import spamassassin-3.4.2-10.el8

2020-07-14 01:57:46 +00:00 · 2020-07-14 01:57:46 +00:00 · 069d09ae3c
commit 069d09ae3c
parent 49916e263d
4 changed files with 2981 additions and 1 deletions
--- a/SOURCES/spamassassin-3.4.2-fix-CVE-2018-11805.patch
+++ b/SOURCES/spamassassin-3.4.2-fix-CVE-2018-11805.patch
--- a/SOURCES/spamassassin-3.4.2-fix-CVE-2020-1930.patch
+++ b/SOURCES/spamassassin-3.4.2-fix-CVE-2020-1930.patch
@ -0,0 +1,41 @@
+diff --git a/lib/Mail/SpamAssassin/Plugin/OneLineBodyRuleType.pm b/lib/Mail/SpamAssassin/Plugin/OneLineBodyRuleType.pm
+index 2d931ea..7b6244e 100644
+--- a/lib/Mail/SpamAssassin/Plugin/OneLineBodyRuleType.pm
+++ b/lib/Mail/SpamAssassin/Plugin/OneLineBodyRuleType.pm
+@@ -89,17 +89,19 @@ sub do_one_line_body_tests {
+     loop_body => sub
+   {
+     my ($self, $pms, $conf, $rulename, $pat, %opts) = @_;
+-    $pat = untaint_var($pat);
+-    my $sub;
+    my $sub = '
+      my ($self, $line) = @_;
+      my $qrptr = $self->{main}->{conf}->{test_qrs};
+    ';
+ 
+     if (($conf->{tflags}->{$rulename}||'') =~ /\bmultiple\b/)
+     {
+       # avoid [perl #86784] bug (fixed in 5.13.x), access the arg through ref
+-      $sub = '
+-      my $lref = \$_[1];
+      $sub .= '
+      my $lref = \$line;
+       pos $$lref = 0;
+       '.$self->hash_line_for_rule($pms, $rulename).'
+-      while ($$lref =~ '.$pat.'g) {
+      while ($$lref =~ /$qrptr->{q{'.$rulename.'}}/go) {
+         my $self = $_[0];
+         $self->got_hit(q{'.$rulename.'}, "BODY: ", ruletype => "one_line_body");
+         '. $self->hit_rule_plugin_code($pms, $rulename, "one_line_body",
+@@ -108,9 +110,9 @@ sub do_one_line_body_tests {
+       ';
+ 
+     } else {
+-      $sub = '
+      $sub .= '
+       '.$self->hash_line_for_rule($pms, $rulename).'
+-      if ($_[1] =~ '.$pat.') {
+      if ($line =~ /$qrptr->{q{'.$rulename.'}}/o) {
+         my $self = $_[0];
+         $self->got_hit(q{'.$rulename.'}, "BODY: ", ruletype => "one_line_body");
+         '. $self->hit_rule_plugin_code($pms, $rulename, "one_line_body", "return 1") . '
--- a/SOURCES/spamassassin-3.4.2-fix-CVE-2020-1931.patch
+++ b/SOURCES/spamassassin-3.4.2-fix-CVE-2020-1931.patch
@ -0,0 +1,44 @@
+diff -urp Mail-SpamAssassin-3.4.2.old/lib/Mail/SpamAssassin/Conf.pm Mail-SpamAssassin-3.4.2/lib/Mail/SpamAssassin/Conf.pm
+--- Mail-SpamAssassin-3.4.2.old/lib/Mail/SpamAssassin/Conf.pm	2020-06-15 19:10:21.700917582 +0200
+++ Mail-SpamAssassin-3.4.2/lib/Mail/SpamAssassin/Conf.pm	2020-06-15 19:07:59.045897164 +0200
+@@ -3414,6 +3414,20 @@ internally, and should not be used.
+     setting => 'priority',
+     is_priv => 1,
+     type => $CONF_TYPE_HASH_KEY_VALUE,
+    code => sub {
+      my ($self, $key, $value, $line) = @_;
+      my ($rulename, $priority) = split(/\s+/, $value, 2);
+      unless (defined $priority) {
+        return $MISSING_REQUIRED_VALUE;
+      }
+      unless ($rulename =~ IS_RULENAME) {
+        return $INVALID_VALUE;
+      }
+      unless ($priority =~ /^-?\d+$/) {
+        return $INVALID_VALUE;
+      }
+      $self->{priority}->{$rulename} = $priority;
+    }
+   });
+ 
+ =back
+diff -urp Mail-SpamAssassin-3.4.2.old/lib/Mail/SpamAssassin/Constants.pm Mail-SpamAssassin-3.4.2/lib/Mail/SpamAssassin/Constants.pm
+--- Mail-SpamAssassin-3.4.2.old/lib/Mail/SpamAssassin/Constants.pm	2020-06-15 19:10:21.701917596 +0200
+++ Mail-SpamAssassin-3.4.2/lib/Mail/SpamAssassin/Constants.pm	2020-06-15 19:07:59.045897164 +0200
+@@ -43,7 +43,7 @@ BEGIN {
+ 	HARVEST_DNSBL_PRIORITY MBX_SEPARATOR
+ 	MAX_BODY_LINE_LENGTH MAX_HEADER_KEY_LENGTH MAX_HEADER_VALUE_LENGTH
+ 	MAX_HEADER_LENGTH ARITH_EXPRESSION_LEXER AI_TIME_UNKNOWN
+-	CHARSETS_LIKELY_TO_FP_AS_CAPS MAX_URI_LENGTH RULENAME_RE
+	CHARSETS_LIKELY_TO_FP_AS_CAPS MAX_URI_LENGTH RULENAME_RE IS_RULENAME
+   );
+ 
+   %EXPORT_TAGS = (
+@@ -404,5 +404,7 @@ use constant CHARSETS_LIKELY_TO_FP_AS_CA
+ 
+ # Allowed rulename format
+ use constant RULENAME_RE => qr([_a-zA-Z][_a-zA-Z0-9]{0,127});
+# Exact match
+use constant IS_RULENAME => qr/^${\(RULENAME_RE)}$/;
+ 
+ 1;
--- a/SPECS/spamassassin.spec
+++ b/SPECS/spamassassin.spec
@ -60,7 +60,7 @@ Summary: Spam filter for email which can be invoked from mail delivery agents
 Name: spamassassin
 Version: 3.4.2
 #Release: 0.8.%%{prerev}%%{?dist}
-Release: 9%{?dist}
+Release: 10%{?dist}
 License: ASL 2.0
 Group: Applications/Internet
 URL: https://spamassassin.apache.org/
@ -100,6 +100,9 @@ Patch100: spamassassin-3.4.2-fix-use-after-free.patch
 Patch101: spamassassin-3.4.2-fix-file-handle-leaks.patch
 Patch102: spamassassin-3.4.2-fix-rawbody-rules-documentation.patch
 Patch103: spamassassin-3.4.2-fix-CVE-2019-12420.patch
+Patch104: spamassassin-3.4.2-fix-CVE-2018-11805.patch
+Patch105: spamassassin-3.4.2-fix-CVE-2020-1930.patch
+Patch106: spamassassin-3.4.2-fix-CVE-2020-1931.patch

 # end of patches

@ -213,6 +216,9 @@ rm -f lib/Mail/SpamAssassin/Plugin/ResourceLimits.pm
 %patch101 -p1
 %patch102 -p1
 %patch103 -p1
+%patch104 -p1
+%patch105 -p1
+%patch106 -p1

 # end of patches

@ -396,6 +402,14 @@ exit 0
 %endif

 %changelog
+* Mon Jun 15 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-10
+- Fixed CVE-2018-11805
+- Resolves: rhbz#1787514
+- Fixed CVE-2020-1930
+- Resolves: rhbz#1820649
+- Fixed CVE-2020-1931
+- Resolves: rhbz#1820650
+
 * Thu Apr 09 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-9
 - Fix CVE-2019-12420
 - Resolves: rhbz#1812977