File _patchinfo of Package patchinfo.9750

<patchinfo incident="9750">
  <issue tracker="cve" id="2016-1238"/>
  <issue tracker="bnc" id="1123389">update request: amavisd-new</issue>
  <issue tracker="bnc" id="987887">VUL-0: CVE-2016-1238: perl: loading modules from current directory</issue>
  <category>security</category>
  <rating>moderate</rating>
  <packager>msmeissn</packager>
  <description>This update for amavisd-new fixes the following issues:

Security issue fixed: 

- CVE-2016-1238: Workedaround a perl vulnerability by removing a trailing dot element from @INC	(bsc#987887).

Other issues addressed:

- update to version 2.11.1 (bsc#1123389).
- amavis-services: bumping up syslog level from LOG_NOTICE to LOG_ERR
  for a message "PID &lt;pid&gt; went away", and removed redundant newlines
  from some log messages
- avoid warning messages "Use of uninitialized value in subroutine entry" in Encode::MIME::Header
  when the $check argument is undefined 
- @sa_userconf_maps has been extended to allow loading of per-recipient (or per-policy bank, or global) SpamAssassin configuration set from LDAP. 
  For consistency with SQL a @sa_userconf_maps entry prefixed with 'ldap:' will load SpamAssassin configuration set using the load_scoreonly_ldap() method.
- add some Sanesecurity.Foxhole false positives to the default list @virus_name_to_spam_score_maps

- update amavis-milter to version 2.6.1:
  * Fixed a  bug when creating amavisd-new policy bank names

This update was imported from the SUSE:SLE-15:Update update project.</description>
  <summary>Security update for amavisd-new</summary>
</patchinfo>