500

  spamassassin (3.4.2-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Update to 3.4.2 to fix multiple security issues and
    support new rule update signatures (LP: #1796863)
    - debian/patches/*patch: sync patches from 3.4.2-1 package.
    - add pkgrules orig tarball from 3.4.2-1 package.
    - debian/spamassassin.{init,preinst}: properly handle process name
      change in spamassassin 3.4.2.
    - CVE-2017-15705
    - CVE-2018-11780
    - CVE-2018-11781

 -- Marc Deslauriers <email address hidden> Thu, 25 Oct 2018 07:57:41 -0400