Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
spamassassin.11888
spamassassin.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File spamassassin.changes of Package spamassassin.11888
------------------------------------------------------------------- Thu Jul 11 12:24:02 UTC 2019 - Peter Varkoly <varkoly@suse.com> - (CVE-2017-15705) VUL-0: CVE-2017-15705 spamassassin: Certain unclosed tags in crafted emails allow for scan timeouts and resulting denial of service (bsc#1108745) - (CVE-2018-11781) VUL-0: CVE-2018-11781: spamassassin: Local user code injection in the meta rule syntax (bsc#1108748) - (CVE-2018-11780) VUL-0: CVE-2018-11780: spamassassin: Potential remote code execution vulnerability in PDFInfo plugin (bsc#1108750) - update spamassassin to 3.4.2 * There are four new plugins (disabled by default) HashBL - interface to The Email Blocklist (EBL) ResourceLimits - assure your spamd child processes do not exceed specified CPU or memory limit FromNameSpoof - detection of the From:name field being used to mislead Phishing - finds uris used in phishing campaigns detected by OpenPhish (https://openphish.com) or PhishTank (https://phishtank.com) feeds * For security reasons SSLv3 support has been removed from spamc(1). * Four CVE security bug fixes are included in this release for PDFInfo.pm and the SA core: CVE-2017-15705, CVE-2016-1238, CVE-2018-11780 & CVE-2018-11781. * In sa-update script, optional support for SHA-256 / SHA-512 in addition to or instead of SHA1 has been added for better validation of rules. * GeoIP2 support has been added to RelayCountry and URILocalBL plugins due to GeoIP legacy API deprecations. * several new or enhanced configuration options - update spampd to 2.51 * Replace IO::Socket::INET with IO::Socket::IP for IPv6 support * Unix ports (ability to listen on UNIX sockets) * Add X-Envelope-* headers before Received * Add /usr/local/bin and /usr/local/sbin to PATH * Add --setsid option to start server with setsid if running in background - Removed patches (are now in upstream): * 0001-bug-7361-Allow-building-against-OpenSSL-1.1.0.patch * 0001-Fix-bug-7367-Don-t-assume-cwd-.-is-in-INC-it-may-be-.patch * DNS-resolver-recursion-desired-not-set.patch * spamassassin-dont_use_SSLv3_methods.patch * spampd-2.42_git_20170226.patch * Unescaped_left_brace_in_regex_is_deprecated.patch * new plugins (disabled by default) TxRep -substantially improved replacement of AWL plugin PDFInfo - help detecting spam with attached PDF files URILocalBL - new rule test types for URIs in html message parts * several new or enhanced configuration options, e.g.: normalize_charset - reimplemented, see Mail::SpamAssassin::Conf bayes_token_sources - more control on sources of tokens for Bayes plugin * internal change, probably only affecting 3rd party plugins: Util::RegistrarBoundaries is being replaced by RegistryBoundaries * rule updates, improvements, optimizations, bug fixes - patch-utf8 removed, cf. bz.apache.org/SpamAssassin/show_bug.cgi?id=7133 ------------------------------------------------------------------- Fri Aug 1 20:00:21 UTC 2014 - varkoly@suse.com - bnc#889004 - Package 'spamassassin' contains 'SuSE' spelling in a filename and/or SPEC file ------------------------------------------------------------------- Tue Jul 8 00:45:50 CEST 2014 - ro@suse.de - make init scripts executable to fix build ------------------------------------------------------------------- Thu Feb 13 16:34:51 UTC 2014 - varkoly@suse.com - 862963 - spamassassin 3.3.2 and Perl 5.18.0: Altering hash requires restarting loop else UNDEFINED behavior. - Update to 3.4.0 - INCOMPATIBLE CHANGES o DNS queries generated by SpamAssassin now enable option EDNS0 in query packets and specify a buffer size of 4096 bytes by default. o A default setting for option 'dns_available' was changed from 'test' to 'yes' (bug 6770, bug 6769), so SpamAssassin now assumes by default that it is running on a host with an internet connection and a working DNS resolver. - BUG FIXES o The sa-update program now avoids repeatedly downloading same rules if subsequent unpacking of rules and updating fails. Documented in bug 6655. o Several incompatibilities with newer versions of a perl module Net::DNS as used by sa-update and by the SpamAssassin library were fixed. o A perl module Razor agent clobbers entropy of a random number generator by re-initializing the generator on every call. The SpamAssassin Razor plugin now provides a workaround, preserving entropy across calls to Razor2 agent. - NEW FEATURES o Redis database backend for a Bayes database o Improved support for IPv6 o New command-line options: --listen (or -i), spamd Can be specified multiple times and allows spamd to accept requests over multiple INET (IPv4) or INET6 (IPv6) or UNIX sockets. -X (or --unavailable-tempfail), spamc Allows return EX_TEMPFAIL instead of EX_UNAVAILABLE when using option -x. -4 and -6 were added to programs spamassassin, spamd, spamc, and sa-update. -v or --verbose, sa-update Can now take multiple -v or --verbose options to increase verbosity. --max-size, sa-learn o New configuration options - Plugin/URIDNSBL: new tflags options 'a' and 'ns' were introduced. They are documented in the Mail::SpamAssassin::Plugin::URIDNSBL POD or man page. - Plugin/AutoLearnThreshold: new option autolearn_force was added. It is documented in the Mail::SpamAssassin::Plugin::AutoLearnThreshold POD or man page. - Plugin/ASN: new options asn_prefix and clear_asn_lookups were added. They are documented in Mail::SpamAssassin::Plugin::ASN POD or man page. - ArchiveIterator has new options opt_max_size and opt_from_regex. They are documented in Mail::SpamAssassin::ArchiveIterator POD or man page. - A new tag (macro) _RULESVERSION_ was added. It expands to a comma-separated list of rules versions, retrieved from an '# UPDATE version' comment in rules files and can be used in an 'add_header' configuration setting. The following new options, as implemented by various plugins or by other modules, are all documented in