ports/113719: [maintainer update] SpamAssassin to 3.2.1
Michael Scheidell
scheidell at secnap.net
Fri Jun 15 20:40:04 UTC 2007
>Number: 113719
>Category: ports
>Synopsis: [maintainer update] SpamAssassin to 3.2.1
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Fri Jun 15 20:40:03 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Michael Scheidell
>Release: all, 5.5 up.
>Organization:
SECNAP Network Security
>Environment:
FreeBSD mirror.secnap.com 5.5-RELEASE-p8 FreeBSD 5.5-RELEASE-p8 #1: Mon Oct 2 09:31:23 EDT 2006 scheidell at mirror.secnap.com:/usr/obj/usr/src/sys/HACKERTRAP_305 i386
>Description:
Maintainer update to SpamAssassin 3.2.1.
CVE reference: CVE-2007-2873
Description:
A local user symlink-attack DoS vulnerability in SpamAssassin has been found,
affecting versions 3.1.x, 3.2.0, and SVN trunk. It has been assigned
CVE-2007-2873. Details:
- It only affects systems where spamd is run as root, is used with vpopmail or
virtual users via the "-v"/"--vpopmail" OR "--virtual-config-dir" switch, AND
with the "-x"/"--no-user-config AND WITHOUT the "-u"/"--username" switch AND
with the "-l"/"--allow-tell" switch.
ports issues:
sometimes SA files with error about Zlib versions unless EVERYTHING is > 2.04, so added dependency.
Removed dependency tar (not needed anymore)
Added in support for libspamc, eliminate using Encode.pm and sa-compile on 4.xx systems (doesn't compile)
Spf needs p5-NetAddr-IP>=4.00.7
see http://www.freebsd.org/cgi/query-pr.cgi?pr=113638
Razor needs > 2.84
see http://www.freebsd.org/cgi/query-pr.cgi?pr=112522
fixed bug in regex for v320.pre
Added warning about running spamd as root.
needed to patch spamc/Makefile.in for !i386 systems
>How-To-Repeat:
na
>Fix:
patches attached.
Patch attached with submission follows:
diff -bBru /var/tmp/p5-Mail-SpamAssassin-3.20/Makefile ./Makefile
--- /var/tmp/p5-Mail-SpamAssassin-3.20/Makefile Sat Jun 2 03:09:46 2007
+++ ./Makefile Fri Jun 15 16:15:18 2007
@@ -6,7 +6,7 @@
#
PORTNAME= Mail-SpamAssassin
-PORTVERSION= 3.2.0
+PORTVERSION= 3.2.1
CATEGORIES= mail perl5
MASTER_SITES= ${MASTER_SITE_APACHE:S/$/:apache/} ${MASTER_SITE_PERL_CPAN:S/$/:cpan/}
MASTER_SITE_SUBDIR= spamassassin/source/:apache Mail/:cpan
@@ -19,13 +19,13 @@
BUILD_DEPENDS= p5-Net-DNS>=0.58:${PORTSDIR}/dns/p5-Net-DNS \
p5-IO-Zlib>=1.04:${PORTSDIR}/archivers/p5-IO-Zlib \
p5-HTML-Parser>=3.43:${PORTSDIR}/www/p5-HTML-Parser \
+ p5-IO-Compress-Zlib>=2.04:${PORTSDIR}/archivers/p5-IO-Compress-Zlib \
p5-Compress-Zlib>=2.04:${PORTSDIR}/archivers/p5-Compress-Zlib \
${SITE_PERL}/Mail/Internet.pm:${PORTSDIR}/mail/p5-Mail-Tools
RUN_DEPENDS= ${BUILD_DEPENDS} \
${SITE_PERL}/Bundle/LWP.pm:${PORTSDIR}/www/p5-libwww \
- p5-Archive-Tar>=1.23:${PORTSDIR}/archivers/p5-Archive-Tar \
