[SECURITY] Fedora 32 Update: spamassassin-3.4.5-1.fc32

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-5a4377797c 2021-04-04 00:47:50.315737 -------------------------------------------------------------------------------- Name : spamassassin Product : Fedora 32 Version : 3.4.5 Release : 1.fc32 URL : https://spamassassin.apache.org/ Summary : Spam filter for email which can be invoked from mail delivery agents Description : SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email (SPAM) from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring system to identify messages which look spammy, then adds headers to the message so they can be filtered by the user's mail reading software. This distribution includes the spamd/spamc components which create a server that considerably speeds processing of mail. To enable spamassassin, if you are receiving mail locally, simply add this line to your ~/.procmailrc: INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc To filter spam for all users, add that line to /etc/procmailrc (creating if necessary). -------------------------------------------------------------------------------- Update Information: Upstream version 3.4.5. See http://mail-archives.apache.org/mod_mbox/www- announce/202103.mbox/%3cd028983e-bad3-854b-ec9a-e8b0f922d627(a)apache.org%3e for details. Fixes CVE-2020-1946 -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 25 2021 Kevin Fenzi <kevin(a)scrye.com&gt; - 3.4.5-1 - Update to 3.4.5. Fixes rhbz#1942575 - Fixes CVE-2020-1946 * Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 3.4.4-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Sat Nov 21 2020 Kevin Fenzi <kevin(a)scrye.com&gt; - 3.4.4-7 - Add upstreamed patch for GeoIP handling. * Wed Jul 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 3.4.4-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Tue Jul 14 2020 Tom Stellard <tstellar(a)redhat.com&gt; - 3.4.4-5 - Use make macros - https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro * Tue Jun 23 2020 Jitka Plesnikova <jplesnik(a)redhat.com&gt; - 3.4.4-4 - Perl 5.32 rebuild * Wed Apr 22 2020 Kevin Fenzi <kevin(a)scrye.com&gt; - 3.4.4-3 - Switch update timer to not need spamassassin service. Fixes bug #1645826 * Wed Mar 18 2020 Ond��ej Lyson��k <olysonek(a)redhat.com&gt; - 3.4.4-2 - Remove references to the SOUGHT channel -------------------------------------------------------------------------------- References: [ 1 ] Bug #1862520 - request rebuild for F32; compile-time SSL lib update for 'spamc' https://bugzilla.redhat.com/show_bug.cgi?id=1862520 [ 2 ] Bug #1943277 - CVE-2020-1946 spamassassin: Malicious rule configuration files can be configured to run system commands [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1943277 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-5a4377797c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------