Summary: | <mail-filter/spamassassin-3.4.3: multiple vulnerabilities (CVE-{2018-11805,2019-12420}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Benny Pedersen <me> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | bug, gentoo_bugs_peep, hanno, hydrapolic, maracay, mjo, proxy-maint |
Priority: | Normal | Flags: | nattka:
sanity-check-
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-11805 | ||
See Also: | https://github.com/gentoo/gentoo/pull/13955 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
mail-filter/spamassassin-3.4.3
dev-perl/BSD-Resource-1.291.100 arm arm64 hppa ppc ppc64
|
Runtime testing required: | --- |
Bug Depends on: | 707816 | ||
Bug Blocks: |
Description
Benny Pedersen
2019-12-12 12:57:56 UTC
Added GitHub PR that bumps spamassassin to v3.4.3. https://github.com/gentoo/gentoo/pull/13955 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a2221369f2ed3c8b5fa155bcf9c2660669c3eaaf commit a2221369f2ed3c8b5fa155bcf9c2660669c3eaaf Author: Philippe Chaintreuil <gentoo_bugs_peep@parallaxshift.com> AuthorDate: 2019-12-12 15:06:02 +0000 Commit: Michael Orlitzky <mjo@gentoo.org> CommitDate: 2019-12-20 11:45:39 +0000 mail-filter/spamassassin: Bump to v3.4.3 - Remove 3.4.2 patches that have been fixed by 3.4.3 - Adjust SQL Update warning trigger as 3.4.3 has more schema changes Bug: https://bugs.gentoo.org/702594 Closes: https://github.com/gentoo/gentoo/pull/13955 Package-Manager: Portage-2.3.79, Repoman-2.3.16 Signed-off-by: Philippe Chaintreuil <gentoo_bugs_peep@parallaxshift.com> Signed-off-by: Michael Orlitzky <mjo@gentoo.org> mail-filter/spamassassin/Manifest | 1 + mail-filter/spamassassin/spamassassin-3.4.3.ebuild | 284 +++++++++++++++++++++ 2 files changed, 285 insertions(+) Ebuild's in, I think this is ready for stability testing. Current stable ebuild is spamassassin-3.4.2-r2 which has "alpha amd64 arm arm64 hppa ia64 ppc ppc64 s390 sparc x86" as its stable arches, for reference. Submitted stabilization request bug: https://bugs.gentoo.org/705982 *** Bug 705982 has been marked as a duplicate of this bug. *** amd64 stable ppc stable ppc64 stable sparc stable ia64 stable x86 stable hppa stable arm stable ping for arm64 stabilization. (Also checking that it didn't fall through the cracks when vanilla arm got stabilized.) You're the last major holdout. (s390 is still outstanding, but I figure that's a small community.) Superseded by bug 707816. Unable to check for sanity:
> no match for package: mail-filter/spamassassin-3.4.3
Unable to check for sanity:
> dependent bug #707816 is missing keywords
Unable to check for sanity:
> no match for package: mail-filter/spamassassin-3.4.3
GLSA Vote: No Thank you all for you work. Closing as [noglsa]. |