import spamassassin-3.4.2-10.el8
This commit is contained in:
CentOS Sources
parent
3557798404
commit
3cb3a6b8fb
|
|
@ -26,9 +26,6 @@ override the daemon check in /etc/sysconfig/sa-update
|
||||||
All sa-update channels are defined in files contained in this directory.
|
All sa-update channels are defined in files contained in this directory.
|
||||||
See the existing config files as examples for writing your own config file.
|
See the existing config files as examples for writing your own config file.
|
||||||
|
|
||||||
4) SOUGHT Anti-Fraud Rule Channel is Enabled by Default
|
|
||||||
http://wiki.apache.org/spamassassin/SoughtRules
|
|
||||||
|
|
||||||
General Warnings
|
General Warnings
|
||||||
================
|
================
|
||||||
* DO NOT USE SARE or OpenProtect rules. They are old and outdated, and
|
* DO NOT USE SARE or OpenProtect rules. They are old and outdated, and
|
||||||
|
|
|
||||||
|
|
@ -1,47 +0,0 @@
|
||||||
# http://wiki.apache.org/spamassassin/SoughtRules
|
|
||||||
CHANNELURL=sought.rules.yerp.org
|
|
||||||
KEYID=6C6191E3
|
|
||||||
# Ignore everything below.
|
|
||||||
return 0
|
|
||||||
|
|
||||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
|
||||||
Version: GnuPG v1.4.1 (GNU/Linux)
|
|
||||||
|
|
||||||
mQGiBEa/l+YRBACC+uJfIThEoEWrNxdDD/1tAwb5L8v7H3gGt+LtuOwwn5ZU7XsT
|
|
||||||
s1DOok1oZVRnTQJYdlth7QlU9wqijwLEVzW1LDWnxXXKwPmlTlkcdGoBcb+cBbYI
|
|
||||||
miJ/TlAetvbprcZdROS4Ey31GjPRmWPPnVE2Xcwy+e4+RmnhqfZBmOaE7wCgo1GG
|
|
||||||
pkik2OPD1le4LGGOGHL5HiED/0TyvTiSS3NnUtoDFQAPrnezOCjxv8zMjYEnJs/I
|
|
||||||
h7uyIgHRsbB75cD2O1LWyO8Vz8r/snVuG35zcZagPf/7Tc9AJoaxVmCIk9DEmWZp
|
|
||||||
iuvqpMhwHAbNvY3jY2oKsDl1rNx0IIctoJwjXia99kvNTHK/Yz/HqhIyLModhiMB
|
|
||||||
aYYZA/wIdPOHGHaP5vjlbWBwGlRR9m0Rf4ob5sul8MjCyehOYcRVLwfOEfzX308v
|
|
||||||
0enOGnbbBKXU2QvA0Z068aBmJkJaaPhlIjZApQJDsb7pt6k8jMPj/Xpr779wAFQ8
|
|
||||||
IZC7Tw21OtqkjrUb3dZlEljrTwWNc6FVxuIidBBg7HCdP24WKLRESnVzdGluIE1h
|
|
||||||
c29uIFNpZ25pbmcgS2V5IChDb2RlIFNpZ25pbmcgT25seSkgPHNpZ25pbmdrZXlA
|
|
||||||
am1hc29uLm9yZz6IZAQTEQIAJAUCRr+X5gIbAwUJEswDAAYLCQgHAwIDFQIDAxYC
|
|
||||||
AQIeAQIXgAAKCRDchTQfbGGR4/GJAKCC6X6AF8nM+H00b/XeZl9vYihXBgCcDYuU
|
|
||||||
AtXjWWxndkneakmbnD0O4Z25BA0ERr+YdxAQAIYYUQHMzVsRAzpIRLfni0aeczrr
|
|
||||||
armwXMJ8y5p74lVLbJyQOjkQyIJWP80twrN8SjNyUFBr/52SlOPOuAbGZY1ZKpux
|
|
||||||
vkbsug2wWvkoj8xGjnexrSDahRgpNhf/otLRNTyUFZTM6mjZt0ItnYDl6xszY4kd
|
|
||||||
O5rVzjQuivNB4BsHcd8qQ7zVo9+VZ5R77iM4dtk6t5ycpXlAom5pD8qLb7ZzTVe0
|
|
||||||
SuhzOeynF51rwjS+wa3hzZisvJqZA5uJcAyYslgP1UTW+2e5wutSktSZmL/XnlEF
