Overview
Request 892674 accepted
- update to version 1.4.1.1
* This release is a fix for 1.4.1 which suffered a broken merge to
the "master" branch and thus was unusable. The merge was repaired
and "master" was re-tested before this release was posted. There's
no change to RELEASE_NOTES since no functionality was added or
removed.
- changes from 1.4.1
* NOTE: In response to CVE-2019-20790, opendmarc has changed how it
evaluates headers added by previous SPF milters. Users are
encouraged to read the CVE-2019-20790 file in the "SECURITY"
folder for more details. (CVE-2019-20790)
(gh#trusteddomainproject/OpenDMARC#49)
(gh#trusteddomainproject/OpenDMARC#158)
* Addition of defines for MUSL C Library. (gh#trusteddomainproject/OpenDMARC#129)
(gh#trusteddomainproject/OpenDMARC#133)
* Fix two #ifdefs in arc functions for strlcpy. (gh#trusteddomainproject/OpenDMARC#138)
* Fixes to MySQL Schema (gh#trusteddomainproject/OpenDMARC#98)
(gh#trusteddomainproject/OpenDMARC#99)
* Add compatibility with AutoConf 2.70. (gh#trusteddomainproject/OpenDMARC#95)
* Only accept results from Received-SPF fields that indicate clearly
which identifier was being evaluated, since DMARC specifically
only wants results based on MAIL FROM.
* Many build-time fixes
* Added config option HoldQuarantinedMessages (default false), which
controls if messages with p=quarantine will be passed on to the
mail stream (if False) or placed in the MTA's "hold" queue
(if True). (gh#trusteddomainproject/OpenDMARC#105)
* Remove "--with-wall" from "configure".
* LIBOPENDMARC: Ignore all RRTYPEs other than TXT.
(gh#trusteddomainproject/OpenDMARC#50)
* LIBOPENDMARC: Repair absurd RRTYPE test in SPF code.
(gh#trusteddomainproject/OpenDMARC#89)
* LIBOPENDMARC: Fix bogus header field parsing code.
(gh#trusteddomainproject/OpenDMARC#104)
* LIBOPENDMARC: Don't pass the client IP address through htonl()
since it's already in network byte order. This was causing SPF
errors when the internal SPF implementation was in use.
(gh#trusteddomainproject/OpenDMARC#161)
* LIBOPENDMARC: Fix numerous problems with the internal SPF
implementation.
- changes from 1.4.0
* Add ARC support. Extensive work contributed by ValiMail, with
patches by Jonathan Kamens.
* Add "DomainWhitelist" and "DomainWhitelistFile" config options.
* Extract client IP address for ARC reports when provided via
Authentication-Results.
* Update SQL schema to support new reporting functionality for DKIM
selectors and ARC local policy overrides (refer to the example
schema.mysql file).
* Add experimental support for reporting of ARC local policy overrides.
* Add support for recording and reporting of DKIM selectors.
* Override a DMARC "fail" if an ARC "pass" is recorded in conjunction
with an ARC policy pass.
* Add "RejectMultiValueFrom" configuration option to reject messages
with multi-valued From fields, unless all domains in that field
are the same.
* Handle base64 inside AR tokens that are values.
* Fix Authentication-Results tokenizing.
* LIBOPENDMARC: Fix bug #203: Reject DMARC records that have duplicate
tags in them.
* LIBOPENDMARC: Pull request #70: For a non-pass DKIM outcome, discard
unaligned domain.
* LIBOPENDMARC: Pull request #67: Fix resource leakage on systems
using res_ndestroy().
* LIBOPENDMARC: In opendmarc_xml_parse(), ensure NULL-termination of
the buffer passed to opendmarc_xml().
* LIBOPENDMARC: Add opendmarc_policy_fetch_from_domain().
* LIBOPENDMARC: Fix handling of long or malformed DMARC records.
* LIBOPENDMARC: Enable opendmarc_policy_store_dkim() to report a
missingFrom domain.
* REPORTS: Feature request #146: Add option to pull input from a file.
* REPORTS: Fix bug #153: Suppress duplicate results from the same
domain.
- update DMARC support scripts from TechSneeze to current versions
- update patch collection by Juri Haberland from 2018040601 to
2021051301
* remove obsolete patches now included upstream
+ ticket137.patch (Chokes on OpenDKIM Authentication-Results headers)
+ ticket146.patch (Use an input file alternatively)
+ ticket153.patch (duplicate dkim auth_result sections)
+ ticket203.patch (Duplicate E-Mail due to strange dmarc entry)
+ ticket227.patch (Consistent opendmarc_policy.c Segfault When Processing DMARC Data...)
+ z00_ticket138_v3.patch (Pass failed messages from p=quarantine domains)
+ z06_use_envdomain_SPF_logging.patch
* remove patches currently not applicable because of bigger changes
in upstream code
+ ticket180.patch (Override MLM patch)
+ z04_moreHeadersFailureReportVsBeta1.patch
- Created by buschmann23
- In state accepted
- Package maintainer: dstoecker
Request History
buschmann23 created request
- update to version 1.4.1.1
* This release is a fix for 1.4.1 which suffered a broken merge to
the "master" branch and thus was unusable. The merge was repaired
and "master" was re-tested before this release was posted. There's
no change to RELEASE_NOTES since no functionality was added or
removed.
