This update for spamassassin to version 3.4.2 fixes the following issues: Security issues fixed: - CVE-2017-15705: Fixed denial of service via unclosed tags in crafted emails . - CVE-2018-11781: Fixed a code injection in the meta rule syntax by local users . - CVE-2018-11780: Fixed a potential remote code execution vulnerability in PDFInfo plugin . Non-security issues fixed: - Added four new plugins : HashBL, ResourceLimits, FromNameSpoof, Phishing - sa-update script: optional support for SHA-256 / SHA-512 been added for better validation of rules - GeoIP2 support has been added to RelayCountry and URILocalBL plugins - Several new or enhanced configuration options