diff --git a/CRYPTO_malloc.patch b/CRYPTO_malloc.patch deleted file mode 100644 index 2872257..0000000 --- a/CRYPTO_malloc.patch +++ /dev/null @@ -1,84 +0,0 @@ -diff -Nur Mail-SpamAssassin-3.4.1.orig/spamc/configure Mail-SpamAssassin-3.4.1/spamc/configure ---- Mail-SpamAssassin-3.4.1.orig/spamc/configure 2015-04-28 13:56:59.000000000 -0600 -+++ Mail-SpamAssassin-3.4.1/spamc/configure 2016-11-06 14:36:54.722342568 -0700 -@@ -3666,9 +3666,9 @@ - SSLLIBS="" - SSLCFLAGS="" - if test yes = "$sa_ssl_enabled"; then -- echo "$as_me:$LINENO: checking for CRYPTO_lock in -lcrypto" >&5 --echo $ECHO_N "checking for CRYPTO_lock in -lcrypto... $ECHO_C" >&6 --if test "${ac_cv_lib_crypto_CRYPTO_lock+set}" = set; then -+ echo "$as_me:$LINENO: checking for CRYPTO_malloc in -lcrypto" >&5 -+echo $ECHO_N "checking for CRYPTO_malloc in -lcrypto... $ECHO_C" >&6 -+if test "${ac_cv_lib_crypto_CRYPTO_malloc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 - else - ac_check_lib_save_LIBS=$LIBS -@@ -3686,11 +3686,11 @@ - #endif - /* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ --char CRYPTO_lock (); -+char CRYPTO_malloc (); - int - main () - { --CRYPTO_lock (); -+CRYPTO_malloc (); - ; - return 0; - } -@@ -3716,20 +3716,20 @@ - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then -- ac_cv_lib_crypto_CRYPTO_lock=yes -+ ac_cv_lib_crypto_CRYPTO_malloc=yes - else - echo "$as_me: failed program was:" >&5 - sed 's/^/| /' conftest.$ac_ext >&5 - --ac_cv_lib_crypto_CRYPTO_lock=no -+ac_cv_lib_crypto_CRYPTO_malloc=no - fi - rm -f conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - LIBS=$ac_check_lib_save_LIBS - fi --echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_CRYPTO_lock" >&5 --echo "${ECHO_T}$ac_cv_lib_crypto_CRYPTO_lock" >&6 --if test $ac_cv_lib_crypto_CRYPTO_lock = yes; then -+echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_CRYPTO_malloc" >&5 -+echo "${ECHO_T}$ac_cv_lib_crypto_CRYPTO_malloc" >&6 -+if test $ac_cv_lib_crypto_CRYPTO_malloc = yes; then - SSLLIBS="-lcrypto $SSLLIBS" - fi - -@@ -3804,7 +3804,7 @@ - # before defining SPAMC_SSL check that all its requirements are - # actually available - if test yes = "$ac_cv_header_openssl_crypto_h" && \ -- test yes = "$ac_cv_lib_crypto_CRYPTO_lock" && \ -+ test yes = "$ac_cv_lib_crypto_CRYPTO_malloc" && \ - test yes = "$ac_cv_lib_ssl_SSL_CTX_free"; then - SSLCFLAGS="-DSPAMC_SSL" - else -diff -Nur Mail-SpamAssassin-3.4.1.orig/spamc/configure.in Mail-SpamAssassin-3.4.1/spamc/configure.in ---- Mail-SpamAssassin-3.4.1.orig/spamc/configure.in 2015-04-28 13:56:59.000000000 -0600 -+++ Mail-SpamAssassin-3.4.1/spamc/configure.in 2016-11-06 14:36:54.724342587 -0700 -@@ -64,13 +64,13 @@ - SSLLIBS="" - SSLCFLAGS="" - if test yes = "$sa_ssl_enabled"; then -- AC_CHECK_LIB(crypto, CRYPTO_lock,[SSLLIBS="-lcrypto $SSLLIBS"]) -+ AC_CHECK_LIB(crypto, CRYPTO_malloc,[SSLLIBS="-lcrypto $SSLLIBS"]) - AC_CHECK_LIB(ssl, SSL_CTX_free,[SSLLIBS="-lssl $SSLLIBS"],,-lcrypto) - - # before defining SPAMC_SSL check that all its requirements are - # actually available - if test yes = "$ac_cv_header_openssl_crypto_h" && \ -- test yes = "$ac_cv_lib_crypto_CRYPTO_lock" && \ -+ test yes = "$ac_cv_lib_crypto_CRYPTO_malloc" && \ - test yes = "$ac_cv_lib_ssl_SSL_CTX_free"; then - SSLCFLAGS="-DSPAMC_SSL" - else diff --git a/sources b/sources index c8117f2..15c5e18 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -0db5d27d7b782ff5eadee12b95eae84c Mail-SpamAssassin-3.4.1.tar.bz2 -4a1cbafbee2d0ae8c4f2f9ac05b4b3aa Mail-SpamAssassin-rules-3.4.1.r1675274.tgz +SHA512 (Mail-SpamAssassin-3.4.2.tar.bz2) = fe3d9d1d7b9fed3063549afd071066729f1f4d998be91ded1e5afc29bb37c7a298dc5f8f99a282b75435d317b5b5072a81393134ccfe059a73d953e26a9c3885 +SHA512 (Mail-SpamAssassin-rules-3.4.2.r1840640.tgz) = 38b5f4dc6e6776937e787123c265ecd9a0a2f60aca1b57d6ed4a8f78cf81550478eddd0829b1255e9e8ce64421e06cc13ae82f1a597e893b65f0d07ba8c53a7f diff --git a/spamassassin-3.4.1-dns-warnings.patch b/spamassassin-3.4.1-dns-warnings.patch deleted file mode 100644 index 69ca539..0000000 --- a/spamassassin-3.4.1-dns-warnings.patch +++ /dev/null @@ -1,28 +0,0 @@ -diff -Nur Mail-SpamAssassin-3.4.1.orig/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm Mail-SpamAssassin-3.4.1/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm ---- Mail-SpamAssassin-3.4.1.orig/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm 2015-04-28 12:56:47.000000000 -0700 -+++ Mail-SpamAssassin-3.4.1/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm 2017-10-23 16:02:04.798386891 -0700 -@@ -942,9 +942,8 @@ - next unless (defined($str) && defined($dom)); - dbg("uridnsbl: got($j) NS for $dom: $str"); - -- if ($str =~ /IN\s+NS\s+(\S+)/) { -- my $nsmatch = lc $1; -- $nsmatch =~ s/\.$//; -+ if ($rr->type eq 'NS') { -+ my $nsmatch = lc $rr->nsdname; # available since at least Net::DNS 0.14 - my $nsrhblstr = $nsmatch; - my $fullnsrhblstr = $nsmatch; - -@@ -1025,9 +1024,9 @@ - } - dbg("uridnsbl: complete_a_lookup got(%d) A for %s: %s", $j,$hname,$str); - -- local $1; -- if ($str =~ /IN\s+A\s+(\S+)/) { -- $self->lookup_dnsbl_for_ip($pms, $ent->{obj}, $1); -+ if ($rr->type eq 'A') { -+ my $ip_address = $rr->rdatastr; -+ $self->lookup_dnsbl_for_ip($pms, $ent->{obj}, $ip_address); - } - } - } diff --git a/spamassassin-3.4.1-netdns.patch b/spamassassin-3.4.1-netdns.patch deleted file mode 100644 index 8a37352..0000000 --- a/spamassassin-3.4.1-netdns.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Nur Mail-SpamAssassin-3.4.1.orig/lib/Mail/SpamAssassin/DnsResolver.pm Mail-SpamAssassin-3.4.1/lib/Mail/SpamAssassin/DnsResolver.pm ---- Mail-SpamAssassin-3.4.1.orig/lib/Mail/SpamAssassin/DnsResolver.pm 2015-04-28 13:56:49.000000000 -0600 -+++ Mail-SpamAssassin-3.4.1/lib/Mail/SpamAssassin/DnsResolver.pm 2016-06-11 13:55:15.380517343 -0600 -@@ -592,6 +592,8 @@ - }; - - if ($packet) { -+ # RD flag needs to