import spamassassin-3.4.2-9.el8
This commit is contained in:
CentOS Sources
parent
db036347a2
commit
49916e263d
@ -26,9 +26,6 @@ override the daemon check in /etc/sysconfig/sa-update
|
||||
All sa-update channels are defined in files contained in this directory.
|
||||
See the existing config files as examples for writing your own config file.
|
||||
|
||||
4) SOUGHT Anti-Fraud Rule Channel is Enabled by Default
|
||||
http://wiki.apache.org/spamassassin/SoughtRules
|
||||
|
||||
General Warnings
|
||||
================
|
||||
* DO NOT USE SARE or OpenProtect rules. They are old and outdated, and
|
||||
|
||||
@ -1,47 +0,0 @@
|
||||
# http://wiki.apache.org/spamassassin/SoughtRules
|
||||
CHANNELURL=sought.rules.yerp.org
|
||||
KEYID=6C6191E3
|
||||
# Ignore everything below.
|
||||
return 0
|
||||
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1.4.1 (GNU/Linux)
|
||||
|
||||
mQGiBEa/l+YRBACC+uJfIThEoEWrNxdDD/1tAwb5L8v7H3gGt+LtuOwwn5ZU7XsT
|
||||
s1DOok1oZVRnTQJYdlth7QlU9wqijwLEVzW1LDWnxXXKwPmlTlkcdGoBcb+cBbYI
|
||||
miJ/TlAetvbprcZdROS4Ey31GjPRmWPPnVE2Xcwy+e4+RmnhqfZBmOaE7wCgo1GG
|
||||
pkik2OPD1le4LGGOGHL5HiED/0TyvTiSS3NnUtoDFQAPrnezOCjxv8zMjYEnJs/I
|
||||
h7uyIgHRsbB75cD2O1LWyO8Vz8r/snVuG35zcZagPf/7Tc9AJoaxVmCIk9DEmWZp
|
||||
iuvqpMhwHAbNvY3jY2oKsDl1rNx0IIctoJwjXia99kvNTHK/Yz/HqhIyLModhiMB
|
||||
aYYZA/wIdPOHGHaP5vjlbWBwGlRR9m0Rf4ob5sul8MjCyehOYcRVLwfOEfzX308v
|
||||
0enOGnbbBKXU2QvA0Z068aBmJkJaaPhlIjZApQJDsb7pt6k8jMPj/Xpr779wAFQ8
|
||||
IZC7Tw21OtqkjrUb3dZlEljrTwWNc6FVxuIidBBg7HCdP24WKLRESnVzdGluIE1h
|
||||
c29uIFNpZ25pbmcgS2V5IChDb2RlIFNpZ25pbmcgT25seSkgPHNpZ25pbmdrZXlA
|
||||
am1hc29uLm9yZz6IZAQTEQIAJAUCRr+X5gIbAwUJEswDAAYLCQgHAwIDFQIDAxYC
|
||||
AQIeAQIXgAAKCRDchTQfbGGR4/GJAKCC6X6AF8nM+H00b/XeZl9vYihXBgCcDYuU
|
||||
AtXjWWxndkneakmbnD0O4Z25BA0ERr+YdxAQAIYYUQHMzVsRAzpIRLfni0aeczrr
|
||||
armwXMJ8y5p74lVLbJyQOjkQyIJWP80twrN8SjNyUFBr/52SlOPOuAbGZY1ZKpux
|
||||
vkbsug2wWvkoj8xGjnexrSDahRgpNhf/otLRNTyUFZTM6mjZt0ItnYDl6xszY4kd
|
||||
O5rVzjQuivNB4BsHcd8qQ7zVo9+VZ5R77iM4dtk6t5ycpXlAom5pD8qLb7ZzTVe0
|
||||
SuhzOeynF51rwjS+wa3hzZisvJqZA5uJcAyYslgP1UTW+2e5wutSktSZmL/XnlEF
|
||||
p86GPjAgDPL2Q0TgzVL6sPt0blNCyzOJrcBqBHrgZfraYgqtmGepLpk72q4VD23c
|
||||
aV2wTqjnfJAsNR3y8jgVNwF8LpXtlbxrBByFRwEqsc/gzdMEnJ728XBDqT2IhZLY
|
||||
maL/WxiDKNWD/Mae69HTyInIYgrfT7nJKDeKQA81+e5+UmqBVoi5/AICMlDm1DgR
|
||||
