Hello and thanks for this bug report. While the security update did introduce a change in amavisd behavior ([1] is how upstream describe the change), I am unable to tell if the problem comes directly or only from amavisd, or if some other package/component is involved (altermime?).
Would it be possible for you to experiment by downgrading amavisd-new to its previous version, and check if the problem goes away? This should be feasible by running: apt install amavisd-new=1:2.12.2-1ubuntu1 This will help understanding if it is indeed amavisd-new to be problematic, or some other package that got upgraded together with it. Thanks! [1] https://gitlab.com/amavis/amavis/-/blob/master/README_FILES/README.CVE-2024-28054?ref_type=heads ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-28054 ** Changed in: amavisd-new (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2067460 Title: Amavisd crashes when calling external command /usr/bin/altermime after updated to 2.12.2-1ubuntu1.1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/amavisd-new/+bug/2067460/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
