...
 
Commits (30)
spamassassin (3.4.2-1) unstable; urgency=medium
Prior to version 3.4.2-1, spamd could be enabled by setting ENABLED=1 in
/etc/default/spamassassin. This pattern is discouraged Debian, is not
supported by the systemd unit file, and is considered
deprecated. Instead, please use the update-rc.d command, invoked for
example as "update-rc.d spamassassin enable", to enable the spamd
service.
-- Noah Meyerhans <noahm@debian.org> Sun, 23 Sep 2018 17:06:30 -0700
spamassassin (3.3.2-8) unstable; urgency=low
As of spamassassin 3.3.2-8, sa-compile has been split into its own
......
spamassassin (3.4.1-9) UNRELEASED; urgency=medium
spamassassin (3.4.2-1) unstable; urgency=medium
* New upstream release fixes multiple security vulnerabilities
- CVE-2017-15705: Denial of service issue in which certain unclosed
tags in emails cause markup to be handled incorrectly leading to
scan timeouts. (Closes: 908969)
- CVE-2016-1238: Unsafe usage of "." in @INC in a configuration
script.
- CVE-2018-11780: potential Remote Code Execution bug with the
PDFInfo plugin. (Closes: 908970)
- CVE-2018-11781: local user code injection in the meta rule syntax.
(Closes: 908971)
- BayesStore: bayes_expire table grows, remove_running_expire_tok not
called (Closes: 883775)
- Fix use of uninitialized variable warning in PDFInfo.pm
(Closes: 865924)
- Fix "failed to parse plugin" error in
Mail::SpamAssassin::Plugin::URILocalBL (Closes: 891041)
* Don't recursively chown /var/lib/spamassassin during postinst.
(Closes: 889501)
-- Noah Meyerhans <noahm@debian.org> Sat, 03 Feb 2018 15:36:43 -0800
* Reload spamd after compiling rules in sa-compile.postinst.
* Preserve locally set ENABLED=1 setting from /etc/default/spamassassin
when installing on systemd-based systems. (Closes: 884163, 858457)
* Update SysV init script to cope with upstream's change to $0.
* Remove compiled rules upon removal of the sa-compile package.
* Ensure that /var/lib/spamassassin/compiled doesn't change modes with
the cron job's execution. (Closes: 890650)
* Update standards version to 4.2.1
* Create /var/lib/spamassassin via dpkg, rather than the postinst.
(Closes: 891833)
-- Noah Meyerhans <noahm@debian.org> Sun, 30 Sep 2018 23:44:58 -0700
spamassassin (3.4.1-8) unstable; urgency=medium
......@@ -17,7 +43,7 @@ spamassassin (3.4.1-8) unstable; urgency=medium
* Add Multi-Arch: foreign headers to package definitions (Closes:
#850454)
* Update standards version to 4.1.0.0
* Remove references to the obsolte syslog.target dependency in the
* Remove references to the obsolete syslog.target dependency in the
systemd service file.
* Clarify the use of the perl-major-upgrade dpkg trigger.
* Fix spamd service manage on upgrades. (Closes: #865356)
......
......@@ -3,8 +3,9 @@ Section: mail
Priority: optional
Maintainer: Noah Meyerhans <noahm@debian.org>
Build-Depends: debhelper, perl, libssl-dev, libhtml-parser-perl,
libnet-dns-perl, libnetaddr-ip-perl, dh-systemd, libberkeleydb-perl, netbase
Standards-Version: 4.1.0.0
libnet-dns-perl, libnetaddr-ip-perl, debhelper (>= 9.20160709),
libberkeleydb-perl, netbase
Standards-Version: 4.2.1.0
Homepage: https://www.spamassassin.org/
Vcs-Git: https://salsa.debian.org/debian/spamassassin.git
Vcs-Browser: https://salsa.debian.org/debian/spamassassin
......@@ -16,7 +17,8 @@ Multi-Arch: foreign
Depends: perl, libhtml-parser-perl, libsocket6-perl, adduser,
libsys-hostname-long-perl, libarchive-tar-perl, libnet-dns-perl,
libnetaddr-ip-perl, libhttp-date-perl, libmail-dkim-perl,
lsb-base (>= 3.0-6), libwww-perl | curl | w3m, ${misc:Depends}
lsb-base (>= 3.0-6), libwww-perl | curl | w3m,
init-system-helpers (>= 1.51), ${misc:Depends}
Recommends: spamc, sa-compile, libmail-spf-perl,
libsys-syslog-perl, gnupg, libio-socket-inet6-perl
Suggests: razor, libio-socket-ssl-perl, libdbi-perl, pyzor,
......
