Updates/spamassassin-3.0.6-1.fc4

From FarsiWeb

Security impact: Moderate

The package spamassassin contains a spam filter for email which can be invoked from mail delivery agents.

This update fixes Common Vulnerabilities and Exposures issue CVE 2006-2447:

SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username.

Note that you are affected by this bug only if you launched spamd with both --vpopmail and --paranoid, which is not a common configuration.

This update will update spamassasin to the new version 3.0.6, which contains a fix for the bug.