- ${SITE_PERL}/mach/Encode/Detect.pm:${PORTSDIR}/converters/p5-Encode-Detect
+ p5-Archive-Tar>=1.23:${PORTSDIR}/archivers/p5-Archive-Tar
PERL_CONFIGURE= yes
CONFIGURE_ARGS= SYSCONFDIR="${PREFIX}/etc" \
@@ -49,6 +49,14 @@
.include <bsd.port.pre.mk>
+USE_LDCONFIG=yes
+
+.if ${OSVERSION} > 500000
+RUN_DEPENDS+= ${SITE_PERL}/mach/Encode/Detect.pm:${PORTSDIR}/converters/p5-Encode-Detect
+.else
+WITH_SACOMPILE=''
+.endif
+
.if defined (WITH_SPAMC)
CONFIGURE_ARGS+= BUILD_SPAMC=yes
.else
@@ -58,6 +66,8 @@
.endif
.if defined(WITH_SPF_QUERY)
+RUN_DEPENDS+= p5-NetAddr-IP>=4.00.7:${PORTSDIR}/net-mgmt/p5-NetAddr-IP
+# see http://www.freebsd.org/cgi/query-pr.cgi?pr=113638
RUN_DEPENDS+= ${SITE_PERL}/Mail/SPF.pm:${PORTSDIR}/mail/p5-Mail-SPF
.endif
@@ -85,9 +95,8 @@
.endif
.if defined(WITH_RAZOR)
-RUN_DEPENDS+= razor-agents>=2.81:${PORTSDIR}/mail/razor-agents
+RUN_DEPENDS+= razor-agents>=2.84:${PORTSDIR}/mail/razor-agents
# see http://www.freebsd.org/cgi/query-pr.cgi?pr=112522
-# really needs razor-agents>=2.82_1
.endif
.if defined(WITH_DKIM)
@@ -217,11 +226,26 @@
${REINPLACE_CMD} -e '/DCC/s/^#loadplugin/loadplugin/' ${WRKSRC}/rules/v310.pre
.endif
.if defined(WITH_SACOMPILE)
- ${REINPLACE_CMD} -e '/Rule2XSBody/s/^#loadplugin/loadplugin/' ${WRKSRC}/rules/v320.pre
+ ${REINPLACE_CMD} -e '/Rule2XSBody/s/^# loadplugin/loadplugin/' ${WRKSRC}/rules/v320.pre
+.endif
+
+post-build:
+ @(cd ${BUILD_WRKSRC}; ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} ${MAKE_ARGS} spamc/libspamc.so)
+.if !defined(WITHOUT_SSL)
+ @(cd ${BUILD_WRKSRC}; ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} ${MAKE_ARGS} spamc/libsslspamc.so)
.endif
pre-install:
@${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
+ ${INSTALL_DATA} ${WRKSRC}/spamc/libspamc.so ${PREFIX}/lib
+ ${INSTALL_DATA} ${WRKSRC}/spamc/libspamc.h ${PREFIX}/include
+.if !defined(WITHOUT_SSL)
+ ${INSTALL_DATA} ${WRKSRC}/spamc/libsslspamc.so ${PREFIX}/lib
+.endif
+
+.if ${OSVERSION} < 500000
+ @${SED} -i "" "s| /etc/rc.subr| ${PREFIX}/etc/rc.subr|" work/sa-spamd.sh
+.endif
post-install:
@${STRIP_CMD} ${PREFIX}/bin/spamc
diff -bBru /var/tmp/p5-Mail-SpamAssassin-3.20/distinfo ./distinfo
--- /var/tmp/p5-Mail-SpamAssassin-3.20/distinfo Sat Jun 2 03:09:46 2007
+++ ./distinfo Tue Jun 12 21:02:45 2007
@@ -1,3 +1,3 @@
-MD5 (Mail-SpamAssassin-3.2.0.tar.gz) = aed988bb6cf463afc868a64d4cd771a3
-SHA256 (Mail-SpamAssassin-3.2.0.tar.gz) = 4690d2639075dfd376acb3540697861e167a917fd6332bf62b2e754d26ee99be
-SIZE (Mail-SpamAssassin-3.2.0.tar.gz) = 1290995
+MD5 (Mail-SpamAssassin-3.2.1.tar.gz) = a7d51294c565999da01f212e5ad2a031
+SHA256 (Mail-SpamAssassin-3.2.1.tar.gz) = e0925d9c490bb8f1e56c3b850b50b12b124536dfe581b23d3c25715b1ce9ebf7
+SIZE (Mail-SpamAssassin-3.2.1.tar.gz) = 1193561
diff -bBru /var/tmp/p5-Mail-SpamAssassin-3.20/files/patch-sa-compile.raw ./files/patch-sa-compile.raw