This diff is collapsed.
Index: spamassassin-3.4.0-rc5/spamc/spamc.pod
Index: spamassassin-3.4.2-pre3/spamc/spamc.pod
===================================================================
--- spamassassin-3.4.0-rc5.orig/spamc/spamc.pod 2014-02-10 21:35:08.896487637 -0800
+++ spamassassin-3.4.0-rc5/spamc/spamc.pod 2014-02-10 21:35:58.860735402 -0800
@@ -331,7 +331,7 @@
--- spamassassin-3.4.2-pre3.orig/spamc/spamc.pod
+++ spamassassin-3.4.2-pre3/spamc/spamc.pod
@@ -341,7 +341,7 @@ The exit codes used are as follows:
=head1 SEE ALSO
......
Index: spamassassin-3.4.1/README
===================================================================
--- spamassassin-3.4.1.orig/README
+++ spamassassin-3.4.1/README
@@ -132,11 +132,6 @@ default locations that Apache SpamAssass
If the files exist in /etc/spamassassin, they will not
be overwritten during future installs.
- - /usr/share/spamassassin/user_prefs.template:
-
- Distributed default user preferences. Do not modify this, as it is
- overwritten when you upgrade.
-
- /etc/spamassassin/user_prefs.template:
Default user preferences, for system admins to create, modify, and
Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/Conf.pm
Index: spamassassin-3.4.2/lib/Mail/SpamAssassin/Conf.pm
===================================================================
--- spamassassin-3.4.1.orig/lib/Mail/SpamAssassin/Conf.pm
+++ spamassassin-3.4.1/lib/Mail/SpamAssassin/Conf.pm
@@ -3931,7 +3931,7 @@ This option gives the password used by t
--- spamassassin-3.4.2.orig/lib/Mail/SpamAssassin/Conf.pm
+++ spamassassin-3.4.2/lib/Mail/SpamAssassin/Conf.pm
@@ -3994,7 +3994,7 @@ This option gives the password used by t
Whether to call the services_authorized_for_username plugin hook in BayesSQL.
If the hook does not determine that the user is allowed to use bayes or is
......@@ -11,66 +11,20 @@ Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/Conf.pm
NOTE: By default the user is considered invalid until a plugin returns
a true value. If you enable this, but do not have a proper plugin
Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/Plugin/DCC.pm
Index: spamassassin-3.4.2/lib/Mail/SpamAssassin/Plugin/MIMEEval.pm
===================================================================
--- spamassassin-3.4.1.orig/lib/Mail/SpamAssassin/Plugin/DCC.pm
+++ spamassassin-3.4.1/lib/Mail/SpamAssassin/Plugin/DCC.pm
@@ -1088,3 +1088,4 @@ sub plugin_report {
}
--- spamassassin-3.4.2.orig/lib/Mail/SpamAssassin/Plugin/MIMEEval.pm
+++ spamassassin-3.4.2/lib/Mail/SpamAssassin/Plugin/MIMEEval.pm
@@ -17,7 +17,7 @@
1;
+
Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/Plugin/DNSEval.pm
===================================================================
--- spamassassin-3.4.1.orig/lib/Mail/SpamAssassin/Plugin/DNSEval.pm
+++ spamassassin-3.4.1/lib/Mail/SpamAssassin/Plugin/DNSEval.pm
@@ -328,6 +328,7 @@ This checks all the from addrs domain na
=back
=head1 NAME
=cut
+
sub check_rbl_from_domain {
my ($self, $pms, $rule, $set, $rbl_server, $subtest) = @_;
_check_rbl_addresses($self, $pms, $rule, $set, $rbl_server, $subtest, $_[1]->all_from_addrs_domains());
Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/Plugin/MIMEEval.pm
===================================================================
--- spamassassin-3.4.1.orig/lib/Mail/SpamAssassin/Plugin/MIMEEval.pm
+++ spamassassin-3.4.1/lib/Mail/SpamAssassin/Plugin/MIMEEval.pm
@@ -15,6 +15,25 @@
# limitations under the License.
# </@LICENSE>
-MIMEEval - perform various tests against MIME structure and body
+Mail::SpamAssassin::Plugin::MIMEEval - perform various tests against MIME structure and body
+=head1 NAME
+
+Mail::SpamAssassin::Plugin::MIMEEval - perform MIME sanity tests of messages
+
+=head1 SYNOPSIS
+
+ loadplugin Mail::SpamAssassin::Plugin::MIMEEval
+
+ body MULTIPART_ALT_NON_TEXT eval:check_ma_non_text()
+
+ body MIME_HTML_ONLY eval:check_for_mime_html_only()
+ describe MIME_HTML_ONLY Message only has text/html MIME parts
+
+=head1 DESCRIPTION
+
+Utility functions for examining various MIME encoded message components.
+
+=cut
+
package Mail::SpamAssassin::Plugin::MIMEEval;
use strict;
@@ -69,6 +88,7 @@ sub are_more_high_bits_set {
($numlos <= $numhis && $numhis > 3);
}
+
=over 4
=head1 SYNOPSIS
=item has_check_for_ascii_text_illegal
@@ -148,6 +168,31 @@ sub check_for_faraway_charset {
@@ -175,6 +175,31 @@ sub check_for_faraway_charset {
0;
}
......@@ -80,8 +34,8 @@ Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/Plugin/MIMEEval.pm
+
+Use in rules such as:
+
+ rawbody MIME_BASE64_BLANKS eval:check_for_mime('mime_base64_blanks')
+ describe MIME_BASE64_BLANKS Extra blank lines in base64 encoding
+ rawbody MIME_BASE64 eval:check_for_mime('mime_base64_count')
+ describe MIME_BASE64 Includes a base64 attachment
+
+ mime_base64_count
+ mime_base64_encoded_text
......@@ -102,7 +56,7 @@ Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/Plugin/MIMEEval.pm
sub check_for_mime {
my ($self, $pms, undef, $test) = @_;
@@ -166,7 +211,12 @@ sub check_for_mime_html {
@@ -193,7 +218,12 @@ sub check_for_mime_html {
return ($pms->{mime_body_html_count} > 0);
}
......@@ -116,19 +70,3 @@ Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/Plugin/MIMEEval.pm
sub check_for_mime_html_only {
my ($self, $pms) = @_;
@@ -474,6 +524,7 @@ sub _check_attachments {
Adds capability check for "if can()" for check_qp_ratio
=cut
+
sub has_check_qp_ratio { 1 }
=item check_qp_ratio
@@ -484,6 +535,7 @@ quoted printable to total bytes in an em
=back
=cut
+
sub check_qp_ratio {
my ($self, $pms, undef, $min) = @_;
Description: fix POD errors with perl 5.18
Wrap number-like items in C<>, to avoid parser complains
Author: Damyan Ivanov <dmn@debian.org>
Bug-Debian: http://bugs.debian.org/720499
--- a/sa-check_spamd.raw
+++ b/sa-check_spamd.raw
@@ -424,21 +424,21 @@ exiting with one of these values:
=over 4
-=item 0
+=item C<0>
OK: A spamd ping response was received within all threshold times.
-=item 1
+=item C<1>
WARNING: A spamd ping response exceeded the warning threshold but not the
critical threshold.
-=item 2
+=item C<2>
CRITICAL: A spamd ping response exceeded either the critical threshold or the
timeout value.
-=item 3
+=item C<3>
UNKNOWN: An error, probably caused by a missing dependency or an invalid
configuration parameter being supplied, occurred in the sa-check_spamd program.
Index: spamassassin-3.4.0~rc5/lib/Mail/SpamAssassin/Plugin/BodyRuleBaseExtractor.pm
Index: spamassassin-3.4.2/lib/Mail/SpamAssassin/Plugin/BodyRuleBaseExtractor.pm
===================================================================
--- spamassassin-3.4.0~rc5.orig/lib/Mail/SpamAssassin/Plugin/BodyRuleBaseExtractor.pm 2014-01-11 09:13:23.000000000 -0800
+++ spamassassin-3.4.0~rc5/lib/Mail/SpamAssassin/Plugin/BodyRuleBaseExtractor.pm 2014-02-14 21:34:59.109796791 -0800
@@ -192,7 +192,8 @@
--- spamassassin-3.4.2.orig/lib/Mail/SpamAssassin/Plugin/BodyRuleBaseExtractor.pm
+++ spamassassin-3.4.2/lib/Mail/SpamAssassin/Plugin/BodyRuleBaseExtractor.pm
@@ -191,7 +191,8 @@ NEXT_RULE:
dbg("zoom: giving up on regexp: $eval_stat");
};
......