be set explicitly since Net::DNS 1.01, Bug 7223 -+ $packet->header->rd(1); - # my $udp_payload_size = $self->{res}->udppacketsize; - my $udp_payload_size = $self->{conf}->{dns_options}->{edns}; - if ($udp_payload_size && $udp_payload_size > 512) { diff --git a/spamassassin-3.4.1-pname-remove-space.patch b/spamassassin-3.4.1-pname-remove-space.patch deleted file mode 100644 index 0849e10..0000000 --- a/spamassassin-3.4.1-pname-remove-space.patch +++ /dev/null @@ -1,19 +0,0 @@ -commit f6bbb55c24888e97a59bc762f9dab8ec4627d933 -Author: Tomas Korbar -Date: Mon Jul 9 15:58:16 2018 +0200 - - Fix https://bugzilla.redhat.com/show_bug.cgi?id=950627 - -diff --git a/spamd/spamd.raw b/spamd/spamd.raw -index 821f658..b9104bb 100755 ---- a/spamd/spamd.raw -+++ b/spamd/spamd.raw -@@ -2958,8 +2958,6 @@ sub serverstarted { - } - - sub daemonize { -- # Pretty command line in ps -- $0 = join (' ', $ORIG_ARG0, @ORIG_ARGV) unless would_log("dbg"); - - # be a nice daemon and chdir to the root so we don't block any - # unmount attempts diff --git a/spamassassin-3.4.1-salearn.patch b/spamassassin-3.4.1-salearn.patch deleted file mode 100644 index 016fca4..0000000 --- a/spamassassin-3.4.1-salearn.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -Nur Mail-SpamAssassin-3.4.1.orig/lib/Mail/SpamAssassin/PerMsgStatus.pm Mail-SpamAssassin-3.4.1/lib/Mail/SpamAssassin/PerMsgStatus.pm ---- Mail-SpamAssassin-3.4.1.orig/lib/Mail/SpamAssassin/PerMsgStatus.pm 2015-04-28 12:56:49.000000000 -0700 -+++ Mail-SpamAssassin-3.4.1/lib/Mail/SpamAssassin/PerMsgStatus.pm 2017-10-23 16:05:06.703069400 -0700 -@@ -914,16 +914,16 @@ - $str .= shift @{$ary}; - } - undef $ary; -- chomp ($str); $str .= " [...]\n"; - - # in case the last line was huge, trim it back to around 200 chars - local $1; -- $str =~ s/^(.{,200}).*$/$1/gs; -+ $str =~ s/^(.{200}).+$/$1 [...]/gm; -+ chomp ($str); $str .= "\n"; - - # now, some tidy-ups that make things look a bit prettier -- $str =~ s/-----Original Message-----.*$//gs; -+ $str =~ s/-----Original Message-----.*$//gm; - $str =~ s/This is a multi-part message in MIME format\.//gs; -- $str =~ s/[-_\*\.]{10,}//gs; -+ $str =~ s/[-_*.]{10,}//gs; - $str =~ s/\s+/ /gs; - - # add "Content preview:" ourselves, so that the text aligns diff --git a/spamassassin.spec b/spamassassin.spec index cb9818c..494a399 100644 --- a/spamassassin.spec +++ b/spamassassin.spec @@ -64,20 +64,20 @@ %{!?perl_vendorlib: %define perl_vendorlib %(eval "`%{__perl} -V:installvendorlib`"; echo $installvendorlib)} %global saversion 3.004001 -#%global prerev rc2 +#%%global prerev rc2 Summary: Spam filter for email which can be invoked from mail delivery agents Name: spamassassin -Version: 3.4.1 -#Release: 0.8.%{prerev}%{?dist} -Release: 25%{?dist} +Version: 3.4.2 +#Release: 0.8.