Re: DoS on 2.63

[Justin Mason <jm...@jmason.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Yes, you probably should upgrade.

BTW that upgrade text is incorrect, doesn't match what's on the website,
and this issue has nothing to do with GTUBE.  Any idea where it came from?

- --j.

Asif Iqbal writes:
> Hi All
> 
> What you guys think about this 
> 
> http://www.securityfocus.com/advisories/7044
> 
> Platform: Unix
>  Title: SpamAssassin GTUBE Denial of Service
>  Description: SpamAssassin is a mail filter that identifies and
> processes spam. Incorrect processing of mails with the GTUBE string
> exposes an access circumvention weakness and subsequent denial of
> service in the application.  SpamAssassin versions 2.64 and earlier
> are reported to be affected.
> 
> Should I need to upgrade my spamassassin 2.63?
> 
> I am using qmail-scanner-->spamc-->spamd(127.0.0.1)
> 
> Thanks
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh CVS

iD8DBQFBIQj5QTcbUG5Y7woRAjfZAJ9pISFSHKQOAr9CWfHmYUYfH5MEMgCffB2S
p3/RbchCSmp+dfZOcTRXtBQ=
=CT/I
-----END PGP SIGNATURE-----

Re: DoS on 2.63

[Matt Kettler <mk...@evi-inc.com>]

At 03:20 PM 8/16/2004, Justin Mason wrote:
>Yes, you probably should upgrade.
>
>BTW that upgrade text is incorrect, doesn't match what's on the website,
>and this issue has nothing to do with GTUBE.  Any idea where it came from?

It's apparently in one of the bugtraq ID numbers on the same site.. might 
be a typo or mis-report.


http://www.securityfocus.com/bid/10898/discussion/