|
|
||||||
p86GPjAgDPL2Q0TgzVL6sPt0blNCyzOJrcBqBHrgZfraYgqtmGepLpk72q4VD23c
|
|
||||||
aV2wTqjnfJAsNR3y8jgVNwF8LpXtlbxrBByFRwEqsc/gzdMEnJ728XBDqT2IhZLY
|
|
||||||
maL/WxiDKNWD/Mae69HTyInIYgrfT7nJKDeKQA81+e5+UmqBVoi5/AICMlDm1DgR
|
|
||||||
gG6bbOXGhLVPh+gHjGG4Jdd/ZLedncUsjW9KyK261sqM3tSDSfgnF99w2/32ToFu
|
|
||||||
ChN8JOfQ6VZ7QbL1BWRtQWZ3tyauUUXmsrYDv1w1nx51MqxQdlitnmTRWaRW0GmD
|
|
||||||
b5XapJfSK+FiGXaynl3HHxHHpcUauX9zBa/LRp8oXiGPLfJEWmjWcGCyGZawASj3
|
|
||||||
pTTJUnbkYs0fUyUXAAQND/42mh8f3mTA+24I3lY4K8mxH9GSFgOkLoYwok8xL5Md
|
|
||||||
OUJAyvs34ixqvM2u560YJkegEO/xzg2abddfoqL8eNnjfvG3bI7KOCT+m+mM/5Cg
|
|
||||||
ul8XFSnHIEivuOXNtc/x/dwYSidKM8atkdpKtv++psd6hVbJQMfLlzf0S2QyiaGk
|
|
||||||
yXur/pM3A97lvkjAgvIKQt8NbJ/sITFlrN2TFxcbE8OED7LC4nBo54TJ1AxVsHlT
|
|
||||||
LB5XPKU8pBv0fABZrNKxf6a2iXx9jT9sSYdnb0y+hBjnoWZUNbhxo6jpAqt1quUy
|
|
||||||
buGWugvG8J75JvT6X+lwEEkg1lplmm+HuaFtegOqTUTKmffKduY+E00le+3Kh8gW
|
|
||||||
bLR8P1qp/xnxQxZJYcQ+mT4QsYpj6Pkcj0ON3NQO5wP6dr2UGhGcSzS2Cxv8TERN
|
|
||||||
7HSdFbFXQWPCekx+i7OjeRSY/XTUf2zYquPNP2oU0MjgnXhnkHq+6EaQPpM59fMd
|
|
||||||
MyLeOiUMOxpPOkeaAC8Ku0Oj2aZU/eyizuBDnhq1PAxBprSW5SSkxP4kz9BnA42x
|
|
||||||
tkMKMzzPohdfMIRI6zSu0chr76w2UeoViSsMtmWnR6qAXbQvzR+HHxhhB/Rzp6Gc
|
|
||||||
u9gybrv58IBkybn5ztST6NqgIgcQ/E7XIsB0Eooohfw+QiPlCdoghSxspbzwqcEZ
|
|
||||||
B4hPBBgRAgAPBQJGv5h3AhsMBQkSzAMAAAoJENyFNB9sYZHjUh0AnA3u5TNYHGLQ
|
|
||||||
DXLPP0qWHkTeOz8dAJ4wkrLBTaXz3CPCjoTdoBiQsNt3fw==
|
|
||||||
=nK43
|
|
||||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
||||||
File diff suppressed because it is too large
Load Diff
|
|
@ -0,0 +1,25 @@
|
||||||
|
diff -urp Mail-SpamAssassin-3.4.2/lib/Mail/SpamAssassin/Message.pm Mail-SpamAssassin-3.4.2.new/lib/Mail/SpamAssassin/Message.pm
|
||||||
|
--- Mail-SpamAssassin-3.4.2/lib/Mail/SpamAssassin/Message.pm 2018-09-14 03:27:51.000000000 +0200
|
||||||
|
+++ Mail-SpamAssassin-3.4.2.new/lib/Mail/SpamAssassin/Message.pm 2020-04-09 15:17:34.300986337 +0200
|
||||||
|
@@ -876,6 +876,7 @@ sub _parse_multipart {
|
||||||
|
my $header;
|
||||||
|
my $part_array;
|
||||||
|
my $found_end_boundary;
|
||||||
|
+ my $partcnt = 0;
|
||||||
|
|
||||||
|
my $line_count = @{$body};
|
||||||
|
foreach ( @{$body} ) {
|
||||||
|
@@ -948,6 +949,13 @@ sub _parse_multipart {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+ # Maximum parts to process
|
||||||
|
+ if (++$partcnt == 1000) {
|
||||||
|
+ dbg("message: mimepart limit exceeded, stopping parsing");
|
||||||
|
+ $self->{'mimepart_limit_exceeded'} = 1;