Description: Unescaped left brace in regex leads to warnings with perl 5.26
Origin: https://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/PerMsgStatus.pm?r1=1708863&r2=1791010&diff_format=h
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869408
Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/PerMsgStatus.pm
===================================================================
--- spamassassin-3.4.1.orig/lib/Mail/SpamAssassin/PerMsgStatus.pm
+++ spamassassin-3.4.1/lib/Mail/SpamAssassin/PerMsgStatus.pm
@@ -916,16 +916,16 @@ sub get_content_preview {
$str .= shift @{$ary};
}
undef $ary;
- chomp ($str); $str .= " [...]\n";
# in case the last line was huge, trim it back to around 200 chars
local $1;
- $str =~ s/^(.{,200}).*$/$1/gs;
+ $str =~ s/^(.{200}).+$/$1 [...]/gm;
+ chomp ($str); $str .= "\n";
# now, some tidy-ups that make things look a bit prettier
- $str =~ s/-----Original Message-----.*$//gs;
+ $str =~ s/-----Original Message-----.*$//gm;
$str =~ s/This is a multi-part message in MIME format\.//gs;
- $str =~ s/[-_\*\.]{10,}//gs;
+ $str =~ s/[-_*.]{10,}//gs;
$str =~ s/\s+/ /gs;
# add "Content preview:" ourselves, so that the text aligns
Description: Fix uninitialized values in URIDNSBL.pm with Net::DNS 1.01
Origin: upstream, https://svn.apache.org/viewvc/spamassassin/branches/3.4/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm?r1=1676616&r2=1694126&pathrev=1694126&view=patch
Bug: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7231
Bug-Debian: https://bugs.debian.org/760277
Last-Update: 2016-09-29
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm
+++ b/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm
@@ -942,9 +942,8 @@
next unless (defined($str) && defined($dom));
dbg("uridnsbl: got($j) NS for $dom: $str");
- if ($str =~ /IN\s+NS\s+(\S+)/) {
- my $nsmatch = lc $1;
- $nsmatch =~ s/\.$//;
+ if ($rr->type eq 'NS') {
+ my $nsmatch = lc $rr->nsdname; # available since at least Net::DNS 0.14
my $nsrhblstr = $nsmatch;
my $fullnsrhblstr = $nsmatch;
@@ -1025,9 +1024,9 @@
}
dbg("uridnsbl: complete_a_lookup got(%d) A for %s: %s", $j,$hname,$str);
- local $1;
- if ($str =~ /IN\s+A\s+(\S+)/) {
- $self->lookup_dnsbl_for_ip($pms, $ent->{obj}, $1);
+ if ($rr->type eq 'A') {
+ my $ip_address = $rr->rdatastr;
+ $self->lookup_dnsbl_for_ip($pms, $ent->{obj}, $ip_address);
}
}
}
Improve Net::DNS package version checks. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766718
Index: spamassassin-3.4.0/lib/Mail/SpamAssassin/Dns.pm
Description: Improve Net::DNS package version checks.
This isn't strictly necessary right now, but does make version checks more
robust and should be forwarded upstream. In multiple places, spamassassin
contains tests against $Net::DNS::VERSION that assume the value is numeric. It
is not guaranteed to be numeric, and in cases where it isn't the tests trigger
warnings.