the Mail::SpamAssassin::Conf POD or man page: - Plugin/WLBLEval: new configuration options were added: enlist_uri_host, delist_uri_host, with shorthands blacklist_uri_host and whitelist_uri_host and an associated eval rule check_uri_host_listed. - Configuration options dns_query_restriction (allow|deny) and clear_dns_query_restriction were added (bug 6884). - A 'dns_options' setting accepts new sub-options 'dns0x20' and 'edns'. - Added option 'dns_server' which specifies an IP address of a recursive DNS server (i.e. DNS resolver) and optionally its port number. - Added options dns_local_ports_permit, dns_local_ports_avoid and dns_local_ports_none to control source port local ranges available to DNS queries - Added the following sub-options to the tflags setting: autolearn_force, maxhits=N, ips_only, domains_only, a, ns. - The option whitelist_from_rcvd can now take an IP address as its second argument (instead of a domain name), which can be useful for whitelisting a sending mailer which has no reverse DNS mapping. o New plugins A new plugin AskDNS was introduced. ------------------------------------------------------------------- Fri Jan 31 07:33:20 UTC 2014 - opensuse@dstoecker.de - set default homedir to override invalid default in spampd file ------------------------------------------------------------------- Sun Dec 8 10:03:12 UTC 2013 - opensuse@dstoecker.de - update spampd to version 2.42 (GIT version) ------------------------------------------------------------------- Thu May 30 00:36:59 UTC 2013 - crrodriguez@opensuse.org - Do not use syslog.target or Requires in systemd units. ------------------------------------------------------------------- Sat May 25 08:48:04 UTC 2013 - opensuse@dstoecker.de - increase maximum message size from 250 to 512 KB for spampd, as SPAM message size increased a lot ------------------------------------------------------------------- Wed Mar 27 14:24:38 UTC 2013 - stefan.jakobs@rus.uni-stuttgart.de - remove 'BuildRequires: perl-macros' from spec file, because perl included in openSUSE > 1210 deprecates perl-macros which causes a build failure. ------------------------------------------------------------------- Mon Feb 25 07:00:52 UTC 2013 - mlin@suse.com - Install spamd.service and spampd.service accordingly (/usr/lib/systemd for 12.3 and up or /lib/systemd for older versions). ------------------------------------------------------------------- Wed Sep 26 13:37:00 UTC 2012 - stefan.jakobs@rus.uni-stuttgart.de - replace iXhash with the inofficial, but recommended, version iXhash2 ------------------------------------------------------------------- Wed Jul 11 07:47:47 UTC 2012 - varkoly@suse.com - 768582 - suse.cron-sa-update should allow to restart spamd after a successful run of sa-update ------------------------------------------------------------------- Tue Jul 3 09:57:18 UTC 2012 - varkoly@suse.com - killproc can not stop spamd ------------------------------------------------------------------- Tue Jun 26 08:54:29 UTC 2012 - varkoly@suse.com - Add systemd service files for spamd and spampd bnc#768581 - rcspamd stop doesn't terminate spamd ------------------------------------------------------------------- Tue Dec 20 09:03:09 UTC 2011 - varkoly@suse.com - bnc#737637 - IPv6 support in spamassassin not functional ------------------------------------------------------------------- Thu Oct 6 14:27:12 UTC 2011 - varkoly@suse.com - bnc#720220 - spampd, installed by pkg:spamassassin, FAILs to launch, uses non-existent/un-installed 'user' ------------------------------------------------------------------- Fri Sep 16 17:41:59 UTC 2011 - coolo@suse.com - fix perl requires ------------------------------------------------------------------- Fri Jun 24 18:00:29 CEST 2011 - dmueller@suse.de - update to 3.3.2: * various fixes, fix support with perl 5.12 - remove upstreamed patches ------------------------------------------------------------------- Wed Apr 20 09:38:34 UTC 2011 - varkoly@novell.com - Fix the sa-update cronjob ------------------------------------------------------------------- Sun Apr 10 09:40:55 UTC 2011 - varkoly@novell.com - bnc#676667 - sa-update cronjob should allow amavisd restart ------------------------------------------------------------------- Wed Dec 1 13:36:28 UTC 2010 - coolo@novell.com - switch to perl_requires macro ------------------------------------------------------------------- Fri Nov 12 06:09:15 UTC 2010 - varkoly@novell.com - bnc#650645 - Spamassassin Bug 6392 ------------------------------------------------------------------- Wed Oct 13 22:37:42 UTC 2010 - chris@computersalat.de - fix build o mkdir /etc/cron.daily -> {__install} -d $RPM_BUILD_ROOT/etc/cron.daily/ o removed from filelist dir /etc/cron.daily/ (provided by filesystem) ------------------------------------------------------------------- Fri Oct 8 17:48:15 UTC 2010 - varkoly@novell.com - Add script to call sa-update ------------------------------------------------------------------- Wed Oct 6 07:55:27 UTC 2010 - opensuse@dstoecker.de - add missing requires for spampd ------------------------------------------------------------------- Thu Jun 24 09:24:04 UTC 2010 - varkoly@novell.com - Update the rules - Fix the spec file - bnc#582111 - Spamassassin. spamd doesn't start. ------------------------------------------------------------------- Thu Apr 1 19:10:01 UTC 2010 - chris@computersalat.de - update sa to 3.3.1 - update rules to 3.3.1.r923257 - cleanup spec o removed comments - added deprecated patch for suse_version > 1120 (perl 5.12) o used stuff from combo patch https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6392 - added MIMEEval patch o https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6396 ------------------------------------------------------------------- Sun Mar 21 01:10:29 UTC 2010 - chris@computersalat.de - added perl-Net-Ident for Build/Recommends - fix build for SLE_10 ------------------------------------------------------------------- Sat Mar 20 19:10:43 UTC 2010 - chris@computersalat.de - bzipped Source Mail-SpamAssassin-rules... - removed patch4 o Mail-SpamAssassin-3.2.5.diff - build with ssl support o ENABLE_SSL="yes" - renamed subpackages o perl-spamassassin > perl-Mail-SpamAssassin o new sub package perl-Mail-SpamAssassin-Plugin-iXhash - fixed deps o moved most deps over to perl-Mail-SpamAssassin - some rpmlint fixes o wrong-file-end-of-line-encoding {IXHASH}/CHANGELOG o fix build without RPM_OPT_FLAGS ------------------------------------------------------------------- Fri Mar 19 17:46:07 UTC 2010 - chris@computersalat.de - cleanup spec o sort TAGS o redefine SOURCES - added iXhash-1.5.5.tgz - added spampd-2.20.tar.gz - removed iXhash.pm - removed spampd o macros - added perl-macros o cleanup install section ------------------------------------------------------------------- Fri Mar 19 12:00:00 CET 2010 - opensuse@dstoecker.de - updated iXhash module to 1.5.5 - iXhash is now a sourceforge project (http://ixhash.sourceforge.net/) ------------------------------------------------------------------- Thu Mar 18 20:11:20 UTC 2010 - chris@computersalat.de - added original SOURCES o spampd-2.20.tar.gz - renewed Mail-SpamAssassin-3.3.0.tar.bz2 o wget Mail-SpamAssassin-3.3.0.tar.gz + bznew - some spec mods o macros {__make}, {__install} ... o perl_make_install o added check - some rpmlint fixes o invalid-suse-version-check 1120 ------------------------------------------------------------------- Wed Mar 17 12:00:00 CET 2010 - opensuse@dstoecker.de - update to 3.3.0 - add ixHash module (not activated by default) - add additional spampd tool - better performance than spamd - fixed deps - added perl-NetAddr-IP - fixed Summary ------------------------------------------------------------------- Sun Jan 3 01:02:42 CET 2010 - dmueller@suse.de - apply rules update (bnc#567849) ------------------------------------------------------------------- Thu Dec 24 20:36:34 UTC 2009 - coolo@novell.com - fix install ------------------------------------------------------------------- Tue Nov 10 16:16:54 CET 2009 - varkoly@suse.de - bnc#551880 – spamassassin package should require re2c - bnc#552035 – install of spamassassin corrupts /etc/sysconfig/spamd ------------------------------------------------------------------- Mon Jan 26 12:28:32 CET 2009 - coolo@suse.de - no reason to hide the init-script from !root ------------------------------------------------------------------- Fri Nov 7 12:57:05 CET 2008 - varkoly@suse.de - (bnc#440529) - spamd init-script should support reload ------------------------------------------------------------------- Wed Sep 10 15:19:57 CEST 2008 - varkoly@suse.de - (bnc#420649) - rcspamd restart is broken ------------------------------------------------------------------- Tue Jul 1 08:37:26 CEST 2008 - varkoly@suse.de - update to 3.2.5 * bug 5775: newer gpg versions require keys to be cross-certified (backsig). * bug 5899: add perl version string to the storage area for compiled rulesets, to avoid crashes when perl is upgraded between major versions (e.g perl 5.8.x to 5.10.0) and the ABI breaks * bug 5496, bug 5910: clear some FORGED_MUA_OUTLOOK false positives, particularly on the new-format Message-ID generated by the Outlook Express version used in Windows XP service pack 3 * bug 5730: when using Postgres >= 8.1.0 with Bayes, this error occurs: 'WARNING: nonstandard use of \ in a string literal at character'. * bug 5769: fix 'sa-compile: eval failed: Can't find label NO' error, caused in rare circumstances when sa-compile attempted to deal with rules written using 'replace_rules' features * bug 5858: fix circular reference memory leak caused by some messages * bug 5815: update 2TLD list to include .rs CCTLD * bug 4706: remove HG_HORMOME rules due to poor performance * bug 5835: typo in POD docs for SPF plugin; thanks to Benny Pedersen for fix * bug 5839: a missing or failed eval rule function could mistakenly count as a rule hit, fixed * trivial bugfix for the VBounce ruleset: __BOUNCE_FROM_DAEMON incorrectly used + instead of *, so some From addresses were not being recognised as bounce senders ------------------------------------------------------------------- Tue Jan 8 15:15:11 CET 2008 - varkoly@suse.de - update to 3.2.4: * bug 5599: allow load distribution of SA nameserver queries across all nameservers listed in resolv.conf, using 'dns_options rotate'. thanks to Pawel Sasin <hannibal /at/ wp-sa.pl> * bug 5673: 'ALL' header was including spurious extra spaces between header names and values. fix * bug 5594: several major sa-compile fixes. major increase in overall speed; cache results between runs to further increase speed; and fix a danger of massive memory usage * bug 5556: fix a variety of sa-compile portability issues, and support for 5.6.x perls * bug 5514: make 'score set for a non-existent rule' a debug message, instead of a lint warning, since it's a very frequent FAQ * bug 5493: sa-compile fails to correctly deal with escaped backslashes. fix * bug 5672: remove DNS_FROM_SECURITYSAGE (DNSBL lookups against securitysage.com) due to unreliability * bug 5476: update Bonded Sender (now Sender Score Certified) rules, and add a rule for their strictly-confirmed-opt-in-required zone * bug 5538: remove FORGED_MUA_AOL_FROM and FORGED_AOL_TAGS entirely; they're obsolete, given the current capabilities of AOL mail user agents * bug 5632: remove all completewhois.com DNSBL lookups, site seems to have disappeared without warning * bug 5715: allow for more than one sa-update MIRRORED.BY file host in DNS, for redundancy * bug 5662: DKIM changes: recognize author signature and multiple signatures for whitelisting (with Mail::DKIM 0.29); disable useless "check_dkim_signsome"; new eval rules "check_dkim_valid_author_sig" and "check_dkim_valid" (an alias for a "check_dkim_verified" misnomer); new tags _DKIMIDENTITY_ and _DKIMDOMAIN_; updated terminology; verification speedup with Mail::DKIM 0.30 (or its pre-releases) * bug 5696: sa-compile: cut regexp base strings at Unicode high codepoints, to avoid corruption of patterns containing UTF-8 * bug 5637: bayes_file_mode is handled incorrectly when creating bayes.mutex, resulting in incorrect permissions on that file; fix by Mihaly Barasz * bug 5612: DB_File version 4.2.x has a bug that loops infinitely if files named '__db.