tech-pkg: Re: Insecure dependency in eval

Subject: Re: Insecure dependency in eval
To: Klaus Heinz <k.heinz.nov.fuenf@onlinehome.de>
From: Roland Illig <rillig@NetBSD.org>
List: tech-pkg
Date: 11/23/2005 08:01:33

Klaus Heinz wrote:
> Roland Illig wrote:
> 
>>And here it is. I don't think it is security-related since the name of 
>>the file indicates that it is only used for reading configuration files. 
>>I have already reported it upstream.
> 
> 
> This is a known, but yet unsolved problem:
>   http://issues.apache.org/SpamAssassin/show_bug.cgi?id=3838

I guess it will be fixed in a few days:
   http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4700

Roland