A flaw was found in bogofilter's/bogolexer's base64 where it could overwrite memory before its heap buffer, if the base64 input started with an equals sign, such as through misdeclaration of quoted-printable as base64. This would cause bogofilter/bogolexer to corrupt their heap and crash upon receiving such an email message.
Something is wrong with the bogofilter home page, the original referenced advisory  is currently unavailable, however a copy in svn  is. This will also be corrected in upstream version 1.2.2; a patch  is available. Please note that upstream version 1.2.2 is not yet available.
This affects bogofilter as shipped in Fedora 12 and 13, as well as EPEL5.
Created bogofilter tracking bugs for this issue
Affects: fedora-all [bug 611552]
This has been given the name CVE-2010-2494.
bogofilter 1.2.2 is in all current versions of Fedora.