From 51668face46022b2c406d43816f0b14070e9d54a Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 3 Nov 2020 06:57:51 -0500 Subject: [PATCH] import bogofilter-1.2.5-2.el8 --- .bogofilter.metadata | 2 +- .gitignore | 2 +- SOURCES/patch.r6995 | 14 ----- SOURCES/patch.r7009 | 16 ------ SOURCES/patch.r7016 | 127 ------------------------------------------ SOURCES/patch.r7023 | 83 --------------------------- SOURCES/patch.r7030 | 48 ---------------- SOURCES/patch.r7032 | 19 ------- SOURCES/patch.r7034 | 16 ------ SOURCES/patch.r7035 | 40 ------------- SPECS/bogofilter.spec | 43 ++++---------- 11 files changed, 13 insertions(+), 397 deletions(-) delete mode 100644 SOURCES/patch.r6995 delete mode 100644 SOURCES/patch.r7009 delete mode 100644 SOURCES/patch.r7016 delete mode 100644 SOURCES/patch.r7023 delete mode 100644 SOURCES/patch.r7030 delete mode 100644 SOURCES/patch.r7032 delete mode 100644 SOURCES/patch.r7034 delete mode 100644 SOURCES/patch.r7035 diff --git a/.bogofilter.metadata b/.bogofilter.metadata index c7382fe..40e3601 100644 --- a/.bogofilter.metadata +++ b/.bogofilter.metadata @@ -1 +1 @@ -fdfe478844a2691fe621a0174ede38ae0b4058e2 SOURCES/bogofilter-1.2.4.repack.tar.gz +c779c3afb3e57ae0208ee503a854aff716b0cafd SOURCES/bogofilter-1.2.5.tar.xz diff --git a/.gitignore b/.gitignore index a9745b6..c080a3f 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/bogofilter-1.2.4.repack.tar.gz +SOURCES/bogofilter-1.2.5.tar.xz diff --git a/SOURCES/patch.r6995 b/SOURCES/patch.r6995 deleted file mode 100644 index a451a13..0000000 --- a/SOURCES/patch.r6995 +++ /dev/null @@ -1,14 +0,0 @@ -Index: bogofilter/NEWS -=================================================================== ---- bogofilter/NEWS (revision 6994) -+++ bogofilter/NEWS (revision 6995) -@@ -46,7 +46,8 @@ - svn checkout http://svn.code.sf.net/p/bogofilter/code/trunk bogofilter - - And developers would use, replacing joe by their sf.net login: -- svn checkout --username=joe svn+ssh://m-a@svn.code.sf.net/p/bogofilter/code/trunk bogofilter -+ svn checkout --username=joe \ -+ svn+ssh://svn.code.sf.net/p/bogofilter/code/trunk bogofilter - - 2012-12-03 - * Add bogofilter-SA-2012-01 (CVE-2012-5468). diff --git a/SOURCES/patch.r7009 b/SOURCES/patch.r7009 deleted file mode 100644 index f5c16a7..0000000 --- a/SOURCES/patch.r7009 +++ /dev/null @@ -1,16 +0,0 @@ -Index: bogofilter/NEWS -=================================================================== ---- bogofilter/NEWS (revision 7008) -+++ bogofilter/NEWS (revision 7009) -@@ -15,6 +15,11 @@ - - ------------------------------------------------------------------------------- - -+ 2013-11-30 -+ -+ * Updated autoconf/automake stuff so that tests work properly with -+ automake versions that default to running parallel-tests. -+ - 1.2.4 2013-07-01 (released) - - 2013-06-28 diff --git a/SOURCES/patch.r7016 b/SOURCES/patch.r7016 deleted file mode 100644 index 9560d45..0000000 --- a/SOURCES/patch.r7016 +++ /dev/null @@ -1,127 +0,0 @@ -Index: bogofilter/AUTHORS -=================================================================== ---- bogofilter/AUTHORS (revision 7015) -+++ bogofilter/AUTHORS (revision 7016) -@@ -55,3 +55,4 @@ - Marco Bozzolan - Paul Mangan - Roman Trunov -+Julius Plenz -Index: bogofilter/src/tests/inputs/t.passthrough-truncation-in.gz -=================================================================== -Cannot display: file marked as a binary type. -svn:mime-type = application/octet-stream -Index: bogofilter/src/tests/inputs/t.passthrough-truncation-in.gz -=================================================================== ---- bogofilter/src/tests/inputs/t.passthrough-truncation-in.gz (nonexistent) -+++ bogofilter/src/tests/inputs/t.passthrough-truncation-in.gz (revision 7016) - -Property changes on: bogofilter/src/tests/inputs/t.passthrough-truncation-in.gz -___________________________________________________________________ -Added: svn:mime-type -## -0,0 +1 ## -+application/octet-stream -\ No newline at end of property -Index: bogofilter/src/tests/t.passthrough-truncation -=================================================================== ---- bogofilter/src/tests/t.passthrough-truncation (nonexistent) -+++ bogofilter/src/tests/t.passthrough-truncation (revision 7016) -@@ -0,0 +1,19 @@ -+#! /bin/sh -+ -+. ${srcdir:=.}/t.frame -+ -+# t.passthrough-hb -+# -+# test for correct passthrough of misdeclared MIME parts -+# test case provided by Julius Plenz, July 2014. -+ -+gzip -c -d <"$srcdir/inputs/t.passthrough-truncation-in.gz" >"$TMPDIR/input" -+$BOGOFILTER -e -p -C < "$TMPDIR/input" \ -+| $GREP -v "^X-Bogosity: Unsure," > "$TMPDIR/output" -+ -+if [ $verbose -eq 0 ]; then -+ cmp "$TMPDIR/input" "$TMPDIR/output" -+else -+ set +e -+ diff $DIFF_BRIEF "$TMPDIR/input" "$TMPDIR/output" -+fi - -Property changes on: bogofilter/src/tests/t.passthrough-truncation -___________________________________________________________________ -Added: svn:executable -## -0,0 +1 ## -+* -\ No newline at end of property -Index: bogofilter/src/tests/Makefile.am -=================================================================== ---- bogofilter/src/tests/Makefile.am (revision 7015) -+++ bogofilter/src/tests/Makefile.am (revision 7016) -@@ -35,7 +35,7 @@ - t.ignore_spam_header \ - t.nullstatsprefix \ - t.integrity t.integrity2 t.integrity3 \ -- t.passthrough-hb \ -+ t.passthrough-hb t.passthrough-truncation \ - t.escaped.html t.escaped.url \ - t.base64 t.split t.parsing \ - t.lexer t.lexer.mbx t.lexer.qpcr t.lexer.eoh \ -@@ -97,6 +97,7 @@ - inputs/msg.split.dr.0118.base64 \ - inputs/msg.split.gs.0119.text \ - inputs/spam.mbx \ -+ inputs/t.passthrough-truncation-in.gz \ - outputs/MH.out \ - outputs/bogolex.out \ - outputs/bulkmode.out \ -Index: bogofilter/src/lexer.c -=================================================================== ---- bogofilter/src/lexer.c (revision 7015) -+++ bogofilter/src/lexer.c (revision 7016) -@@ -220,15 +220,25 @@ - - #ifndef DISABLE_UNICODE - if (encoding == E_UNICODE && -- !msg_state->mime_dont_decode) -+ !msg_state->mime_dont_decode && -+ count > 0) - { - iconvert(linebuff, buff); -+ -+ /* If we return count = 0 here, the caller will think we have -+ * no more bytes left to read, even though before the iconvert -+ * call we had a positive number of bytes. This *will* lead to -+ * a message truncation which we try to avoid by simply -+ * returning the original input buffer (which has positive -+ * length) instead. */ -+ if(buff->t.leng == 0) -+ memcpy(buff, linebuff, sizeof(*buff)); -+ - /* - * iconvert, treating multi-byte sequences, can shrink or enlarge - * the output