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766718
Forwarded: no
Index: spamassassin-3.4.2/lib/Mail/SpamAssassin/Dns.pm
===================================================================
--- spamassassin-3.4.0.orig/lib/Mail/SpamAssassin/Dns.pm 2014-02-07 00:36:28.000000000 -0800
+++ spamassassin-3.4.0/lib/Mail/SpamAssassin/Dns.pm 2014-11-14 13:38:27.515047348 -0800
@@ -511,14 +511,15 @@
--- spamassassin-3.4.2.orig/lib/Mail/SpamAssassin/Dns.pm
+++ spamassassin-3.4.2/lib/Mail/SpamAssassin/Dns.pm
@@ -520,14 +520,15 @@ sub is_dns_available {
# Check version numbers - runtime check only
if (defined $Net::DNS::VERSION) {
......@@ -21,18 +28,3 @@ Index: spamassassin-3.4.0/lib/Mail/SpamAssassin/Dns.pm
warn("dns: Net::DNS version is $Net::DNS::VERSION, but need 0.34");
return $IS_DNS_AVAILABLE;
}
Index: spamassassin-3.4.0/lib/Mail/SpamAssassin/Plugin/AskDNS.pm
===================================================================
--- spamassassin-3.4.0.orig/lib/Mail/SpamAssassin/Plugin/AskDNS.pm 2014-02-07 00:36:27.000000000 -0800
+++ spamassassin-3.4.0/lib/Mail/SpamAssassin/Plugin/AskDNS.pm 2014-11-14 14:07:51.671795329 -0800
@@ -211,7 +211,9 @@
$self->set_config($sa_main->{conf});
- $txtdata_can_provide_a_list = Net::DNS->VERSION >= 0.69;
+ use version 0.77;
+ $txtdata_can_provide_a_list =
+ version->parse(Net::DNS->VERSION) >= version->parse('0.69');
return $self;
}
upstream fix for bug #771408
Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/Conf/Parser.pm
===================================================================
--- spamassassin-3.4.1.orig/lib/Mail/SpamAssassin/Conf/Parser.pm
+++ spamassassin-3.4.1/lib/Mail/SpamAssassin/Conf/Parser.pm
@@ -536,6 +536,9 @@ sub handle_conditional {
elsif ($token eq 'perl_version') {
$eval .= $]." ";
}
+ elsif ($token eq 'perl_version') {
+ $eval .= $]." ";
+ }
elsif ($token =~ /^\w[\w\:]+$/) { # class name
my $u = untaint_var($token);
$eval .= '"' . $u . '" ';
Origin: upstream, https://svn.apache.org/viewvc/spamassassin/branches/3.4/lib/Mail/SpamAssassin/DnsResolver.pm?r1=1691992&r2=1691991&pathrev=1691992&view=patch
Bug: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7223
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=821385
Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/DnsResolver.pm
===================================================================
--- spamassassin-3.4.1.orig/lib/Mail/SpamAssassin/DnsResolver.pm
+++ spamassassin-3.4.1/lib/Mail/SpamAssassin/DnsResolver.pm
@@ -592,6 +592,9 @@ sub new_dns_packet {
};
if ($packet) {
+ # RD flag needs to be set explicitly since Net::DNS 1.01, Bug 7223
+ $packet->header->rd(1);
+
# my $udp_payload_size = $self->{res}->udppacketsize;
my $udp_payload_size = $self->{conf}->{dns_options}->{edns};
if ($udp_payload_size && $udp_payload_size > 512) {
This diff is collapsed.
Index: spamassassin-3.4.1/spamc/configure.pl
===================================================================
--- spamassassin-3.4.1.orig/spamc/configure.pl
+++ spamassassin-3.4.1/spamc/configure.pl
@@ -66,7 +66,7 @@ print join(' ', $Config{'perlpath'}, "ve
# Do the same thing as for the preprocessor below.
package version_h;
my $Z = $0;
- local $0 = "version.h.pl";
+ local $0 = "./version.h.pl";
local @ARGV = ();
# Got to check for defined because the script returns shell error level!
unless (defined do $0) {
This diff is collapsed.
Description: Support signer subdomain matching in whitelist_from_dkim
Origin: upstream, https://svn.apache.org/viewvc?view=revision&revision=1693414
Bug: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7226
Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/Plugin/DKIM.pm
===================================================================
--- spamassassin-3.4.1.orig/lib/Mail/SpamAssassin/Plugin/DKIM.pm
+++ spamassassin-3.4.1/lib/Mail/SpamAssassin/Plugin/DKIM.pm
@@ -178,13 +178,18 @@ sub set_config {
Works similarly to whitelist_from, except that in addition to matching
an author address (From) to the pattern in the first parameter, the message
-must also carry a Domain Keys Identified Mail (DKIM) signature made by a
-signing domain (SDID, i.e. the d= tag) that is acceptable to us.
+must also carry a valid Domain Keys Identified Mail (DKIM) signature made by
+a signing domain (SDID, i.e. the d= tag) that is acceptable to us.