gG6bbOXGhLVPh+gHjGG4Jdd/ZLedncUsjW9KyK261sqM3tSDSfgnF99w2/32ToFu
|
||||
ChN8JOfQ6VZ7QbL1BWRtQWZ3tyauUUXmsrYDv1w1nx51MqxQdlitnmTRWaRW0GmD
|
||||
b5XapJfSK+FiGXaynl3HHxHHpcUauX9zBa/LRp8oXiGPLfJEWmjWcGCyGZawASj3
|
||||
pTTJUnbkYs0fUyUXAAQND/42mh8f3mTA+24I3lY4K8mxH9GSFgOkLoYwok8xL5Md
|
||||
OUJAyvs34ixqvM2u560YJkegEO/xzg2abddfoqL8eNnjfvG3bI7KOCT+m+mM/5Cg
|
||||
ul8XFSnHIEivuOXNtc/x/dwYSidKM8atkdpKtv++psd6hVbJQMfLlzf0S2QyiaGk
|
||||
yXur/pM3A97lvkjAgvIKQt8NbJ/sITFlrN2TFxcbE8OED7LC4nBo54TJ1AxVsHlT
|
||||
LB5XPKU8pBv0fABZrNKxf6a2iXx9jT9sSYdnb0y+hBjnoWZUNbhxo6jpAqt1quUy
|
||||
buGWugvG8J75JvT6X+lwEEkg1lplmm+HuaFtegOqTUTKmffKduY+E00le+3Kh8gW
|
||||
bLR8P1qp/xnxQxZJYcQ+mT4QsYpj6Pkcj0ON3NQO5wP6dr2UGhGcSzS2Cxv8TERN
|
||||
7HSdFbFXQWPCekx+i7OjeRSY/XTUf2zYquPNP2oU0MjgnXhnkHq+6EaQPpM59fMd
|
||||
MyLeOiUMOxpPOkeaAC8Ku0Oj2aZU/eyizuBDnhq1PAxBprSW5SSkxP4kz9BnA42x
|
||||
tkMKMzzPohdfMIRI6zSu0chr76w2UeoViSsMtmWnR6qAXbQvzR+HHxhhB/Rzp6Gc
|
||||
u9gybrv58IBkybn5ztST6NqgIgcQ/E7XIsB0Eooohfw+QiPlCdoghSxspbzwqcEZ
|
||||
B4hPBBgRAgAPBQJGv5h3AhsMBQkSzAMAAAoJENyFNB9sYZHjUh0AnA3u5TNYHGLQ
|
||||
DXLPP0qWHkTeOz8dAJ4wkrLBTaXz3CPCjoTdoBiQsNt3fw==
|
||||
=nK43
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
25
SOURCES/spamassassin-3.4.2-fix-CVE-2019-12420.patch
Normal file
25
SOURCES/spamassassin-3.4.2-fix-CVE-2019-12420.patch
Normal file
@ -0,0 +1,25 @@
|
||||
diff -urp Mail-SpamAssassin-3.4.2/lib/Mail/SpamAssassin/Message.pm Mail-SpamAssassin-3.4.2.new/lib/Mail/SpamAssassin/Message.pm
|
||||
--- Mail-SpamAssassin-3.4.2/lib/Mail/SpamAssassin/Message.pm 2018-09-14 03:27:51.000000000 +0200
|
||||
+++ Mail-SpamAssassin-3.4.2.new/lib/Mail/SpamAssassin/Message.pm 2020-04-09 15:17:34.300986337 +0200
|
||||
@@ -876,6 +876,7 @@ sub _parse_multipart {
|
||||
my $header;
|
||||
my $part_array;
|
||||
my $found_end_boundary;
|
||||
+ my $partcnt = 0;
|
||||
|
||||
my $line_count = @{$body};
|
||||
foreach ( @{$body} ) {
|
||||
@@ -948,6 +949,13 @@ sub _parse_multipart {
|
||||
}
|
||||
}
|
||||
|
||||
+ # Maximum parts to process
|
||||
+ if (++$partcnt == 1000) {
|
||||
+ dbg("message: mimepart limit exceeded, stopping parsing");
|
||||
+ $self->{'mimepart_limit_exceeded'} = 1;
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
# make sure we start with a new clean node
|
||||
$in_body = 0;
|
||||
$part_msg = Mail::SpamAssassin::Message::Node->new({ normalize=>$self->{normalize} });
|
||||