compared to its input. Correct count. - */ -- if (count > 0) -- count = buff->t.leng; -+ count = buff->t.leng; - } - #endif - -Index: bogofilter/NEWS -=================================================================== ---- bogofilter/NEWS (revision 7015) -+++ bogofilter/NEWS (revision 7016) -@@ -15,6 +15,13 @@ - - ------------------------------------------------------------------------------- - -+ 2014-07-10 -+ -+ * Take patch from Julius Plenz to fix a bug in the charset converter -+ that causes truncation of messages in pass-through mode in rare -+ circumstances, for instance, if binary data is misdeclared as -+ text/html. Also add his test case, t.passthrough-truncation. -+ - 2013-11-30 - - * Updated autoconf/automake stuff so that tests work properly with diff --git a/SOURCES/patch.r7023 b/SOURCES/patch.r7023 deleted file mode 100644 index b02f5e8..0000000 --- a/SOURCES/patch.r7023 +++ /dev/null @@ -1,83 +0,0 @@ -Index: bogofilter/src/mime.c -=================================================================== ---- bogofilter/src/mime.c (revision 7022) -+++ bogofilter/src/mime.c (revision 7023) -@@ -279,6 +279,25 @@ - mime_push(parent); - } - -+static bool is_final_boundary( -+ const byte *ins, -+ size_t inlen, -+ size_t blen -+) -+{ -+ if (inlen >= 5 -+ && inlen >= blen + 2 -+ && ins[0] == '-' -+ && ins[1] == '-' -+ && ins[blen+2] == '-' -+ && ins[blen+3] == '-') -+ { -+ return true; -+ } -+ return false; -+} -+ -+ - /** - * Check if the line given in \a boundary is a boundary of one of the - * outer MIME containers and store the results in \a b. -@@ -301,28 +320,18 @@ - (buf[blen - 1] == '\r' || buf[blen - 1] == '\n')) - blen--; - -- /* skip initial -- */ -- buf += 2; -- blen -= 2; -- -- /* skip and note ending --, if any */ -- if (blen > 2 && buf[blen - 1] == '-' && buf[blen - 2] == '-') { -- b->is_final = true; -- blen -= 2; -- } else { -- b->is_final = false; -- } -- - /* search stack for matching boundary, in reverse order */ - for (ptr = mime_stack_bot; ptr != NULL; ptr = ptr->parent) - { - if (is_mime_container(ptr) - && ptr->boundary != NULL -- && ptr->boundary_len == blen -- && (memcmp(ptr->boundary, buf, blen) == 0)) -+ && (ptr->boundary_len + 2 == blen -+ || ptr->boundary_len + 4 == blen) -+ && (memcmp(ptr->boundary, buf + 2, ptr->boundary_len) == 0)) - { - b->depth = ptr->depth; - b->is_valid = true; -+ b->is_final = is_final_boundary(buf, blen, ptr->boundary_len); - break; - } - } -Index: bogofilter/NEWS -=================================================================== ---- bogofilter/NEWS (revision 7022) -+++ bogofilter/NEWS (revision 7023) -@@ -15,6 +15,15 @@ - - ------------------------------------------------------------------------------- - -+ 2015-02-25 -+ -+ * Fix the lexer to handle MIME multipart messages properly when the -+ boundary ended in "--". The parser would previously never find the -+ MIME parts because it mistook all boundaries ending in two dashes to -+ be the final boundary of the multipart, rather than checking if the -+ two dashes were extra. -+ Reported by Matt Garretson to the bogofilter mailing list today. -+ - 2014-07-10 - - * Take patch from Julius Plenz to fix a bug in the charset converter diff --git a/SOURCES/patch.r7030 b/SOURCES/patch.r7030 deleted file mode 100644 index 1465e8a..0000000 --- a/SOURCES/patch.r7030 +++ /dev/null @@ -1,48 +0,0 @@ -Index: bogofilter/src/lexer.c -=================================================================== ---- bogofilter/src/lexer.c (revision 7029) -+++ bogofilter/src/lexer.c (revision 7030) -@@ -329,7 +329,7 @@ - count += cnt; - - /* Note: some malformed messages can cause xfgetsl() to report -- ** "Invalid buffer size, exiting." ** and then abort. This -+ ** "Invalid buffer size, exiting." and then abort. This - ** can happen when the parser is in html mode and there's a - ** leading '<' but no closing '>'. - ** -@@ -343,9 +343,12 @@ - - if (count >= MAX_TOKEN_LEN * 2 && - long_token(buff.t.u.text, (uint) count)) { -- uint start = buff.t.leng - count; -- uint length = count - max_token_len; -- buff_shift(&buff, start, length); -+ /* Make sure not to shift bytes outside the buffer */ -+ if (buff.t.leng >= (uint) count) { -+ uint start = buff.t.leng - count; -+ uint length = count - max_token_len; -+ buff_shift(&buff, start, length); -+ } - count = buff.t.leng; - } - else -Index: bogofilter/NEWS -=================================================================== ---- bogofilter/NEWS (revision 7029) -+++ bogofilter/NEWS (revision 7030) -@@ -15,6 +15,14 @@ - - ------------------------------------------------------------------------------- - -+ 2015-02-28 -+ -+ * Fix the lexer to not try to delete parts from HTML tokens if it is -+ reading garbage (for instance, binary files misdeclared as HTML). -+ This was exposed on Fedora 20 and 21 but not Ubuntu 14.04 (x86_64), -+ and is possibly related to its newer flex 2.5.37 that may have -+ changed the way it uses yyinput() a bit. Reported by Matt Garretson. -+ - 2015-02-25 - - * Fix the lexer to handle MIME multipart messages properly when the diff --git a/SOURCES/patch.r7032 b/SOURCES/patch.r7032 deleted file mode 100644 index eaba3ad..0000000 --- a/SOURCES/patch.r7032 +++ /dev/null @@ -1,19 +0,0 @@ -Index: bogofilter/src/maint.c -=================================================================== ---- bogofilter/src/maint.c (revision 7031) -+++ bogofilter/src/maint.c (revision 7032) -@@ -118,11 +118,11 @@ - bool discard; - - if (token->u.text[0] == '.') { /* keep .ENCODING, .MSG_COUNT, and .ROBX */ -- if (strcmp((const char *)token->u.text, MSG_COUNT) == 0) -+ if (0 == word_cmps(token, MSG_COUNT)) - return false; -- if (strcmp((const char *)token->u.text, ROBX_W) == 0) -+ if (0 == word_cmps(token, ROBX_W)) - return false; -- if (strcmp((const char *)token->u.text, WORDLIST_ENCODING) == 0) -+ if (0 == word_cmps(token, WORDLIST_ENCODING)) - return false; - } - diff --git a/SOURCES/patch.r7034 b/SOURCES/patch.r7034 deleted file mode 100644 index 790b901..0000000 --- a/SOURCES/patch.r7034 +++ /dev/null @@ -1,16 +0,0 @@ -Index: bogofilter/NEWS -=================================================================== ---- bogofilter/NEWS (revision 7033) -+++ bogofilter/NEWS (revision 7034) -@@ -15,6 +15,11 @@ - - ------------------------------------------------------------------------------- - -+ 2015-10-10 -+ -+ * Fix an out-of-bounds memory read in maint.c's discard_token(). -+ Found with clang 3.6's address sanitizer. -+ - 2015-02-28 - - * Fix the lexer to not try to delete parts from HTML tokens if it is diff --git a/SOURCES/patch.r7035 b/SOURCES/patch.r7035 