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
# make sure we start with a new clean node
|
||||||
|
$in_body = 0;
|
||||||
|
$part_msg = Mail::SpamAssassin::Message::Node->new({ normalize=>$self->{normalize} });
|
||||||
|
|
@ -0,0 +1,41 @@
|
||||||
|
diff --git a/lib/Mail/SpamAssassin/Plugin/OneLineBodyRuleType.pm b/lib/Mail/SpamAssassin/Plugin/OneLineBodyRuleType.pm
|
||||||
|
index 2d931ea..7b6244e 100644
|
||||||
|
--- a/lib/Mail/SpamAssassin/Plugin/OneLineBodyRuleType.pm
|
||||||
|
+++ b/lib/Mail/SpamAssassin/Plugin/OneLineBodyRuleType.pm
|
||||||
|
@@ -89,17 +89,19 @@ sub do_one_line_body_tests {
|
||||||
|
loop_body => sub
|
||||||
|
{
|
||||||
|
my ($self, $pms, $conf, $rulename, $pat, %opts) = @_;
|
||||||
|
- $pat = untaint_var($pat);
|
||||||
|
- my $sub;
|
||||||
|
+ my $sub = '
|
||||||
|
+ my ($self, $line) = @_;
|
||||||
|
+ my $qrptr = $self->{main}->{conf}->{test_qrs};
|
||||||
|
+ ';
|
||||||
|
|
||||||
|
if (($conf->{tflags}->{$rulename}||'') =~ /\bmultiple\b/)
|
||||||
|
{
|
||||||
|
# avoid [perl #86784] bug (fixed in 5.13.x), access the arg through ref
|
||||||
|
- $sub = '
|
||||||
|
- my $lref = \$_[1];
|
||||||
|
+ $sub .= '
|
||||||
|
+ my $lref = \$line;
|
||||||
|
pos $$lref = 0;
|
||||||
|
'.$self->hash_line_for_rule($pms, $rulename).'
|
||||||
|
- while ($$lref =~ '.$pat.'g) {
|
||||||
|
+ while ($$lref =~ /$qrptr->{q{'.$rulename.'}}/go) {
|
||||||
|
my $self = $_[0];
|
||||||
|
$self->got_hit(q{'.$rulename.'}, "BODY: ", ruletype => "one_line_body");
|
||||||
|
'. $self->hit_rule_plugin_code($pms, $rulename, "one_line_body",
|
||||||
|
@@ -108,9 +110,9 @@ sub do_one_line_body_tests {
|
||||||
|
';
|
||||||
|
|
||||||
|
} else {
|
||||||
|
- $sub = '
|
||||||
|
+ $sub .= '
|
||||||
|
'.$self->hash_line_for_rule($pms, $rulename).'
|
||||||
|
- if ($_[1] =~ '.$pat.') {
|
||||||
|
+ if ($line =~ /$qrptr->{q{'.$rulename.'}}/o) {
|
||||||
|
my $self = $_[0];
|
||||||
|
$self->got_hit(q{'.$rulename.'}, "BODY: ", ruletype => "one_line_body");
|
||||||
|
'. $self->hit_rule_plugin_code($pms, $rulename, "one_line_body", "return 1") . '
|
||||||
|
|
@ -0,0 +1,44 @@
|
||||||
|
diff -urp Mail-SpamAssassin-3.4.2.old/lib/Mail/SpamAssassin/Conf.pm Mail-SpamAssassin-3.4.2/lib/Mail/SpamAssassin/Conf.pm
|
||||||
|
--- Mail-SpamAssassin-3.4.2.old/lib/Mail/SpamAssassin/Conf.pm 2020-06-15 19:10:21.700917582 +0200
|
||||||
|
+++ Mail-SpamAssassin-3.4.2/lib/Mail/SpamAssassin/Conf.pm 2020-06-15 19:07:59.045897164 +0200
|
||||||
|
@@ -3414,6 +3414,20 @@ internally, and should not be used.
