THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Our Security Policy
Reporting a vulnerability
To report a vulnerability you can either email security /at/ spamassassin.apache.org or open a bugzilla issue being very careful to set the Component to Security so that it is not generally visible. If you create the bug report you will have access to it, as will the security team.
Security team process
Once a potential vulnerability is reported to the committers, and has been verified to be an issue, here's what to do (based on what we did for bug 5480):
...