openSUSE-SU-2019:0297-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2019:0297-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2019:0297-1
Related
Published
2019-03-23T11:10:44Z
Modified
2019-03-23T11:10:44Z
Summary
Security update for amavisd-new
Details

This update for amavisd-new fixes the following issues:

Security issue fixed:

  • CVE-2016-1238: Workedaround a perl vulnerability by removing a trailing dot element from @INC (bsc#987887).

Other issues addressed:

  • update to version 2.11.1 (bsc#1123389).
  • amavis-services: bumping up syslog level from LOGNOTICE to LOGERR for a message 'PID <pid> went away', and removed redundant newlines from some log messages
  • avoid warning messages 'Use of uninitialized value in subroutine entry' in Encode::MIME::Header when the $check argument is undefined
  • @sauserconfmaps has been extended to allow loading of per-recipient (or per-policy bank, or global) SpamAssassin configuration set from LDAP. For consistency with SQL a @sauserconfmaps entry prefixed with 'ldap:' will load SpamAssassin configuration set using the loadscoreonlyldap() method.
  • add some Sanesecurity.Foxhole false positives to the default list @virusnametospamscore_maps

  • update amavis-milter to version 2.6.1:

    • Fixed a bug when creating amavisd-new policy bank names

This update was imported from the SUSE:SLE-15:Update update project.

References

Affected packages