|
||||||
|
setting => 'priority',
|
||||||
|
is_priv => 1,
|
||||||
|
type => $CONF_TYPE_HASH_KEY_VALUE,
|
||||||
|
+ code => sub {
|
||||||
|
+ my ($self, $key, $value, $line) = @_;
|
||||||
|
+ my ($rulename, $priority) = split(/\s+/, $value, 2);
|
||||||
|
+ unless (defined $priority) {
|
||||||
|
+ return $MISSING_REQUIRED_VALUE;
|
||||||
|
+ }
|
||||||
|
+ unless ($rulename =~ IS_RULENAME) {
|
||||||
|
+ return $INVALID_VALUE;
|
||||||
|
+ }
|
||||||
|
+ unless ($priority =~ /^-?\d+$/) {
|
||||||
|
+ return $INVALID_VALUE;
|
||||||
|
+ }
|
||||||
|
+ $self->{priority}->{$rulename} = $priority;
|
||||||
|
+ }
|
||||||
|
});
|
||||||
|
|
||||||
|
=back
|
||||||
|
diff -urp Mail-SpamAssassin-3.4.2.old/lib/Mail/SpamAssassin/Constants.pm Mail-SpamAssassin-3.4.2/lib/Mail/SpamAssassin/Constants.pm
|
||||||
|
--- Mail-SpamAssassin-3.4.2.old/lib/Mail/SpamAssassin/Constants.pm 2020-06-15 19:10:21.701917596 +0200
|
||||||
|
+++ Mail-SpamAssassin-3.4.2/lib/Mail/SpamAssassin/Constants.pm 2020-06-15 19:07:59.045897164 +0200
|
||||||
|
@@ -43,7 +43,7 @@ BEGIN {
|
||||||
|
HARVEST_DNSBL_PRIORITY MBX_SEPARATOR
|
||||||
|
MAX_BODY_LINE_LENGTH MAX_HEADER_KEY_LENGTH MAX_HEADER_VALUE_LENGTH
|
||||||
|
MAX_HEADER_LENGTH ARITH_EXPRESSION_LEXER AI_TIME_UNKNOWN
|
||||||
|
- CHARSETS_LIKELY_TO_FP_AS_CAPS MAX_URI_LENGTH RULENAME_RE
|
||||||
|
+ CHARSETS_LIKELY_TO_FP_AS_CAPS MAX_URI_LENGTH RULENAME_RE IS_RULENAME
|
||||||
|
);
|
||||||
|
|
||||||
|
%EXPORT_TAGS = (
|
||||||
|
@@ -404,5 +404,7 @@ use constant CHARSETS_LIKELY_TO_FP_AS_CA
|
||||||
|
|
||||||
|
# Allowed rulename format
|
||||||
|
use constant RULENAME_RE => qr([_a-zA-Z][_a-zA-Z0-9]{0,127});
|
||||||
|
+# Exact match
|
||||||
|
+use constant IS_RULENAME => qr/^${\(RULENAME_RE)}$/;
|
||||||
|
|
||||||
|
1;
|
||||||
|
|
@ -60,7 +60,7 @@ Summary: Spam filter for email which can be invoked from mail delivery agents
|
||||||
Name: spamassassin
|
Name: spamassassin
|
||||||
Version: 3.4.2
|
Version: 3.4.2
|
||||||
#Release: 0.8.%%{prerev}%%{?dist}
|
#Release: 0.8.%%{prerev}%%{?dist}
|
||||||
Release: 7%{?dist}
|
Release: 10%{?dist}
|
||||||
License: ASL 2.0
|
License: ASL 2.0
|
||||||
Group: Applications/Internet
|
Group: Applications/Internet
|
||||||
URL: https://spamassassin.apache.org/
|
URL: https://spamassassin.apache.org/
|
||||||
|
|
@ -78,7 +78,6 @@ Source8: sa-update.cronscript
|
||||||
Source9: sa-update.force-sysconfig
|
Source9: sa-update.force-sysconfig
|
||||||
Source10: spamassassin-helper.sh
|
Source10: spamassassin-helper.sh
|
||||||
Source11: spamassassin-official.conf
|
Source11: spamassassin-official.conf
|
||||||
Source12: sought.conf
|
|
||||||
Source13: README.RHEL.Fedora
|
Source13: README.RHEL.Fedora
|
||||||
%if %{use_systemd}
|
%if %{use_systemd}
|
||||||
Source14: spamassassin.service
|
Source14: spamassassin.service
|
||||||
|
|
@ -100,6 +99,10 @@ Patch3: 0001-Drop-the-ResourceLimits-plugin.patch
|
||||||
Patch100: spamassassin-3.4.2-fix-use-after-free.patch
|
