Gentoo Linux Security Advisory 201812-7 - Multiple vulnerabilities have been found in SpamAssassin, the worst of which may lead to remote code execution. Versions prior to 3.4.2-r2 are affected.
dba3bc0701b30e7316c68239dcb0b2c5d166d8e853ad177d8d8611f3d01fb659
Ubuntu Security Notice 3811-3 - USN-3811-1 fixed a vulnerability in spamassassin. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
e3da6b076aedc33ab130290d32e7c4daa17bd215d0b895e799ccdf798fae84eb
Ubuntu Security Notice 3811-1 - It was discovered that SpamAssassin incorrectly handled certain unclosed tags in emails. A remote attacker could possibly use this issue to cause a denial of service. It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code. It was discovered that SpamAssassin incorrectly handled meta rule syntax. A local attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
d0467b2ffe47f0944194ff341be74533254817bca4bb0b5301521db17221392d
Red Hat Security Advisory 2018-2916-01 - The SpamAssassin tool provides a way to reduce unsolicited commercial email from incoming email. Issues addressed include a denial of service vulnerability.
63ef35c2ed09a7cd0af31727ce413e4d316821942dd1155dd05321006dd54dde