Only one whitelist entry is allowed per line, as in C<whitelist_from_rcvd>.
Multiple C<whitelist_from_dkim> lines are allowed. File-glob style characters
are allowed for the From address (the first parameter), just like with
-C<whitelist_from_rcvd>. The second parameter does not accept wildcards.
+C<whitelist_from_rcvd>.
+
+The second parameter (the signing-domain) does not accept full file-glob style
+wildcards, although a simple '*.' (or just a '.') prefix to a domain name
+is recognized and implies any subdomain of the specified domain (but not
+the domain itself).
If no signing-domain parameter is specified, the only acceptable signature
will be an Author Domain Signature (sometimes called first-party signature)
@@ -205,7 +210,8 @@ Examples of whitelisting based on third-
whitelist_from_dkim jane@example.net example.org
whitelist_from_dkim rick@info.example.net example.net
whitelist_from_dkim *@info.example.net example.net
- whitelist_from_dkim *@* remailer.example.com
+ whitelist_from_dkim *@* mail7.remailer.example.com
+ whitelist_from_dkim *@* *.remailer.example.com
=item def_whitelist_from_dkim author@example.com [signing-domain]
@@ -376,7 +382,8 @@ some valid signature on a message has no
associated with a particular domain), regardless of its key size - anyone can
prepend its own signature on a copy of some third party mail and re-send it,
which makes it no more trustworthy than without such signature. This is also
-a reason for a rule DKIM_VALID to have a near-zero score.
+a reason for a rule DKIM_VALID to have a near-zero score, i.e. a rule hit
+is only informational.
=cut
@@ -1257,8 +1264,12 @@ sub _wlcheck_list {
# identity (AUID). Nevertheless, be prepared to accept the full e-mail
# address there for compatibility, and just ignore its local-part.
- $acceptable_sdid = $1 if $acceptable_sdid =~ /\@([^\@]*)\z/;
- $matches = 1 if $sdid eq lc $acceptable_sdid;
+ $acceptable_sdid = $1 if $acceptable_sdid =~ /\@([^\@]*)\z/s;
+ if ($acceptable_sdid =~ s/^\*?\.//s) {
+ $matches = 1 if $sdid =~ /\.\Q$acceptable_sdid\E\z/si;
+ } else {
+ $matches = 1 if $sdid eq lc $acceptable_sdid;
+ }
}
if ($matches) {
if (would_log("dbg","dkim")) {
Description: Import upstream fix for uninitialized value warning in Mail::SpamAssassin::PerMsgStatus::get_names_of_tests_hit_with_scores()
Origin: https://svn.apache.org/viewvc?view=revision&revision=1685843
Bug: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7212
Index: spamassassin-3.4.1/lib/Mail/SpamAssassin/PerMsgStatus.pm
===================================================================
--- spamassassin-3.4.1.orig/lib/Mail/SpamAssassin/PerMsgStatus.pm
+++ spamassassin-3.4.1/lib/Mail/SpamAssassin/PerMsgStatus.pm
@@ -738,7 +738,7 @@ test names and individual scores of the
sub get_names_of_tests_hit_with_scores_hash {
my ($self) = @_;
- my ($line, %testsscores);
+ my (%testsscores);
#BASED ON CODE FOR TESTSSCORES TAG - KAM 2014-04-24
foreach my $test (@{$self->{test_names_hit}}) {
@@ -763,6 +763,8 @@ sub get_names_of_tests_hit_with_scores {
my ($line, %testsscores);
+ $line = '';
+
#BASED ON CODE FOR TESTSSCORES TAG - KAM 2014-04-24
foreach my $test (sort @{$self->{test_names_hit}}) {
my $score = $self->{conf}->{scores}->{$test};
10_change_config_paths
20_edit_spamc_pod
30_edit_README
55_disable_nagios_epm
90_pod_cleanup
97_bug720499-pod-5.18
98_sa-compile-quiet
bug_766718-net-dns-vers
bug_771408_perl_version
disable_sslv3
bug_821385_dnsresolver
bug_835494_perl_INC
bug_760277_net_dns_URIDNSBL
dkim_subdomains
fix-uninitialized-concat
bug_828552-openssl-1.1.0
bug-869408-unescaped-brace-in-regex.patch
......@@ -127,10 +127,11 @@ binary-indep: build-indep install-indep
dh_installdocs -i
dh_installexamples -i
dh_systemd_enable -i --no-enable
dh_installinit -i --no-start -- defaults 19 21
dh_installinit -i --no-enable --no-start
dh_systemd_start -i --no-start
dh_installcron -i
dh_installchangelogs Changes -i
dh_lintian
dh_link -i
dh_compress -i -XGPG.KEY
dh_fixperms -i
......@@ -144,7 +145,7 @@ binary-indep: build-indep install-indep
build-arch: build-arch-stamp
#build-arch-stamp: configure debian/po/templates.pot
build-arch-stamp: configure
build-arch-stamp: configure-stamp
dh_testdir
......@@ -158,7 +159,7 @@ build-arch-stamp: configure
touch build-arch-stamp
install-arch: DH_OPTIONS=
install-arch: build-arch
install-arch: build-arch-stamp
dh_testdir
dh_testroot
dh_prep
......@@ -166,7 +167,7 @@ install-arch: build-arch
cp spamc/spamc debian/spamc/usr/bin/spamc
binary-arch: build-arch install-arch
binary-arch: build-arch-stamp install-arch
dh_testdir -a
dh_testroot -a
dh_installdocs -a
......