@ -60,7 +60,7 @@ Summary: Spam filter for email which can be invoked from mail delivery agents
|
||||
Name: spamassassin
|
||||
Version: 3.4.2
|
||||
#Release: 0.8.%%{prerev}%%{?dist}
|
||||
Release: 7%{?dist}
|
||||
Release: 9%{?dist}
|
||||
License: ASL 2.0
|
||||
Group: Applications/Internet
|
||||
URL: https://spamassassin.apache.org/
|
||||
@ -78,7 +78,6 @@ Source8: sa-update.cronscript
|
||||
Source9: sa-update.force-sysconfig
|
||||
Source10: spamassassin-helper.sh
|
||||
Source11: spamassassin-official.conf
|
||||
Source12: sought.conf
|
||||
Source13: README.RHEL.Fedora
|
||||
%if %{use_systemd}
|
||||
Source14: spamassassin.service
|
||||
@ -100,6 +99,7 @@ Patch3: 0001-Drop-the-ResourceLimits-plugin.patch
|
||||
Patch100: spamassassin-3.4.2-fix-use-after-free.patch
|
||||
Patch101: spamassassin-3.4.2-fix-file-handle-leaks.patch
|
||||
Patch102: spamassassin-3.4.2-fix-rawbody-rules-documentation.patch
|
||||
Patch103: spamassassin-3.4.2-fix-CVE-2019-12420.patch
|
||||
|
||||
# end of patches
|
||||
|
||||
@ -212,6 +212,7 @@ rm -f lib/Mail/SpamAssassin/Plugin/ResourceLimits.pm
|
||||
%patch100 -p1
|
||||
%patch101 -p1
|
||||
%patch102 -p1
|
||||
%patch103 -p1
|
||||
|
||||
# end of patches
|
||||
|
||||
@ -295,7 +296,6 @@ mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/spamassassin
|
||||
mkdir -m 0700 $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/sa-update-keys/
|
||||
mkdir -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/
|
||||
install -m 0644 %{SOURCE11} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/
|
||||
install -m 0644 %{SOURCE12} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channel.d/
|
||||
|
||||
install -m 0644 %{SOURCE13} $RPM_BUILD_DIR/Mail-SpamAssassin-%{version}/
|
||||
%if %{razor_deps}
|
||||
@ -396,6 +396,14 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Apr 09 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-9
|
||||
- Fix CVE-2019-12420
|
||||
- Resolves: rhbz#1812977
|
||||
|
||||
* Wed Mar 18 2020 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-8
|
||||
- Removed the obsolete SOUGHT channel for rule updates
|
||||
- Resolves: rhbz#1630362
|
||||
|
||||
* Tue Oct 01 2019 Ondřej Lysoněk <olysonek@redhat.com> - 3.4.2-7
|
||||
- Fix rawbody rules documentation
|
||||
- Resolves: rhbz#1639251
|
||||
|
||||
Loading…
Reference in New Issue
Block a user