diff options
author | Leonardo Arena <rnalrd@alpinelinux.org> | 2019-12-31 08:56:45 +0000 |
---|---|---|
committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2019-12-31 08:58:23 +0000 |
commit | 414d938b62bf425063a54567a1736a0d2fb76c8f (patch) | |
tree | 1bc51436c4287a1d4a9b3a0feda70f485e9caf51 /main/spamassassin | |
parent | b890b9dcbcaf4545bee998573c5bc9ba3bf52a3c (diff) | |
download | aports-414d938b62bf425063a54567a1736a0d2fb76c8f.tar.bz2 aports-414d938b62bf425063a54567a1736a0d2fb76c8f.tar.xz |
main/spamassassin: security upgrade to 3.4.3
CVE-2019-12420, CVE-2018-11805, CVE-2016-1238,
CVE-2017-15705, CVE-2018-11780, CVE-2018-11781
fixes #11041
Diffstat (limited to 'main/spamassassin')
-rw-r--r-- | main/spamassassin/APKBUILD | 21 | ||||
-rw-r--r-- | main/spamassassin/bad-regexp-and-logic.patch | 36 | ||||
-rw-r--r-- | main/spamassassin/net-dns-1.01-compat.patch | 18 |
3 files changed, 13 insertions, 62 deletions
diff --git a/main/spamassassin/APKBUILD b/main/spamassassin/APKBUILD index ec09e806bc..20f9c235e8 100644 --- a/main/spamassassin/APKBUILD +++ b/main/spamassassin/APKBUILD @@ -2,8 +2,8 @@ # Maintainer: Leonardo Arena <rnalrd@alpinelinux.org> pkgname=spamassassin _pkgreal=Mail-SpamAssassin -pkgver=3.4.1 -pkgrel=8 +pkgver=3.4.3 +pkgrel=0 pkgdesc="The Powerful #1 Open-Source Spam Filter" url="http://search.cpan.org/dist/Mail-SpamAssassin/" arch="all" @@ -18,12 +18,19 @@ source="http://search.cpan.org/CPAN/authors/id/K/KM/KMCGRAIL/${_pkgreal#*-}/$_pk spamd.initd spamd.confd spamd.crond - net-dns-1.01-compat.patch Mail-SpamAssassin.patch - bad-regexp-and-logic.patch " builddir="$srcdir/$_pkgreal-$pkgver" +# secfixes: +# 3.4.3-r0: +# - CVE-2019-12420 +# - CVE-2018-11805 +# - CVE-2016-1238 +# - CVE-2017-15705 +# - CVE-2018-11780 +# - CVE-2018-11781 + build() { cd "$builddir" rm t/dnsbl_subtests.t @@ -74,10 +81,8 @@ cpan() { sed -i '/^#\*/d' "$subpkgdir"/etc/mail/$pkgname/user_prefs } -sha512sums="6a074f1a4177e1969cef575fe3b1b844d27c813d48fe1e07a46f56ffa728fc780897597d00f11acb269317a6308f284f0dee544d504da874d93b0549d094a6a3 Mail-SpamAssassin-3.4.1.tar.gz +sha512sums="d2fd657d3c20273b0c06cb1da083d757d3f2a7f60c7ed6e6ad8f98e6df33c9c5f3824f0531abf5dbc32b0dde22979d7d671231fa2ef0d8b073ea6804c5de0c3a Mail-SpamAssassin-3.4.3.tar.gz 0a22933290a3abd147689bf3a9de4b6b277628c22966f353c5da932cd98560babf1d0bb9d92c456ea24decfb5af0bbc960192d29a90d9cab437e7986c75c8278 spamd.initd 274d3aa0d9aab05e83c8d5ad3e93a457649360021a67c8cb19088365bed681ebe26889cfa86f8c46a6044c7ee969231f2a71e3227adf8ad9e38d0286b9caf48d spamd.confd c8c00e4281cefd5e5e15507c8890264a25aa59663c57ccdf7a77905e2550999cfbbfa7271189a9491b0a0e98dff432361f13becdb99e1b583cd9d45d68022a47 spamd.crond -7651b0b6a13322ecc338cd43ef67246c02c846162d419e3d1586e2d53161fc055d1ba80800f5210658cc360ac3ccd3c2176f1463780b0486ec65c0bac3b338fd net-dns-1.01-compat.patch -66a6daa7e9898864497e7d8e17efc6094aabc5a9a94afbc7da08acf4cf2430fad2cb0128b8db4be637f5dcabe3fa9f03490f9d7cbba3c1cc02b7824f63cd0965 Mail-SpamAssassin.patch -fef24813fd643bcc3d945b1d53145c9290e8567ea4ed9c39a31cc0b0381a3949ef82840383f0c7dd4ac641f9dace6c08e39cf39e32b9906dc865f2fce1770c06 bad-regexp-and-logic.patch" +66a6daa7e9898864497e7d8e17efc6094aabc5a9a94afbc7da08acf4cf2430fad2cb0128b8db4be637f5dcabe3fa9f03490f9d7cbba3c1cc02b7824f63cd0965 Mail-SpamAssassin.patch" diff --git a/main/spamassassin/bad-regexp-and-logic.patch b/main/spamassassin/bad-regexp-and-logic.patch deleted file mode 100644 index 62a537b3d7..0000000000 --- a/main/spamassassin/bad-regexp-and-logic.patch +++ /dev/null @@ -1,36 +0,0 @@ -From edb00a8d76a625bf03227ee2f6e915c9a0d90bad Mon Sep 17 00:00:00 2001 -From: Mark Martinec <mmartinec@apache.org> -Date: Tue, 11 Apr 2017 18:37:20 +0000 -Subject: [PATCH] Bug 7404: Bad regexp (and logic) in - MS::PerMsgStatus::get_content_preview - -git-svn-id: https://svn.apache.org/repos/asf/spamassassin/trunk@1791010 13f79535-47bb-0310-9956-ffa450edef68 ---- - lib/Mail/SpamAssassin/PerMsgStatus.pm | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/lib/Mail/SpamAssassin/PerMsgStatus.pm b/lib/Mail/SpamAssassin/PerMsgStatus.pm -index f8c55061b..126157bf5 100644 ---- a/lib/Mail/SpamAssassin/PerMsgStatus.pm -+++ b/lib/Mail/SpamAssassin/PerMsgStatus.pm -@@ -896,16 +896,16 @@ sub get_content_preview { - $str .= shift @{$ary}; - } - undef $ary; -- chomp ($str); $str .= " [...]\n"; - - # in case the last line was huge, trim it back to around 200 chars - local $1; -- $str =~ s/^(.{,200}).*$/$1/gs; -+ $str =~ s/^(.{200}).+$/$1 [...]/gm; -+ chomp ($str); $str .= "\n"; - - # now, some tidy-ups that make things look a bit prettier -- $str =~ s/-----Original Message-----.*$//gs; -+ $str =~ s/-----Original Message-----.*$//gm; - $str =~ s/This is a multi-part message in MIME format\.//gs; -- $str =~ s/[-_\*\.]{10,}//gs; -+ $str =~ s/[-_*.]{10,}//gs; - $str =~ s/\s+/ /gs; - - # add "Content preview:" ourselves, so that the text aligns diff --git a/main/spamassassin/net-dns-1.01-compat.patch b/main/spamassassin/net-dns-1.01-compat.patch deleted file mode 100644 index 151ea9a9c0..0000000000 --- a/main/spamassassin/net-dns-1.01-compat.patch +++ /dev/null @@ -1,18 +0,0 @@ -Fix Bug 7223: Net::DNS 1.01 breaks DnsResolver - -This bug is already fixed for version 3.4.2 and later. - -See: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7223 - ---- a/lib/Mail/SpamAssassin/DnsResolver.pm -+++ b/lib/Mail/SpamAssassin/DnsResolver.pm -@@ -592,6 +592,9 @@ - }; - - if ($packet) { -+ # RD flag needs to be set explicitly since Net::DNS 1.01, Bug 7223 -+ $packet->header->rd(1); -+ - # my $udp_payload_size = $self->{res}->udppacketsize; - my $udp_payload_size = $self->{conf}->{dns_options}->{edns}; - if ($udp_payload_size && $udp_payload_size > 512) { |