......@@ -8,6 +8,17 @@ sa_compile() {
if [ -x /usr/bin/re2c -a -x /usr/bin/sa-compile ]; then
echo "Running sa-compile (may take a long time)"
su - $OWNER -c "sa-compile --quiet"
# Fixup perms -- group and other should be able to
# read and execute, but never write. Works around
# sa-compile's failure to obey umask.
runuser -u debian-spamd -- \
chmod -R go-w,go+rX /var/lib/spamassassin/compiled
if command -v invoke-rc.d >/dev/null 2>&1; then
invoke-rc.d --quiet spamassassin status > /dev/null && \
invoke-rc.d spamassassin reload > /dev/null 2>&1 || true
else
/etc/init.d/spamassassin reload > /dev/null 2>&1 || true
fi
fi
}
......
......@@ -42,7 +42,8 @@ do_compile() {
# Fixup perms -- group and other should be able to
# read and execute, but never write. Works around
# sa-compile's failure to obey umask.
chmod -R go-w,go+rX /var/lib/spamassassin/compiled
runuser -u debian-spamd -- \
chmod -R go-w,go+rX /var/lib/spamassassin/compiled
fi
}
......
......@@ -4,11 +4,10 @@
# WARNING: please read README.spamd before using.
# There may be security risks.
# If you're using systemd (default for jessie), the ENABLED setting is
# not used. Instead, enable spamd by issuing:
# systemctl enable spamassassin.service
# Change to "1" to enable spamd on systems using sysvinit:
ENABLED=0
# Prior to version 3.4.2-1, spamd could be enabled by setting
# ENABLED=1 in this file. This is no longer supported. Instead, please
# use the update-rc.d command, invoked for example as "update-rc.d
# spamassassin enable", to enable the spamd service.
# Options
# See man spamd for possible options. The -d option is automatically added.
......
......@@ -8,3 +8,4 @@ usr/share/doc/spamassassin/rules
usr/share/spamassassin
usr/share/man/man8
usr/sbin
/var/lib/spamassassin
......@@ -5,7 +5,6 @@ UPGRADE
USAGE
NOTICE
#ldap/README
rules/STATISTICS*.txt
#spamd/README
spamd/README.vpopmail
sql/
......@@ -26,7 +26,6 @@ export TMPDIR=/tmp
# Apparently people have trouble if this isn't explicitly set...
# Defaults - don't touch, edit /etc/default/spamassassin
ENABLED=0
OPTIONS=""
NICE=
......@@ -36,6 +35,9 @@ test -f /etc/default/spamassassin && . /etc/default/spamassassin
DOPTIONS="-d --pidfile=$PIDFILE"
# Note: check_enabled should go away as soon as possible after the
# next stable release to complete the transition away from using
# ENABLED=1 in /etc/default/spamassassin
check_enabled() {
if [ "$ENABLED" = "0" ]; then
echo "$DESC: disabled, see /etc/default/spamassassin"
......@@ -51,30 +53,30 @@ case "$1" in
start)
check_enabled
echo -n "Starting $DESC: "
start-stop-daemon --start --pidfile $PIDFILE --name $DAEMON \
start-stop-daemon --start --pidfile $PIDFILE --name $NAME \
$NICE --oknodo --startas $DAEMON -- $OPTIONS $DOPTIONS
echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
start-stop-daemon --stop --pidfile $PIDFILE --name $DAEMON --oknodo
start-stop-daemon --stop --pidfile $PIDFILE --name $NAME --oknodo
echo "$NAME."
;;
reload|force-reload)
check_enabled
echo -n "Reloading $DESC: "
start-stop-daemon --stop --pidfile $PIDFILE --signal HUP --name $DAEMON
start-stop-daemon --stop --pidfile $PIDFILE --signal HUP --name $NAME
echo "$NAME."
;;
restart)
check_enabled
echo -n "Restarting $DESC: "
start-stop-daemon --stop --pidfile $PIDFILE --name $DAEMON \
start-stop-daemon --stop --pidfile $PIDFILE --name $NAME \
--retry 5 --oknodo
start-stop-daemon --start --pidfile $PIDFILE --name $DAEMON \
start-stop-daemon --start --pidfile $PIDFILE --name $NAME \
$NICE --oknodo --startas $DAEMON -- $OPTIONS $DOPTIONS
echo "$NAME."
......
# These will go away as soon as we've cleanly transitioned from ENABLED=1
init.d-script-should-always-start-service
duplicate-updaterc.d-calls-in-postinst
......@@ -11,9 +11,8 @@ if [ "$1" = "configure" ]; then
# If a new install, or an upgrade from 3.3.2-2 or earlier...
if ! getent passwd debian-spamd > /dev/null ; then
adduser --system --group --shell /bin/sh --disabled-password \
--home /var/lib/spamassassin debian-spamd
else
mkdir -p /var/lib/spamassassin
--home /var/lib/spamassassin --no-create-home \
debian-spamd
fi
OWNER=$(stat -c '%U' /var/lib/spamassassin)
......@@ -44,8 +43,45 @@ fi
#DEBHELPER#
# Note: the following mess should go away as soon as possible after
# the next stable release to complete the transition away from using
# ENABLED=1 in /etc/default/spamassassin
if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || \
[ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then
set +e
invoke-rc.d --query spamassassin start
code=$?
set -e
ENABLED=0
if [ -f /etc/default/spamassassin ]; then
. /etc/default/spamassassin
fi
if [ $code -eq 104 ] && \
! command -v systemctl > /dev/null ; then
# We're not using systemd and thus may have some sysvinit cleanup
# to do in order to comply with policy 9.3.3.1
if [ -z "$ENABLED" -o "$ENABLED" = 0 ]; then
# The rc?d symlinks are inconsistent with the value set in
# /etc/default/spamassassin. Update the symlinks to
# reflect the actual state.
update-rc.d -f spamassassin remove
update-rc.d -f spamassassin defaults-disabled
deb-systemd-helper disable spamassassin.service
fi
elif [ $code -eq 101 ] && \
command -v systemctl > /dev/null && \
[ $ENABLED -eq 1 ]; then
# We're running on a systemd system, and the service is not
# configured to start (the default), but the admin has
# previously enabled it via
# /etc/default/spamassassin. Preserve that configuration.
deb-systemd-helper enable spamassassin.service
fi
fi
if [ "$1" = "configure" ] && [ -n "$2" ]; then
if deb-systemd-helper was-enabled spamassassin.service > /dev/null; then
if deb-systemd-helper was-enabled spamassassin.service > /dev/null 2>&1; then
invoke-rc.d spamassassin restart
fi
fi
......@@ -32,6 +32,15 @@ install|upgrade)
rm_conffile spamassassin "/etc/logcheck/ignore.d.paranoid/spamassassin"
rm_conffile spamassassin "/etc/logcheck/violations.ignore.d/spamassassin"
fi
if dpkg --compare-versions "$2" lt-nl "3.4.2" &&
! command -v systemctl > /dev/null; then
# spamd changed its process name in 3.4.2. If we're running a
# previous version under sysvinit, we need to stop the old
# version
start-stop-daemon --stop --oknodo \
--pidfile /var/run/spamd.pid \
--name /usr/sbin/spamd
fi
esac
#DEBHELPER#