Mandriva 1271 Published by

Updated SpamAssassin packages are available for Mandrakelinux
_______________________________________________________________________

Mandrakelinux Security Update Advisory
_______________________________________________________________________

Package name: spamassassin
Advisory ID: MDKSA-2004:084
Date: August 18th, 2004

Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1
______________________________________________________________________

Problem Description:

Security fix prevents a denial of service attack open to certain malformed messages; this DoS affects all SpamAssassin 2.5x and 2.6x versions to date.



_______________________________________________________________________

References:

http://marc.theaimsgroup.com/?l=spamassassin-announce&m=109168121628767&w=2
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.0:
5b523cae997b928ef74bcb147bc3dc58 10.0/RPMS/spamassassin-2.63-2.1.100mdk.i586.rpm
648b4aec9d3839102474a18665eb417a 10.0/RPMS/spamassassin-tools-2.63-2.1.100mdk.i586.rpm
764a571c8f7d0ba495da185a1c1ad1fd 10.0/RPMS/perl-Mail-SpamAssassin-2.63-2.1.100mdk.i586.rpm
aeec218cb9e05fc9e0a39b6232b3ffb0 10.0/SRPMS/spamassassin-2.63-2.1.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
09df0a5b383eb0d41575a1f529ab5c0a amd64/10.0/RPMS/spamassassin-2.63-2.1.100mdk.amd64.rpm
55400288a24bee8fc161ff6ee09a43bf amd64/10.0/RPMS/spamassassin-tools-2.63-2.1.100mdk.amd64.rpm
3e80a6cf3cc98ca8e50f038462542dfc amd64/10.0/RPMS/perl-Mail-SpamAssassin-2.63-2.1.100mdk.amd64.rpm
aeec218cb9e05fc9e0a39b6232b3ffb0 amd64/10.0/SRPMS/spamassassin-2.63-2.1.100mdk.src.rpm

Corporate Server 2.1/x86_64:
308c5c891528d7647a859a0e06c476c4 x86_64/corporate/2.1/RPMS/spamassassin-2.53-1.1.C21mdk.x86_64.rpm
9d8fa372922261e3c9a7d972a4ddb4da x86_64/corporate/2.1/RPMS/spamassassin-tools-2.53-1.1.C21mdk.x86_64.rpm
324109473351331503ebf0e949a5eacf x86_64/corporate/2.1/RPMS/perl-Mail-SpamAssassin-2.53-1.1.C21mdk.x86_64.rpm
bb4068503f9f85f1174c312edaa42c50 x86_64/corporate/2.1/SRPMS/spamassassin-2.53-1.1.C21mdk.src.rpm

Mandrakelinux 9.1:
2cae1384e9d5681afaf33bb987666e38 9.1/RPMS/spamassassin-2.44-1.1.91mdk.i586.rpm
f9de623c91ad5fea6a77278fb3c806e2 9.1/RPMS/spamassassin-tools-2.44-1.1.91mdk.i586.rpm
c6e83539afe0d816aa7aa60423ec25f5 9.1/RPMS/perl-Mail-SpamAssassin-2.44-1.1.91mdk.i586.rpm
816b118e15d228db4073242470a0544c 9.1/SRPMS/spamassassin-2.44-1.1.91mdk.src.rpm

Mandrakelinux 9.1/PPC:
c8746cb07bb27db5525745d7596dd1bb ppc/9.1/RPMS/spamassassin-2.44-1.1.91mdk.ppc.rpm
87623c4ec0adff188646c7d07d153c69 ppc/9.1/RPMS/spamassassin-tools-2.44-1.1.91mdk.ppc.rpm
da8537bffa927c435c4fef88fbbee4eb ppc/9.1/RPMS/perl-Mail-SpamAssassin-2.44-1.1.91mdk.ppc.rpm
816b118e15d228db4073242470a0544c ppc/9.1/SRPMS/spamassassin-2.44-1.1.91mdk.src.rpm

Mandrakelinux 9.2:
321c26941160d803263f1f49e9fb0b80 9.2/RPMS/spamassassin-2.55-2.1.92mdk.i586.rpm
4e81f648eaf1a4cfefa4997fe13eb2c9 9.2/RPMS/spamassassin-tools-2.55-2.1.92mdk.i586.rpm
4408fec0d9a9a6a84a2d01345a8a3b37 9.2/RPMS/perl-Mail-SpamAssassin-2.55-2.1.92mdk.i586.rpm
677be35edf38a7363f3714092b12439a 9.2/SRPMS/spamassassin-2.55-2.1.92mdk.src.rpm

Mandrakelinux 9.2/AMD64:
61a2929f0ef503d24252b083692356f1 amd64/9.2/RPMS/spamassassin-2.55-2.1.92mdk.amd64.rpm
2823caa21693d9d430624dd5e15e7c84 amd64/9.2/RPMS/spamassassin-tools-2.55-2.1.92mdk.amd64.rpm
1e9fa6fc40a39e3a7c55a67b6b9daa81 amd64/9.2/RPMS/perl-Mail-SpamAssassin-2.55-2.1.92mdk.amd64.rpm
677be35edf38a7363f3714092b12439a amd64/9.2/SRPMS/spamassassin-2.55-2.1.92mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandrakelinux at:

http://www.mandrakesoft.com/security/advisories

If you want to report vulnerabilities, please contact

security_linux-mandrake.com