%%{prerev}%%{?dist} +Release: 1%{?dist} License: ASL 2.0 Group: Applications/Internet -URL: http://spamassassin.apache.org/ -Source0: http://www.apache.org/dist/%{name}/source/%{real_name}-%{version}.tar.bz2 -#Source0: %{real_name}-%{version}-%{prerev}.tar.bz2 -Source1: http://www.apache.org/dist/%{name}/source/%{real_name}-rules-%{version}.r1675274.tgz -#Source1: %{real_name}-rules-%{version}.%{prerev}.tgz +URL: https://spamassassin.apache.org/ +Source0: https://www.apache.org/dist/%{name}/source/%{real_name}-%{version}.tar.bz2 +#Source0: %%{real_name}-%%{version}-%%{prerev}.tar.bz2 +Source1: https://www.apache.org/dist/%{name}/source/%{real_name}-rules-%{version}.r1840640.tgz +#Source1: %%{real_name}-rules-%%{version}.%%{prerev}.tgz Source2: redhat_local.cf Source3: spamassassin-default.rc Source4: spamassassin-spamc.rc @@ -102,20 +102,8 @@ Source17: sa-update.timer # Switch to using gnupg2 instead of gnupg1 Patch0: spamassassin-3.3.2-gnupg2.patch Patch1: spamassassin-3.4.1-add-logfile-homedir-options.patch -Patch2: spamassassin-3.4.1-pname-remove-space.patch # Patches 100+ are SVN backports (DO NOT REUSE!) -Patch100: spamassassin-3.4.1-netdns.patch -# Openssl 1.1.x support -# https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7361 -Patch101: CRYPTO_malloc.patch -Patch102: spamassassin-3.4.1-Fix-building-on-Perl-without-dot-in-INC.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=1364932 -# https://svn.apache.org/viewvc/spamassassin/branches/3.4/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm?r1=1676616&r2=1694126&pathrev=1694126&view=patch -Patch103: spamassassin-3.4.1-dns-warnings.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=1505317 -# https://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm?r1=1791010&r2=1791009&pathrev=1791010&view=patch -Patch104: spamassassin-3.4.1-salearn.patch - +#Patch102: spamassassin-3.4.1-Fix-building-on-Perl-without-dot-in-INC.patch # end of patches Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) %if %{use_systemd} == 0 @@ -204,13 +192,7 @@ To filter spam for all users, add that line to /etc/procmailrc # Patches 0-99 are RH specific %patch0 -p1 %patch1 -p1 -%patch2 -p1 # Patches 100+ are SVN backports (DO NOT REUSE!) -%patch100 -p1 -%patch101 -p1 -%patch102 -p1 -%patch103 -p1 -%patch104 -p1 # end of patches echo "RHEL=%{rhel} FEDORA=%{fedora}" @@ -274,8 +256,6 @@ find $RPM_BUILD_ROOT -type d -depth -exec rmdir {} 2>/dev/null ';' cd $RPM_BUILD_ROOT%{_datadir}/spamassassin/ tar xfvz %{SOURCE1} sed -i -e 's|\@\@VERSION\@\@|%{saversion}|' *.cf -# Disable AHBL score as they no longer exist. See https://bugzilla.redhat.com/show_bug.cgi?id=1180338 -sed -i -e 's|score DNS_FROM_AHBL_RHSBL 0 2.438 0 2.699 # n=0 n=2||' 50_scores.cf cd - find $RPM_BUILD_ROOT/usr -type f -print | @@ -393,6 +373,10 @@ exit 0 %endif %changelog +* Sun Sep 16 2018 Kevin Fenzi - 3.4.2-1 +- Update to 3.4.2 +- Fixes: CVE-2017-15705, CVE-2016-1238, CVE-2018-11780 & CVE-2018-11781 + * Mon Jul 23 2018 Jaroslav Škarvada - 3.4.1-25 - perl-Razor-Agent and perl-Net-Patricia not used on RHEL