Mark Martinec

**Name of the Vulnerable Software and Affected Versions** SpamAssassin version 3.0.4 **Description** The issue allows attackers to bypass spam detection by sending an e-mail with a large number of recipients, which triggers a bus error in Perl. **Recommendations** For SpamAssassin version 3.0.4, consider updating to a newer version that addresses this issue, as the current version allows attackers to bypass spam detection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Convert::UUlib versions prior to 1.051 **Description** The issue is related to a buffer overflow in the Convert::UUlib module, which can be exploited by remote attackers to execute arbitrary code via a malformed parameter to a read operation. Additionally, there are multiple vulnerabilities in the libconvert-uulib-perl package that can lead to breaches of confidentiality, integrity, and availability of protected information, and these can be exploited remotely. **Recommendations** For Convert::UUlib versions prior to 1.051, update to version 1.051 or later to resolve the issue. As a temporary workaround, consider restricting access to the Convert::UUlib module to minimize the risk of exploitation.