A buffer overflow in spamdyke might allow remote attackers to execute arbitrary code.
|Package||mail-filter/spamdyke on all architectures|
|Affected versions||< 4.3.0|
|Unaffected versions||>= 4.3.0|
spamdyke is a drop-in connection-time spam filter for qmail.
Boundary errors related to the "snprintf()" and "vsnprintf()" functions in spamdyke could cause a buffer overflow.
A remote attacker could possibly execute arbitrary code or cause a Denial of Service.
There is no known workaround at this time.
All spamdyke users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=mail-filter/spamdyke-4.3.0"
March 06, 2012
March 06, 2012: 1