-
spamassassin (3.4.4-1ubuntu1.2) focal; urgency=medium
* d/p/fix-mkpath-untainted.patch: fix spamd running with virtual-config-dir
mkdir error (LP: #1799185)
-- Mitchell Dzurick <email address hidden> Fri, 24 Mar 2023 09:36:49 -0700
-
spamassassin (3.4.4-1ubuntu1.1) focal-security; urgency=medium
* SECURITY UPDATE: OS Command Injection in cf file parsing
- debian/patches/CVE-2020-1946.patch: fix header rule parsing in
lib/Mail/SpamAssassin/Conf/Parser.pm.
- CVE-2020-1946
-- Marc Deslauriers <email address hidden> Mon, 29 Mar 2021 12:54:59 -0400
-
spamassassin (3.4.4-1ubuntu1) focal; urgency=medium
* Update autopkgtest cases to python3
- d/t/get_spam_points.py: Fix py2-isms to work with either version.
- d/t/c: Require python3 instead of python
-- Bryce Harrington <email address hidden> Thu, 06 Feb 2020 01:13:48 +0000
-
spamassassin (3.4.4-1) unstable; urgency=medium
* New upstream release.
-- Noah Meyerhans <email address hidden> Thu, 30 Jan 2020 11:47:40 -0800
-
spamassassin (3.4.4~rc1-1) unstable; urgency=medium
* When creating the debian-spamd user, set its shell to /usr/sbin/nologin
(Closes: 920394, 918506)
* New upstream release candidate.
-- Noah Meyerhans <email address hidden> Mon, 20 Jan 2020 17:31:41 -0800
-
spamassassin (3.4.3-1) unstable; urgency=medium
[ Debian Janitor ]
* Use secure URI in debian/watch.
* Bump debhelper from old 9 to 12.
* Set debhelper-compat version in Build-Depends.
[ Noah Meyerhans ]
* New upstream release.
-- Noah Meyerhans <email address hidden> Thu, 12 Dec 2019 10:40:56 -0800
-
spamassassin (3.4.3~rc7-1) unstable; urgency=medium
* Don't install sandbox rules or .pre files in /usr/share/spamassassin.
* New upstream release candidate.
-- Noah Meyerhans <email address hidden> Mon, 25 Nov 2019 10:53:07 -0800
-
spamassassin (3.4.3~rc6+1-1) unstable; urgency=medium
* Repack the upstream rc6 snapshot, including missing components that are not
included in upstream's subversion tag.
-- Noah Meyerhans <email address hidden> Fri, 15 Nov 2019 07:02:22 -0800
-
spamassassin (3.4.3~rc6-1) unstable; urgency=medium
* New upstream release. (Closes: 878569)
* Clarify location of "site-specific" configuration in spamassassin man page.
(Closes: 426031)
-- Noah Meyerhans <email address hidden> Tue, 12 Nov 2019 10:47:49 -0800
-
spamassassin (3.4.2-2) unstable; urgency=medium
[ Ondřej Nový ]
* d/changelog: Remove trailing whitespaces
* d/control: Remove trailing whitespaces
* d/control: Remove XS-Testsuite field, not needed anymore
[ Noah Meyerhans ]
* Add libbsd-resource-perl to Suggests (Closes: 910434)
* Update debhelper build-dep to 11.1 to support the
dh_installinit --no-enable feature.
* Fix severity of some spamd logs. (Closes: 913571)
* Import upstream fix for "Not a HASH reference at
/usr/share/perl5/Mail/SpamAssassin/Plugin/FromNameSpoof.pm"
(Closes: 910435)
* Remove /var/lib/spamassassin/compiled during sa-compile upgrades.
* Move spamd pid file to from /var/run to /run
* Apply upstream fix for Mail::SpamAssassin::Plugin::ASN reports wrong
ASN for IPv6 (Closes: 918130)
-- Noah Meyerhans <email address hidden> Fri, 18 Oct 2019 11:22:48 -0700
-
spamassassin (3.4.2-1) unstable; urgency=medium
* New upstream release fixes multiple security vulnerabilities
- CVE-2017-15705: Denial of service issue in which certain unclosed
tags in emails cause markup to be handled incorrectly leading to
scan timeouts. (Closes: 908969)
- CVE-2016-1238: Unsafe usage of "." in @INC in a configuration
script.
- CVE-2018-11780: potential Remote Code Execution bug with the
PDFInfo plugin. (Closes: 908970)
- CVE-2018-11781: local user code injection in the meta rule syntax.
(Closes: 908971)
- BayesStore: bayes_expire table grows, remove_running_expire_tok not
called (Closes: 883775)
- Fix use of uninitialized variable warning in PDFInfo.pm
(Closes: 865924)
- Fix "failed to parse plugin" error in
Mail::SpamAssassin::Plugin::URILocalBL (Closes: 891041)
* Don't recursively chown /var/lib/spamassassin during postinst.
(Closes: 889501)
* Reload spamd after compiling rules in sa-compile.postinst.
* Preserve locally set ENABLED=1 setting from /etc/default/spamassassin
when installing on systemd-based systems. (Closes: 884163, 858457)
* Update SysV init script to cope with upstream's change to $0.
* Remove compiled rules upon removal of the sa-compile package.
* Ensure that /var/lib/spamassassin/compiled doesn't change modes with
the cron job's execution. (Closes: 890650)
* Update standards version to 4.2.1
* Create /var/lib/spamassassin via dpkg, rather than the postinst.
(Closes: 891833)
-- Noah Meyerhans <email address hidden> Sun, 30 Sep 2018 23:44:58 -0700