{filename}' are present; work around. thanks to J. Nick Koston for the report and fix * bug 5606: too-early init_learner() call causes root's user prefs file to be read when spamd is started; this is inappropriate. fix * bug 4179: if allow_user_rules is 1, user rules are not unique to each user; one user's user rules can appear in later scans for other users that are run using the same spamd process. fix * bug 5680: ALL_TRUSTED can fire if a trusted MSA or webmail system receives the message from an untrusted X-Originating-IP: header. fix * bug 5626: in the 'spamassassin' script, install a signal handler for SIGHUP, SIGINT, SIGTERM and SIGPIPE to ensure that temporary files are removed * bug 5557: some temporary files are left not cleaned up on Windows; fix * bug 5661: speed up Bayes SQL queries by allowing the use of indexes when expiring * bug 5611: support 'spamd --nouser-config -u username', which setuids to 'username' but does not read user_prefs files from anywhere * bug 5665: spamd may fail to notice that a child has completed exiting, and keeps in the child list in state 'K', eventually filling up the child list with 'ghost' children. fix * bug 5735: spamc should allow retry_sleep 0 * bug 5728: spamd: require -u with --sql-config or --ldap-config * bug 5682: remove FH_HOST_ALMOST_IP, FH_HOST_EQ_D_D_D_D, due to false positives and redundancy with RDNS_DYNAMIC; remove FH_HOST_EQ_D_D_D_DB due to no hits * bug 5681: look up IP addresses found in 'X-Yahoo-Post-IP' and 'X-SenderIP' headers, too, thanks to Martin Blapp * Bug 5589: Refined async events handling and DNS lookup completions * bug 5586: RDNS_NONE has false positives if the MTA doesn't put the hostname in the Received header, like Communigate Pro. add an exception for this * bug 5748: fix locale problem with use of external sort in sa-compile ------------------------------------------------------------------- Sun Aug 12 11:45:35 CEST 2007 - varkoly@suse.de - update to 3.2.3: *bug 5574: fix new setuid code to work with perl 5.6.1, and to support DCC and Pyzor in all releases of perl *bug 5107: change default 'user_scores_ldap_username' to be the null string, allowing anonymous binding; fix 'schema' syntax error in LDAP config support *zeroing an 'eval' rule's score did not stop it running. fix, thanks to Richard Birkett <richard+spamassassin at musicbox.net> *bug 5571: allow for new message ID format we have seen from Vista or Windows 2003 Server MAPI to avoid false positives *bug 5397: RDNS_DYNAMIC should never fire on a PTR with 'static' in it; thanks to Martin Blapp <mbr at freebsd.org>. bug 5563: RDNS_DYNAMIC rules use order-dependent fields where it is unsafe to depend on this, fix. bug 5564: __RDNS_DYNAMIC_IPADDR does not hit all of its test patterns, fix. *bug 5475: fix FORGED_MUA_AOL_FROM to allow <*@{aol,cs}.*> addresses instead of just <*@{aol,cs}.com> ------------------------------------------------------------------- Thu Aug 2 13:48:28 CEST 2007 - dmueller@suse.de - update to 3.2.2: * bug 5548: Certain mail input can take a long time to scan with 100% CPU utilisation, due to backtracking in a rule's regexp. fix * bugs 5510, 5518, 5529: fix 'make test' when running as root, needed for CPAN * bug 5419: kill -HUP of pidof spamd causes the ps name to change from spamd to perl. fixed * bug 5535: 'make test' errors in Windows caused by nonportable use of getpwuid * bug 5462: multiple DNS records for a host name should allow use of spamd -H for load balancing installs to work * bugs 5509, 5511: fix network lookup timeouts, where lookups were being lost once a timeout was hit; also fix code to match documentation on rbl_timeout's scaling and minimum duration of 1 second; and attempt to collect already-received DNS responses when the timeout is reached; improve related debugging output. Thanks to Mark Martinec * bugs 5412, 5478, 5522: Fix problems using the spamc -x option with certain other options; 'spamc -x -R' always returned 0, instead of the exit code, on error. Bug 5478: in addition, 'spamc -x -e /command' would still run the command, even if errors meant that the filtered text would be unavailable, which contradicted -x. * bug 5445: body eval tests defined in user_rules cause ugly 'Subroutine _eval_tests_type11_prineg400_set3 redefined' warnings * bug 5355: add in new entries for RegistrarBoundaries * bug 5515: libsslspamc.so & libsslspamc.so can not build without -fPIC, but we were picking up the wrong CFLAGS to do this. * bug 5501: zero score for FH_HAS_XID * bug 5449: allow_user_rules causes sa-compile / Rule2XSBody plugin to emit spurious warnings; fix. also, add a new 'user_conf_parsing_end' plugin hook, which is called after the per-user configuration is parsed * bug 5182: update the sa-learn doc to mention that -u is only usable w/ sql * bug 5534: fix harmless-but-ugly C compiler warning in sa-compile ------------------------------------------------------------------- Thu Jul 26 10:32:25 CEST 2007 - varkoly@suse.de - #278626 - SpamAssassin + Mailman + The Bat! = false positive ------------------------------------------------------------------- Thu Jun 14 09:58:00 CEST 2007 - varkoly@suse.de - UPDATE to version 3.2.1 - bug 5480: fix for CVE-2007-2873: a local user symlink-attack DoS vulnerability. It only affects systems where spamd is run as root, is used with vpopmail or virtual users via the "-v"/"--vpopmail" OR "--virtual-config-dir" switch, AND with the "-x"/"--no-user-config AND WITHOUT the "-u"/"--username" switch AND with the "-l"/"--allow-tell" switch. This is not default on any distro package, and is not a common configuration. More details of the vulnerability can be read at <http://spamassassin.apache.org/advisories/cve-2007-2873.txt>. - bug 5488: zero some rules causing