deleted file mode 100644 index 6ef6f81..0000000 --- a/SOURCES/patch.r7035 +++ /dev/null @@ -1,40 +0,0 @@ -Index: bogofilter/src/wordlists.c -=================================================================== ---- bogofilter/src/wordlists.c (revision 7034) -+++ bogofilter/src/wordlists.c (revision 7035) -@@ -265,9 +265,6 @@ - xfree(i); - } - -- if (commit) -- word_lists = NULL; -- - return err; - } - -Index: bogofilter/src/wordlists_base.c -=================================================================== ---- bogofilter/src/wordlists_base.c (revision 7034) -+++ bogofilter/src/wordlists_base.c (revision 7035) -@@ -134,6 +134,8 @@ - list = free_wordlistnode(list); - } - -+ word_lists = NULL; -+ - bogohome_cleanup(); - } - -Index: bogofilter/NEWS -=================================================================== ---- bogofilter/NEWS (revision 7034) -+++ bogofilter/NEWS (revision 7035) -@@ -17,6 +17,8 @@ - - 2015-10-10 - -+ * Fix a memory leak in close_wordlists(). -+ - * Fix an out-of-bounds memory read in maint.c's discard_token(). - Found with clang 3.6's address sanitizer. - diff --git a/SPECS/bogofilter.spec b/SPECS/bogofilter.spec index dbe7678..cf53eb2 100644 --- a/SPECS/bogofilter.spec +++ b/SPECS/bogofilter.spec @@ -1,32 +1,12 @@ Summary: Fast anti-spam filtering by Bayesian statistical analysis Name: bogofilter -Version: 1.2.4 -Release: 13%{?dist} +Version: 1.2.5 +Release: 2%{?dist} License: GPLv2 Group: Applications/Internet URL: http://bogofilter.sourceforge.net/ -# Source: http://downloads.sourceforge.net/bogofilter/bogofilter-%{version}.tar.gz -# The above used to be to the Source: line -# but due to bug 912694 which identified three files with license -# problems the following steps are necessary to repack bogofilter -# wget http://downloads.sourceforge.net/bogofilter/bogofilter-1.2.4.tar.gz -# tar xf bogofilter-1.2.4.tar.gz -# rm bogofilter-1.2.4/doc/bogofilter-SA-20[0-1][0,5]-0[1,2] -# tar cf bogofilter-1.2.4.repack.tar.gz bogofilter-1.2.4 -Source: bogofilter-%{version}.repack.tar.gz -# Patches are taken from upstreams SVN: -# svn checkout svn://svn.code.sf.net/p/bogofilter/code/trunk bogofilter-code -# cd bogofilter-code -# svndiff -c 6995 > patch.r6995 -Patch1: patch.r6995 -# patch.r7009 is adapted to apply without a previous patch -Patch2: patch.r7009 -Patch3: patch.r7016 -Patch4: patch.r7023 -Patch5: patch.r7030 -Patch6: patch.r7032 -Patch7: patch.r7034 -Patch8: patch.r7035 +Source: http://downloads.sourceforge.net/bogofilter/bogofilter-%{version}.tar.xz +BuildRequires: gcc BuildRequires: flex libdb-devel gsl-devel BuildRequires: /usr/bin/iconv BuildRequires: perl-generators @@ -55,14 +35,7 @@ main bogofilter package. %prep %setup -q -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 + iconv -f iso-8859-1 -t utf-8 \ doc/bogofilter-faq-fr.html > doc/bogofilter-faq-fr.html.utf8 %{__mv} -f doc/bogofilter-faq-fr.html.utf8 \ @@ -106,6 +79,12 @@ iconv -f iso-8859-1 -t utf-8 \ %exclude %{_mandir}/man1/bogoupgrade* %changelog +* Mon May 18 2020 Milan Crha - 1.2.5-2 +- Bump version to have OSCI/gating tests rerun with updated tests + +* Fri May 15 2020 Milan Crha - 1.2.5-1 +- Resolves: #1836279 (Update to 1.2.5) + * Wed Feb 07 2018 Fedora Release Engineering - 1.2.4-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild