166969 2007-02-15 08:18 0000 mail-filter/spamassassin DoS <3.1.8 (CVE-2007-0451) 2007-03-02 00:36:12 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://spamassassin.apache.org/ B3 [glsa] P2 enhancement --- 1 gentoo@valli.org security@gentoo.org bernd@linx.net chainsaw@gentoo.org coran.fisher@gmail.com matsuu@gentoo.org perl@gentoo.org sgtphou@fire-eyes.org gentoo@valli.org 2007-02-15 08:18:38 0000 http://svn.apache.org/repos/asf/spamassassin/branches/3.1/build/announcements/3.1.8.txt Reproducible: Always matsuu@gentoo.org 2007-02-16 03:08:52 0000 3.1.8 contains security fix for CVE-2007-0451. mcummings@gentoo.org 2007-02-16 16:22:43 0000 Bumped falco@gentoo.org 2007-02-17 23:56:44 0000 Thanks; hi arches, please test and mark stable spamassassin-3.1.8 if appropriate, thanks jer@gentoo.org 2007-02-18 02:06:17 0000 Stable for HPPA. corsair@gentoo.org 2007-02-18 08:40:51 0000 ppc64 stable ahf@0x90.dk 2007-02-18 10:47:15 0000 Stable on Alpha, IA64 and MIPS. dertobi123@gentoo.org 2007-02-18 11:12:34 0000 ppc stable maekke@gentoo.org 2007-02-18 12:15:47 0000 mail-filter/spamassassin-3.1.8 USE="berkdb ipv6 ldap ssl -doc -mysql -postgres -qmail -sqlite -tools" 1. emerges on x86 2. passes test suite 3. passes collision test 4. evolution still works with it Portage 2.1.2-r9 (default-linux/x86/2006.1/desktop, gcc-4.1.1, glibc-2.5-r0, 2.6.19.3 i686) ================================================================= System uname: 2.6.19.3 i686 Genuine Intel(R) CPU T2300 @ 1.66GHz Gentoo Base System release 1.12.9 Timestamp of tree: Sat, 17 Feb 2007 09:30:01 +0000 dev-java/java-config: 1.3.7, 2.0.31 dev-lang/python: 2.3.5-r3, 2.4.3-r4 dev-python/pycrypto: 2.0.1-r5 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.14 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.17-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=prescott -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c" CXXFLAGS="-O2 -march=prescott -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--nospinner" FEATURES="autoconfig collision-protect distlocks metadata-transfer parallel-fetch sandbox sfperms strict test userfetch userpriv usersandbox" GENTOO_MIRRORS="http://mirror.switch.ch/mirror/gentoo/ http://gentoo.inode.at/" LINGUAS="en de en_GB de_CH" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X a52 aac acpi alsa apache2 asf berkdb bitmap-fonts cairo cdr cdrom cli cracklib crypt cups dbus divx dlloader dri dts dvd dvdr dvdread eds emboss encode fam ffmpeg firefox flac fortran gdbm gif gnome gpm gstreamer gtk hal iconv ipv6 isdnlog java jpeg kde kdeenablefinal ldap libg++ mad midi mikmod mmx mono mp3 mpeg ncurses nls nptl nptlonly ogg opengl oss pam pcre perl png ppds pppd python qt3 qt4 quicktime readline reflection rtsp ruby samba sdl session smp spell spl sse sse2 sse3 ssl svg tcpd test tetex theora threads truetype truetype-fonts type1-fonts unicode vcd vorbis win32codecs wxwindows x264 x86 xine xml xorg xprint xv xvid zlib" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LINGUAS="en de en_GB de_CH" USERLAND="GNU" VIDEO_CARDS="i810 fbdev vesa" Unset: CTARGET, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY armin76@gentoo.org 2007-02-18 12:40:38 0000 x86 stable weeve@gentoo.org 2007-02-18 18:39:59 0000 SPARC stable malc@gentoo.org 2007-02-19 20:55:03 0000 amd64 stable, anyone for a nice cup of GLSA? falco@gentoo.org 2007-02-23 17:46:40 0000 thanks arches, i vote for a GLSA vorlon@gentoo.org 2007-02-25 19:43:07 0000 agreed falco@gentoo.org 2007-03-02 00:36:12 0000 GLSA 200703-02, thanks everybody