false positives: FH_HOST_EQ_D_D_D_DB and FH_HOST_EQ_D_D_D_D. - bug 5257: re-raise autolearn ham threshold to 1.0; the lower value used in 3.2.0 was creating problems. - bug 5422: in spamd, deleting hash entries from the SIGCHLD signal handler is unsafe, causes corruption of the data structure, and results in 'prefork: ordered child N to accept, but they reported state '1', killing rogue' errors. fix. - bug 5102: tighten up regexp for FORGED_HOTMAIL_RCVD to avoid some FPs. - bug 5457: spamc build and test should handle not having zlib available. - bug 5379: spamd could crash at startup if its preloading temporary directory already exists. fix. - bug 4616: spamc config can cause command line options to be ignored. fix. - bug 5485: zero score DK/DKIM_POLICY_SIGNSOME rules since they'll always fire due to defaults (unless there's an explicit SIGNALL policy). - bug 5492: VBounce rule was looking in header instead of body for whitelisted relays. fix. - bug 5487: prevent multiple "urirhssub"s using the same zone from overwriting each other. - bug 5432 - Change default in Win32 build to not build spamc. - bug 5446: add --updatedir option to sa-compile and remove inaccurate re2c required version info from pod. - bug 5436: add omitted "ifplugin" statements to the configuration, which would otherwise cause lint errors if the default plugins were disabled. - bug 5477: prevent Rule2XSBody info message from appearing on stderr during spamd startup. ------------------------------------------------------------------- Thu May 3 15:38:00 CEST 2007 - varkoly@suse.de - update to 3.2.0 Summary of major changes since 3.1.8 ------------------------------------ Changes to the core code: * new behavior for trusted_networks/internal_networks: the 127.* network is now always considered trusted and internal, regardless of configuration. * bug 3109: short-circuiting of 'definite ham' or 'definite spam' messages based on individual short-circuit rules using the 'shortcircuit' setting, by Dallas Engelken <dallase /at/ uribl.com>. * bug 5305: implement 'msa_networks', for ISPs to specify their Mail Submission Agents, and extend network trust accordingly. * bug 4636: Add support for charset normalization, so rules can be written in UTF-8 to match text in other charsets. * sa-compile: compilation of SpamAssassin rules into a fast parallel-matching DFA, implemented in native code. * "tflags multiple": allow writing of rules that count multiple hits in a single message. * bug 4363: if a message uses CRLF for line endings, we should use it as well, otherwise stay with LF as usual; important for Windows users. * bug 4515: content preview was omitting first paragraph when no Subject: header was present. * The third-party modules used by sa-update are now required by the SpamAssassin package, instead of being optional. * Bug 5165: 'sa-update --checkonly' added to check for updates without applying them; thanks to <anomie /at/ users.sourceforge.net> * Bugs 4606, 4609: Adjust MIME parsing limits for nested multipart/* and message/rfc822 MIME parts. * bug 5295: add 'whitelist_auth', to whitelist addresses that send mail using sender-authorization systems like SPF, Domain Keys, and DKIM * Removed dependency on Text::Wrap CPAN module. * Received header parsing updates/fixes/additions. Spamc / spamd: * bug 4603: Mail::SpamAssassin::Spamd::Apache2 -- mod_perl2 module, implementing spamd as a mod_perl module, contributed as a Google Summer of Code project by Radoslaw Zielinski. * bug 3991: spamd can now listen on UNIX domain, TCP, and SSL sockets simultaneously. Command-line semantics extended slightly, although fully backwards compatibly; add the --ssl-port switch to allow TCP and SSL listening at the same time. * bug 3466: do Bayes expiration, if required, after results have been passed back to the client from spamd; this helps avoid client timeouts. * more complete IPv6 support. * spamc: Add '-K' switch, to ping spamd. * spamc: add '-z' switch, which compresses mails to be scanned using zlib compression; very useful for long-distance use of spamc over the internet. * bug 5296: spamc '--headers' switch, which scans messages and transmits back just rewritten headers. This is more bandwidth-efficient than the normal mode of scanning, but only works for 'report_safe 0'. * Bump spamd's protocol version to 1.4, to reflect new HEADERS verb used for '--headers'. Mail::SpamAssassin modules and API: * bug 4589: allow M::SA::Message to use IO::File objects to read in message (same as GLOB). * bug 4517: rule instrumentation plugin hooks, to measure performance, from John Gardiner Myers <jgmyers /at/ proofpoint.com>. * add two features to core rule-parsing code; 1. optional behaviour to recurse through subdirs looking for .cf/.pre's, to support rules compilers working on rulesrc dir. 2. call back into invoking code on lint failure, so rule compiler can detect which rules exactly fail the lint check. * bug 5206: detect duplicate rules, and silently merge them internally for greater efficiency. * bug 5243: add Plugin::register_method_priority() API, allowing plugins to control the relative ordering of plugin callbacks relative to other plugins' implementations. * Reduced memory footprint. Plugins: * bug 5236: Support Mail::SPF replacement for Mail::SPF::Query. * bug 5127: allow mimeheader :raw rules to match newlines and folded-header whitespace in MIME header strings. * bug 4770: add ASN.pm plugin, contributed by Matthias Leisi <matthias at leisi.net> * bug 5271: move ImageInfo ruleset into 3.2.0 core rules, thanks to Dallas Engelken <dallase /at/ uribl.com>. * VBounce ruleset and plugin: detect spurious bounce messages sent by broken mail systems in response to spam or viruses. (Based on Tim Jackson's "bogus-virus-warnings.cf" ruleset.) * DomainKeys/DKIM: Mail::DKIM is now preferred over Mail::DomainKeys, since the latter module is no longer actively maintained, and Mail::DKIM can handle both DomainKeys and DKIM signatures. * DKIM: separate signature verification from fetching a policy: can save a DNS lookup for each unverified message by setting score to 0 for all policy-related rules (DKIM_POLICY_SIGNALL, DKIM_POLICY_SIGNSOME, and DKIM_POLICY_TESTING). (thanks to Mark Martinec) * DKIM: support testing flags in the public key, as well as in the policy record. (thanks to Mark Martinec) * DKIM: skip fetching a policy (SSP) if a signature does verify, according to draft-allman-dkim-ssp-02 (thanks to Mark Martinec) * Move rule functionality and checking into separate Check plugin, allowing third parties to implement alternative scanner core algorithms. * core EvalTests code moved into various plugins. * Plus lots of miscellaneous bug fixes. ------------------------------------------------------------------- Fri Apr 20 11:08:35 CEST 2007 - meissner@suse.de - removed bad /tmp usage. ------------------------------------------------------------------- Wed Mar 28 12:08:09 CEST 2007 - varkoly@suse.de - #249652 - spamassassin missing dependencies ------------------------------------------------------------------- Mon Feb 19 19:11:36 CET 2007 - dmueller@suse.de - update to 3.1.8: * fix for CVE-2007-0451: possible DoS due to incredibly long URIs found in the message content. * disable perl module usage in update channels unless --allowplugins is specified * files with names starting/ending in whitespace weren't usable * remove Text::Wrap related code due to upstream issues * update spamassassin and sa-learn to better deal with STDIN * improvements and bug fixes related to DomainKeys and DKIM support * several updates for Received header parsing * several documentation updates and random taint-variable related issues ------------------------------------------------------------------- Fri Feb 9 16:52:13 CET 2007 - varkoly@suse.de - fixing: Bug 225248 - Problem in SpamAssassin: if spamassassin configuration is stored in postgresql the search in the table userpref delivers results in wrong order. - fixing: Bug 218272 - SpamAssassin URIDNSBL plugin tries to lookup libraries (libimf.so, liblua.so, ...) via nameserver ------------------------------------------------------------------- Fri Dec 22 10:28:47 CET 2006 - varkoly@suse.de - Enhancing local.cf for the plugin Mail::SpamAssassin::Plugin::URIDNSBL to skip the novell and suse domains from spam checks and to give examples for problems like #218272 "SpamAssassin URIDNSBL plugin tries to lookup libraries (libimf.so, liblua.so, ...) via nameserver" ------------------------------------------------------------------- Mon Dec 4 23:00:59 CET 2006 - dmueller@suse.de - update to "hot-fix" 3.1.7: * fix sa-update failure when rule scores ae set ------------------------------------------------------------------- Wed Nov 15 08:50:57 CET 2006 - varkoly@suse.de - fixing bug: 215722 BUG in archive PgSQL.pm (SpamAssassin) ------------------------------------------------------------------- Mon Oct 9 15:29:59 CEST 2006 - varkoly@suse.de - update to version 3.1.6: This is a maintenance release of the 3.1.x branch. * fixes to bug in date handling affecting DATE_IN_FUTURE_* and DATE_IN_PAST_* rules when more than one Resent-Date header is present * include local site config in sa-update lint checks * fix race condition in spamd preforking code that sometimes left one child process running after SIGHUPing spamd * unescape hash characters in the config * fix false SPF_SOFTFAIL's when SPF queries timeout * update RCVD_ILLEGAL_IP evaltest to properly deal with 127/8 * enable adding headers with single digit zero value * add support for ecelerity Received headers * fix a bug, introduced in 3.1.5, in mbx code * M::SA::Client doesn't always catch failed connection to spamd, fixed ------------------------------------------------------------------- Sun Aug 6 15:35:28 CEST 2006 - dmueller@suse.de - update to version 3.1.4: * bug 4941: if the first sa-update run failed and wasn't re-run to successful completion, the local state directory would exist, and therefore SA sees no rules. now, wait as long as possible to create the directory, and try to remove it on failure. * bug 4997: increase module version requirements for Archive::Tar to 1.23 and IO::Zlib to 1.04 * bug 4966: fix major BSMTP bug, which rendered SA unusable with exim4 when BSMTP is used. * bug 4899: Windows had issues with single quotes around filenames so certain things like pyzor, etc, wouldn't function. * bug 4958: sa-update should work on Windows * bug 4908: gtube.t test failed in non-english locales * bug 4488: deal with potential memory leak due to Bayes and BayesStore circular references * bug 4862: update macro values in update channels ------------------------------------------------------------------- Thu Jun 22 18:18:30 CEST 2006 - ro@suse.de - remove selfprovides ------------------------------------------------------------------- Fri Jun 9 14:10:29 CEST 2006 - varkoly@suse.de - * Fixing Requiers tag in spec file The missed packages are: perl-libwww-perl and perl-IO-Zlib ------------------------------------------------------------------- Tue Jun 6 16:43:42 CEST 2006 - varkoly@suse.de - update to version 3.1.3: * #181157: VUL-0: spamassassin: remote root * 4879: add in pointer to the wiki to find out more about debug channels ------------------------------------------------------------------- Mon May 29 16:10:33 CEST 2006 - dmueller@suse.de - update to version 3.1.2: * bug 4802: implement DKIM plugin, including whitelist_from_dkim support * bug 3838: work around Perl bug causing captured RE variables to become tainted -- thanks to Mark Martinec for pointing out the bug with Perl itself * bug 4850: re-enable the Razor2 plugin by default due to a service policy change * bug 4826: Razor2 plugin needs to load Mail::SpamAssassin::Timeout module * bug 4827: M::SA::first_existing_path() would return the last array entry passed in if none of the paths were found. Now return undef instead and handle the error when it happens. * bug 4813: generally open RE causes sendmail received header get read in as qmail in error * bug 4839: Logger.pm converts control chars including tab into underscores which confuses a bunch of users when checking debug output. Convert tab into space instead, etc. * bug 4884: if a null message is passed in, there are several variables which end up undefined causing warnings. fake an empty message if no input is given. * bug 4793: when replacing tags in a message (_TAG_), leave the tags that don't exist alone instead of just removing them * bug 4861, 4760: handle dccifd and dccproc failover properly, backport relays_internal and relays_external code, backport bug 4760 fix so that it's not possible to be in internal_networks without being in trusted_networks as well * bug 4901: deal more properly with failures in bgsend(). also, use the proper variable to show when errors occur. * bug 4867: fetchmail changed header formats at some point making Received parsing fail in certain conditions * bug 4699: use M::SA::Timeout for spamd copy_config call and allow for empty $@ values * bug 3754: if there's a problem opening a file via sa-learn or spamassassin, return an error exit value. ------------------------------------------------------------------- Fri Mar 17 23:49:00 CET 2006 - dmueller@suse.de - Adjust BuildRequires ------------------------------------------------------------------- Tue Mar 14 13:20:16 CET 2006 - dmueller@suse.de - update to version 3.1.1: * bug 4760: strictly validate trusted network configurations * bug 4363: honor CRLF settings * bug 4748: Update rules to catch Google redirector * bug 4791: fix handling of invalid encoded utf8 messages * bug 4809: add TLD for Greece * bug 4606: Adjust MIME parsing limits (possible DoS) * bug 4795: Improved validation of the score option * fix fd leak in Bayes token DB handling * bug 4780: fix IP_ADDRESS & LOCALHOST IPv6 support * bug 4735: lack of network interfaces crashes in DnsResolver.pm. * bug 4700: prevent arbitrary code injection * bug 4704,4686,4627,4690: Fixed Received: headers parsing ------------------------------------------------------------------- Wed Jan 25 21:41:45 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Thu Jan 12 13:32:56 CET 2006 - varkoly@suse.de - fixing bug #138545 ------------------------------------------------------------------- Thu Jan 12 09:50:03 CET 2006 - varkoly@suse.de - fixing bug #141557 ------------------------------------------------------------------- Wed Oct 26 11:36:51 CEST 2005 - choeger@suse.de - bugfix for init-script: tell spamd to use a pidfile ------------------------------------------------------------------- Fri Sep 16 14:59:19 CEST 2005 - choeger@suse.de - update to version 3.1.0 ------------------------------------------------------------------- Mon Aug 8 16:51:40 CEST 2005 - ug@suse.de - fixed a license problem. See Bug #102221 ------------------------------------------------------------------- Thu Jun 23 09:38:49 CEST 2005 - meissner@suse.de - use RPM_OPT_FLAGS (for spamc). ------------------------------------------------------------------- Wed Jun 8 11:12:28 CEST 2005 - choeger@suse.de - Update to version 3.0.4 ------------------------------------------------------------------- Mon May 2 10:59:08 CEST 2005 - choeger@suse.de - Update to version 3.0.3 ------------------------------------------------------------------- Fri Apr 22 16:02:03 CEST 2005 - choeger@suse.de - Bugfix ID#79285 - spamd: "short" description missing ------------------------------------------------------------------- Wed Jan 12 18:26:55 CET 2005 - choeger@suse.de - cleaned up build process, now properly using ExtUtils::MakeMaker following the PACKAGING readme ------------------------------------------------------------------- Mon Dec 20 11:29:11 CET 2004 - choeger@suse.de - Update to version 3.0.2 ------------------------------------------------------------------- Thu Nov 25 12:36:15 CET 2004 - choeger@suse.de - removed superfluous line: test -d /root/.spamassassin || mkdir /root/.spamassassin from init script ------------------------------------------------------------------- Tue Oct 26 14:19:55 CEST 2004 - choeger@suse.de - Update to version 3.0.1 - specfile can now also be used on older SuSE Linux versions ------------------------------------------------------------------- Thu Sep 23 12:01:58 CEST 2004 - choeger@suse.de - Update to version 3.0.0 ------------------------------------------------------------------- Fri Aug 6 13:59:06 CEST 2004 - meissner@suse.de - Upgraded to security / bugfix release 2.64. #43546 ------------------------------------------------------------------- Sat Mar 27 11:34:02 CET 2004 - ro@suse.de - added directory /etc/mail to filelist ------------------------------------------------------------------- Tue Jan 27 14:29:27 CET 2004 - choeger@suse.de - Update to version 2.63 ------------------------------------------------------------------- Sat Jan 3 18:51:04 CET 2004 - mmj@suse.de - References to %version have to go below the Version: tag ------------------------------------------------------------------- Wed Dec 31 12:24:44 CET 2003 - mmj@suse.de - Update to version 2.61 ------------------------------------------------------------------- Sun Dec 7 18:35:53 CET 2003 - mmj@suse.de - The perl-spamassassin version should be the same as the spam- assassin version. ------------------------------------------------------------------- Sat Oct 18 16:30:11 CEST 2003 - mmj@suse.de - Not necessary to explicitly tell SA not to query Osirusoft blocklist anymore ------------------------------------------------------------------- Fri Oct 17 20:45:25 CEST 2003 - mmj@suse.de - Don't build as root - Update to version 2.60 ------------------------------------------------------------------- Tue Oct 14 14:11:33 CEST 2003 - choeger@suse.de - Bugfix Bugzilla ID#32025, spamd is not started because of a bug in the init-script - Bugfix Bugzilla ID#31867, spamassassin -lint reports errors because of outdated local.cf configuration options ------------------------------------------------------------------- Thu Sep 4 17:07:41 CEST 2003 - choeger@suse.de - Michael fixed MakeMaker PITA again ------------------------------------------------------------------- Tue Sep 2 15:30:37 CEST 2003 - choeger@suse.de - Don't query Osirusoft blocklist anymore, see http://news.spamassassin.org/modules.php?op=modload&name=News&file=article&sid=44&mode=thread&order=0&thold=0 for more details. Bugzilla ID#29566 ------------------------------------------------------------------- Wed Aug 20 20:22:56 CEST 2003 - mjancar@suse.cz - require the perl version we build with ------------------------------------------------------------------- Thu Aug 14 18:45:28 CEST 2003 - choeger@suse.de - Bugfix Bugzilla ID#28942: missing activation metadata in sysconfig template ------------------------------------------------------------------- Wed Jul 30 13:30:39 CEST 2003 - choeger@suse.de - new macros for stop/restart of services on rpm update/removal ------------------------------------------------------------------- Thu Jul 17 13:28:57 CEST 2003 - choeger@suse.de - use install_vendor and new %perl_process_packlist macro ------------------------------------------------------------------- Tue Jul 1 12:52:28 CEST 2003 - choeger@suse.de - don't use PREFIX in 'perl Makefile.PL' - don't set LOCAL_RULES_DIR using %buildroot as prefix ------------------------------------------------------------------- Tue Jun 17 10:39:09 CEST 2003 - choeger@suse.de - updated filelist ------------------------------------------------------------------- Wed May 28 14:12:24 CEST 2003 - choeger@suse.de - Update to 2.55 ------------------------------------------------------------------- Tue May 13 16:08:59 CEST 2003 - mmj@suse.de - Update to 2.54 - Move %defattr to cover all files - Remove unwanted files ------------------------------------------------------------------- Sun Apr 6 13:01:19 CEST 2003 - mmj@suse.de - Update to version 2.53 which fixes some major bugs in earlier 2.5x releases ------------------------------------------------------------------- Fri Mar 28 14:07:47 CET 2003 - mmj@suse.de - spamassassin and perl-spamassassin should not both own /etc/mail/spamassassin/local.cf ------------------------------------------------------------------- Tue Mar 25 09:55:26 CET 2003 - adrian@suse.de - update to version 2.52 ------------------------------------------------------------------- Mon Mar 24 14:22:24 CET 2003 - adrian@suse.de - use pid files in runlevel script (patch from Dirk Mueller #25767) ------------------------------------------------------------------- Sun Mar 23 22:28:26 CET 2003 - coolo@suse.de - adding perl-HTML-Parser to neededforbuild ------------------------------------------------------------------- Fri Mar 21 10:11:45 CET 2003 - adrian@suse.de - update to version 2.51 ------------------------------------------------------------------- Sun Mar 2 19:59:19 CET 2003 - mmj@suse.de - Disabling HABEAS_HIL test turned out to be just a bandaid. It still stalls for longer periods, so add "-L" switch so it only performs local tests. Subsequently remove the score HABEAS_HIL 0 in local.cf. ------------------------------------------------------------------- Tue Feb 25 09:28:46 CET 2003 - mmj@suse.de - Disable the HABEAS_HIL test (sender is on www.habeas.com Habeas Infringer List) since it made each test last ~30 seconds. - Default-Start: should be "3 5" not "" ------------------------------------------------------------------- Fri Feb 21 14:43:18 CET 2003 - adrian@suse.de - update to version 2.50 * fixing crash on x86_64 [#22015] ------------------------------------------------------------------- Thu Feb 20 12:04:55 CET 2003 - mmj@suse.de - Add sysconfig metadata [#22690] ------------------------------------------------------------------- Mon Feb 3 21:32:31 CET 2003 - adrian@suse.de - update to version 2.44 * obsoletes security fix ------------------------------------------------------------------- Wed Jan 29 20:16:24 CET 2003 - adrian@suse.de - update to version 2.43 ------------------------------------------------------------------- Tue Jan 28 17:26:10 MET 2003 - draht@suse.de - remove off-by-one bo -> spamassassin-ob1-security.diff ------------------------------------------------------------------- Wed Oct 16 01:32:39 CEST 2002 - ro@suse.de - fixed requires typo ------------------------------------------------------------------- Tue Oct 8 12:11:58 CEST 2002 - adrian@suse.de - add missing requires - update to version 2.42 ------------------------------------------------------------------- Tue Sep 17 17:34:28 CEST 2002 - ro@suse.de - removed bogus self-provides ------------------------------------------------------------------- Tue Aug 20 02:55:54 CEST 2002 - mmj@suse.de - Correct PreReq ------------------------------------------------------------------- Mon Jul 29 22:22:44 CEST 2002 - mls@suse.de - fixed neededforbuild for perl-5.8.0 ------------------------------------------------------------------- Fri Jul 12 11:31:25 CEST 2002 - choeger@suse.de - update to most recent version - added perl-Time-HiRes to requires - removed DOSWIN_EXECUTABLE patch http://sourceforge.net/mailarchive/message.php?msg_id=1606621 ------------------------------------------------------------------- Fri May 10 23:50:32 MEST 2002 - garloff@suse.de - Add rule to filter mails with files having names with DOS/Win suffixes (DOSWIN_EXECUTABLE), default score 4.6 - Provide init script for spamd - Install READMEs as %doc - Move spamc/d/proxy/assassin man pages to spamassassin package - Configuration of spamd in sysconfig/spamd ------------------------------------------------------------------- Wed May 8 23:43:26 MEST 2002 - garloff@suse.de - Update to version 2.20. ------------------------------------------------------------------- Tue Apr 16 19:09:31 MEST 2002 - draht@suse.de - fix file list (/usr/share/spamassassin) add more convenient defaults to /etc/mail/spamassassin/local.cf ------------------------------------------------------------------- Tue Apr 9 17:10:25 MEST 2002 - draht@suse.de - initial package, version 2.11.
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor