| non port: mail/spamassassin/pkg-plist |
|
SVNWeb
|
Number of commits found: 17 |
|
Tue, 3 Jan 2023
|
[ 16:56 Cy Schubert (cy)  ]    3fdfceb
mail/spamassassin: Update 3.4.6 --> 4.0.0
The release announcement can be found at
https://svn.apache.org/repos/asf/spamassassin/trunk/build/announcements/\
4.0.0.txt.
A list of detailed changes can be found at
https://svn.apache.org/repos/asf/spamassassin/trunk/Changes.
|
|
Wed, 24 Mar 2021
|
[ 20:02 cy ]  
mail/spamassassin: Update 3.4.4 --> 3.4.5, fixing CVE-2020-1946
According to https://s.apache.org/ng9u9, 3.4.5 fixes CVE-2020-1946.
The announce text:
Apache SpamAssassin 3.4.5 was recently released [1], and fixes an issue
of security note where malicious rule configuration (.cf) files can be
configured to run system commands.
In Apache SpamAssassin before 3.4.5, exploits can be injected in a number
of scenarios. In addition to upgrading to SA 3.4.5, users should only use
update channels or 3rd party .cf files from trusted places.
Apache SpamAssassin would like to thank Damian Lukowski at credativ for
ethically reporting this issue. (Only the first 15 lines of the commit message are shown above  )
|
|
Fri, 13 Dec 2019
|
[ 20:03 cy ]
Update 3.4.2 --> 3.4.3
2019-12-11: Apache SpamAssassin 3.4.3 has been released! Apache
SpamAssassin 3.4.3 contains numerous tweaks and bug fixes as we prepare
to move to version 4.0.0 with better, native UTF-8 handling. There are a
number of functional patches, improvements as well as security reasons to
upgrade to 3.4.3. In this release, there is also one new plugin and there
are bug fixes for two CVEs:
CVE-2019-12420 for Multipart Denial of Service Vulnerability
CVE-2018-11805 for nefarious CF files can be configured to run system
commands without any output or errors.
PR: 242618
Submitted by: cy
Reported by: cy
Approved by: zeising (maintainer)
MFH: 2019Q4
Security: CVE-2019-12420, CVE-2018-11805
|
|
Tue, 13 Nov 2018
|
[ 21:11 zeising ]
mail/spamassassin: Revert r484326
Revert r484326, switch to gpg2, silence gpg2 memory warnings.
I have gotten multiple reports of this causing issues when upgrading or
installing. Revert this until I can look at this in more detail.
|
|
Tue, 6 Nov 2018
|
[ 20:46 zeising ]
mail/spamassassin: switch gpg version, silence gpg
Switch to use gpg2 instead of the old and mostly deprecated gpg as the
default gpg version.
Add a gpg.conf file to silence the warning about using insecure memory with
gpg2 [1].
Bump portrevision
Submitted by: Larry Rosenman (ler) [1]
|
|
Wed, 26 Sep 2018
|
[ 19:30 zeising ]
mail/spamassassin: Update to 3.4.2
Update mail/spamassassin to 3.4.2. This update includes security fixes.
For complete changelog and upgrade notes, see:
https://mail-archives.apache.org/mod_mbox/spamassassin-announce/201809.mbox/%3cc44ca0f1-cba9-b129-20b2-ba59816cfd13@apache.org%3e
Big thanks to Larry Rosenman (ler) for help with testing!
PR: 231412
Reported by: dewayne@heuristicsystems.com.au
Tested by: ler
MFH: 2018Q3
Security: 613193a0-c1b4-11e8-ae2d-54e1ad3d6335
|
|
Wed, 27 Jun 2018
|
[ 13:55 mat ] (Only the first 10 of 44 ports in this commit are shown above. )
Do not force stop services when a package is deinstalled.
Starting or stopping services is the role of pkg(8).
Sponsored by: Absolight
|
|
Mon, 7 Nov 2016
|
[ 00:59 adamw ]
Follow up to r425497. sa-update isn't the problem, it's sa-update in
the plist. Remove the UPDATE_ON_INSTALL option entirely, and just add
a blurb to the pkg-message instructing people to run sa-update and
sa-compile manually.
Thanks to Matthew Fuller for prodding a better solution.
|
|
Sun, 6 Nov 2016
|
[ 15:38 adamw ]
For quite a while now, the only update server for SpamAssassin hasn't
had a valid DNS entry. People have asked about it on the mailing list
as far back as August, but literally nobody has replied to any of those
posts, and no commits or wiki updates have been made regarding this,
making it reasonably appear that nobody on the SpamAssassin team has
noticed or cares that SpamAssassin no longer updates.
For now, just add a patch that turns sa-update(1) into a no-op.
While here, add a couple simple Makefile tweaks and bump PORTREVISION.
|
|
Sat, 3 Oct 2015
|
[ 18:21 adamw ]
Add upstream r1684653 from bug #7208, which fixes warnings stemming from
calling each/keys on a hashref.
While here, convert @unexec stuff into preunexec and postunexec.
Submitted by: Larry Rosenman
Obtained from: https://svn.apache.org/viewvc?view=revision&revision=1684653
|
|
Mon, 14 Sep 2015
|
[ 12:19 mat ] (Only the first 10 of 546 ports in this commit are shown above. )
Make it so that the default Perl is always called perl5.
- Move Perl's man1 files along with its man3 files.
- Move where Perl installs its modules man1 pages.
- Convert the ports installing man1 pages.
- Make different Perl versions installable at the same time.
Though you should note that only the default version can be used to
install Perl modules, and the non default Perl versions cannot use the
modules installed via ports if they contain .so as they are installed
in a version specific directory.
Reviewed by: bapt (the Mk bits)
Exp-run by: antoine
Sponsored by: Absolight
Differential Revision: https://reviews.freebsd.org/D3542
|
|
Thu, 30 Apr 2015
|
[ 02:58 adamw ]
Correct botched group name in plist. PORTREVISION bump for plist change.
Submitted by: Terry Kennedy
|
|
Wed, 29 Apr 2015
|
[ 18:46 adamw ] (Only the first 10 of 11 ports in this commit are shown above. )
Update spamassassin to 3.4.1.
Changes:
* improved automation to help combat spammers that are abusing new top level
domains;
* tweaks to the SPF support to block more spoofed emails;
* increased character set normalization to make rules easier to develop and
stop spammers from using alternate character sets to bypass tests;
* continued refinement to the native IPv6 support; and
* improved Bayesian classification with better debugging and attachment
hashing.
Full ChangeLog at https://metacpan.org/changes/distribution/Mail-SpamAssassin
The japanese/spamassassin port is broken until it's updated for 3.4.1.
|
|
Sun, 30 Nov 2014
|
[ 21:26 adamw ]
Add a patch from SA bug #7107, to quiet warnings due to bad usage of $^V
that show up during sa-learn, sa-compile, etc.
Note that other warnings can still show up, ex.:
zoom: rule __FOR_SALE_PRC_100K will loop on SpamAssassin older than 3.3.2
running under Perl 5.12 or older, Bug 6558
While here, go with the @dir new world order. SA is not poudriere clean at this
time;
/var/spool/spamd is the homedir of user spamd, so I am pretty sure it shouldn't
be
listed with @dir. QA sees this as a leftover dir.
PR: 195524
Submitted by: Bernard Spil
|
|
Wed, 26 Nov 2014
|
[ 13:08 mat ] (Only the first 10 of 10077 ports in this commit are shown above. )
Change the way Perl modules are installed, update the default Perl to 5.18.
Before, we had:
site_perl : lib/perl5/site_perl/5.18
site_perl/perl_arch : lib/perl5/site_perl/5.18/mach
perl_man3 : lib/perl5/5.18/man/man3
Now we have:
site_perl : lib/perl5/site_perl
site_arch : lib/perl5/site_perl/mach/5.18
perl_man3 : lib/perl5/site_perl/man/man3
Modules without any .so will be installed at the same place regardless of the (Only the first 15 lines of the commit message are shown above )
|
|
Thu, 1 May 2014
|
[ 17:01 adamw ]
Improvements.
Let pkg-create handle ownership/mode better. Use @dirrmtry instead of
@unexec rmdir. Use COPYTREE_SHARE to ensure proper permissions.
Also, stop the spamd service on deinstall if it's running. It creates
zombie issues otherwise... I'm pretty sure this is the right thing to
do.
|
|
Sun, 16 Mar 2014
|
[ 14:24 adamw ]
The release notes for 3.4.0 were never included in the tarball from
upstream. We include the missing commit, and also the release notes
themselves for good measure.
PR: ports/187632
Submitted by: Spil <spil.oss@gmail.com>
Also, as long as we're here, pet portlint a little bit (though it
still complains loudly about other things).
|
Number of commits found: 17 |
As an Amazon Associate I earn from qualifying purchases.