- changes from 1.4.1
* NOTE: In response to CVE-2019-20790, opendmarc has changed how it
evaluates headers added by previous SPF milters. Users are
encouraged to read the CVE-2019-20790 file in the "SECURITY"
folder for more details. (CVE-2019-20790)
(gh#trusteddomainproject/OpenDMARC#49)
(gh#trusteddomainproject/OpenDMARC#158)
* Addition of defines for MUSL C Library. (gh#trusteddomainproject/OpenDMARC#129)
(gh#trusteddomainproject/OpenDMARC#133)
* Fix two #ifdefs in arc functions for strlcpy. (gh#trusteddomainproject/OpenDMARC#138)
* Fixes to MySQL Schema (gh#trusteddomainproject/OpenDMARC#98)
(gh#trusteddomainproject/OpenDMARC#99)
* Add compatibility with AutoConf 2.70. (gh#trusteddomainproject/OpenDMARC#95)
* Only accept results from Received-SPF fields that indicate clearly
which identifier was being evaluated, since DMARC specifically
only wants results based on MAIL FROM.
* Many build-time fixes
* Added config option HoldQuarantinedMessages (default false), which
controls if messages with p=quarantine will be passed on to the
mail stream (if False) or placed in the MTA's "hold" queue
(if True). (gh#trusteddomainproject/OpenDMARC#105)
* Remove "--with-wall" from "configure".
* LIBOPENDMARC: Ignore all RRTYPEs other than TXT.
(gh#trusteddomainproject/OpenDMARC#50)
* LIBOPENDMARC: Repair absurd RRTYPE test in SPF code.
(gh#trusteddomainproject/OpenDMARC#89)
* LIBOPENDMARC: Fix bogus header field parsing code.
(gh#trusteddomainproject/OpenDMARC#104)
* LIBOPENDMARC: Don't pass the client IP address through htonl()
since it's already in network byte order. This was causing SPF
errors when the internal SPF implementation was in use.
(gh#trusteddomainproject/OpenDMARC#161)
* LIBOPENDMARC: Fix numerous problems with the internal SPF
implementation.
- changes from 1.4.0
* Add ARC support. Extensive work contributed by ValiMail, with
patches by Jonathan Kamens.
* Add "DomainWhitelist" and "DomainWhitelistFile" config options.
* Extract client IP address for ARC reports when provided via
Authentication-Results.
* Update SQL schema to support new reporting functionality for DKIM
selectors and ARC local policy overrides (refer to the example
schema.mysql file).
* Add experimental support for reporting of ARC local policy overrides.
* Add support for recording and reporting of DKIM selectors.
* Override a DMARC "fail" if an ARC "pass" is recorded in conjunction
with an ARC policy pass.
* Add "RejectMultiValueFrom" configuration option to reject messages
with multi-valued From fields, unless all domains in that field
are the same.
* Handle base64 inside AR tokens that are values.
* Fix Authentication-Results tokenizing.
* LIBOPENDMARC: Fix bug #203: Reject DMARC records that have duplicate
tags in them.
* LIBOPENDMARC: Pull request #70: For a non-pass DKIM outcome, discard
unaligned domain.
* LIBOPENDMARC: Pull request #67: Fix resource leakage on systems
using res_ndestroy().
* LIBOPENDMARC: In opendmarc_xml_parse(), ensure NULL-termination of
the buffer passed to opendmarc_xml().
* LIBOPENDMARC: Add opendmarc_policy_fetch_from_domain().
* LIBOPENDMARC: Fix handling of long or malformed DMARC records.
* LIBOPENDMARC: Enable opendmarc_policy_store_dkim() to report a
missingFrom domain.
* REPORTS: Feature request #146: Add option to pull input from a file.
* REPORTS: Fix bug #153: Suppress duplicate results from the same
domain.
- update DMARC support scripts from TechSneeze to current versions
- update patch collection by Juri Haberland from 2018040601 to
2021051301
* remove obsolete patches now included upstream
+ ticket137.patch (Chokes on OpenDKIM Authentication-Results headers)
+ ticket146.patch (Use an input file alternatively)
+ ticket153.patch (duplicate dkim auth_result sections)
+ ticket203.patch (Duplicate E-Mail due to strange dmarc entry)
+ ticket227.patch (Consistent opendmarc_policy.c Segfault When Processing DMARC Data...)
+ z00_ticket138_v3.patch (Pass failed messages from p=quarantine domains)
+ z06_use_envdomain_SPF_logging.patch
* remove patches currently not applicable because of bigger changes
in upstream code
+ ticket180.patch (Override MLM patch)
+ z04_moreHeadersFailureReportVsBeta1.patch
dirkmueller accepted request
@dstoecker: review reminder