Patch100: spamassassin-3.4.2-fix-use-after-free.patch
|
||||||
Patch101: spamassassin-3.4.2-fix-file-handle-leaks.patch
|
Patch101: spamassassin-3.4.2-fix-file-handle-leaks.patch
|
||||||
Patch102: spamassassin-3.4.2-fix-rawbody-rules-documentation.patch
|
Patch102: spamassassin-3.4.2-fix-rawbody-rules-documentation.patch
|
||||||
|
Patch103: spamassassin-3.4.2-fix-CVE-2019-12420.patch
|
||||||
|
Patch104: spamassassin-3.4.2-fix-CVE-2018-11805.patch
|
||||||
|
Patch105: spamassassin-3.4.2-fix-CVE-2020-1930.patch
|
||||||
|
Patch106: spamassassin-3.4.2-fix-CVE-2020-1931.patch
|
||||||
|
|
||||||
# end of patches
|
# end of patches
|
||||||
|
|
||||||
|
|
@ -212,6 +215,10 @@ rm -f lib/Mail/SpamAssassin/Plugin/ResourceLimits.pm
|
||||||
%patch100 -p1
|
%patch100 -p1
|
||||||
%patch101 -p1
|
%patch101 -p1
|
||||||
%patch102 -p1
|
%patch102 -p1
|
||||||
|
%patch103 -p1
|
||||||
|
%patch104 -p1
|
||||||
|
%patch105 -p1
|
||||||
|
%patch106 -p1
|
||||||
|
|
||||||
# end of patches
|
# end of patches
|
||||||
|
|
||||||
|
|
@ -295,7 +302,6 @@ mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/spamassassin
|
||||||
mkdir -m 0700 $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/sa-update-keys/
|
mkdir -m 0700 $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/sa-update-keys/
|
||||||
mkdir -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/
|
mkdir -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/
|
||||||
install -m 0644 %{SOURCE11} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/
|
install -m 0644 %{SOURCE11} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/
|
||||||
install -m 0644 %{SOURCE12} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/
|
|
||||||
|
|
||||||
install -m 0644 %{SOURCE13} $RPM_BUILD_DIR/Mail-SpamAssassin-%{version}/
|
install -m 0644 %{SOURCE13} $RPM_BUILD_DIR/Mail-SpamAssassin-%{version}/
|
||||||
%if %{razor_deps}
|
%if %{razor_deps}
|
||||||
|
|
@ -396,6 +402,22 @@ exit 0
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Jun 15 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-10
|
||||||
|
- Fixed CVE-2018-11805
|
||||||
|
- Resolves: rhbz#1787514
|
||||||
|
- Fixed CVE-2020-1930
|
||||||
|
- Resolves: rhbz#1820649
|
||||||
|
- Fixed CVE-2020-1931
|
||||||
|
- Resolves: rhbz#1820650
|
||||||
|
|
||||||
|
* Thu Apr 09 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-9
|
||||||
|
- Fix CVE-2019-12420
|
||||||
|
- Resolves: rhbz#1812977
|
||||||
|
|
||||||
|
* Wed Mar 18 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-8
|
||||||
|
- Removed the obsolete SOUGHT channel for rule updates
|
||||||
|
- Resolves: rhbz#1630362
|
||||||
|
|
||||||
* Tue Oct 01 2019 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-7
|
* Tue Oct 01 2019 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-7
|
||||||
- Fix rawbody rules documentation
|
- Fix rawbody rules documentation
|
||||||
- Resolves: rhbz#1639251
|
- Resolves: rhbz#1639251
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue