Projects / DSPAM / Releases / Major security fixes

RSS All releases tagged Major security fixes

  •  19 Sep 2003 10:57

Release Notes: Trusted user security has been added. A storage driver abstraction layer + API has been added with drivers for MySQL, libdb4, and libdb3. A dspam_merge tool has been created for creating seeded dictionaries.

  •  08 Sep 2003 07:17

Release Notes: Security was enhanced by means of trusted users, argument overrides, and additional data integrity checks. Restricted non-trusted access to certain commandline flags (such as changing their effective dspam user ID) and passthru arguments to avoid hijacking other tools that dspam calls (such as the local delivery agent) have been added. The user recognition and user passthru approach has also been changed in an effort to decrease confusion about passing the userid to the delivery agent, and therefore some configuration changes will need to be made prior to upgrading.

  •  05 Sep 2003 14:00

Release Notes: This release has command line checking for insecure characters in passthrough parameters.

  •  05 Sep 2003 10:25

Release Notes: A permissions-related security vulnerability has been fixed. Potentially insecure functions are disabled unless --enable-insecure-functions is explicitly used at configure time. The locking mechanism has been reworked to support multiple dspam agents sharing an NFS disk to function correctly. A minor quoted-printable parsing bug has been fixed. Perl tools and CGIs have been recoded to adopt --prefix information from configure. A bug in fixing "From" header corruption in some implementations has been fixed. A minor miscalculation in false positive reporting has been fixed.


Project Spotlight

MacX DVD Ripper Mac Free Edition

Software that rips DVD to MOV, MP4, M4V, and iTunes.


Project Spotlight

123 Flash Chat Moodle Module

A chat room module for Moodle.