--- /var/tmp/p5-Mail-SpamAssassin-3.20/files/patch-sa-compile.raw Sat Jun 2 03:09:46 2007
+++ ./files/patch-sa-compile.raw Wed Jun 13 11:24:13 2007
@@ -1,20 +1,21 @@
--- sa-compile.raw.orig Tue May 1 09:54:33 2007
+++ sa-compile.raw Thu May 3 13:35:23 2007
-@@ -636,7 +636,7 @@
+@@ -643,7 +643,7 @@
-p prefs, --prefspath=file, --prefs-file=file
Set user preferences file
--siteconfigpath=path Path for site configs
- (default: /etc/mail/spamassassin)
+ (default: @@LOCAL_RULES_DIR@@)
+ --updatedir=path Directory to place updates
+- (default: /var/lib/spamassassin/compiled/<version>)
++ (default: @@LOCAL_STATE_DIR@@/compiled/<version>)
--cf='config line' Additional line of configuration
- -D, --debug [area=n,...] Print debugging messages
- -V, --version Print version
-@@ -683,12 +683,12 @@
+@@ -692,12 +692,12 @@
=item B<-C> I<path>, B<--configpath>=I<path>, B<--config-file>=I<path>
Use the specified path for locating the distributed configuration files.
-Ignore the default directories (usually C</usr/share/spamassassin> or similar).
-+Ignore the default directories (usually <@@DEF_RULES_DIR@@> or similar).
++Ignore the default directories (usually C<@@DEF_RULES_DIR@@> or similar).
=item B<--siteconfigpath>=I<path>
@@ -22,5 +23,5 @@
-the default directories (usually C</etc/mail/spamassassin> or similar).
+the default directories (usually C<@@LOCAL_RULES_DIR@@> or similar).
- =item B<--cf='config line'>
+ =item B<--updatedir>
diff -bBru /var/tmp/p5-Mail-SpamAssassin-3.20/files/patch-spamc-Makefile.in ./files/patch-spamc-Makefile.in
--- /var/tmp/p5-Mail-SpamAssassin-3.20/files/patch-spamc-Makefile.in Fri Jun 15 16:12:40 2007
+++ ./files/patch-spamc-Makefile.in Wed Jun 13 22:10:05 2007
@@ -0,0 +1,20 @@
+--- spamc/Makefile.in~ Fri Jun 8 14:56:02 2007
++++ spamc/Makefile.in Thu Jun 14 00:41:37 2007
+@@ -7,4 +7,5 @@
+ LDFLAGS = @LDFLAGS@
+ LDDLFLAGS = @LDDLFLAGS@
++SHLIBFLAGS = -fPIC
+
+ LIBS = @LIBS@
+@@ -33,9 +34,9 @@
+
+ spamc/libspamc$(SHLIBEXT): $(LIBSPAMC_FILES)
+- $(CC) $(CCDLFLAGS) $(LIBSPAMC_FILES) \
++ $(CC) $(CCDLFLAGS) $(SHLIBFLAGS) $(LIBSPAMC_FILES) \
+ -o $@ $(LDDLFLAGS) $(LIBS)
+
+ spamc/libsslspamc$(SHLIBEXT): $(LIBSPAMC_FILES)
+- $(CC) $(SSLCFLAGS) $(CCDLFLAGS) $(LIBSPAMC_FILES) \
++ $(CC) $(SSLCFLAGS) $(CCDLFLAGS) $(SHLIBFLAGS) $(LIBSPAMC_FILES) \
+ -o $@ $(LDDLFLAGS) $(SSLLIBS) $(LIBS)
+
diff -bBru /var/tmp/p5-Mail-SpamAssassin-3.20/pkg-message ./pkg-message
--- /var/tmp/p5-Mail-SpamAssassin-3.20/pkg-message Sat Jun 2 03:09:46 2007
+++ ./pkg-message Tue Jun 5 19:38:30 2007
@@ -25,3 +25,10 @@
that sa-update now places state files in /var/db/spamassassin
and not the default /var/lib/spamassassin. This is to be consistant
with Freebsd file directory conventions
+
+If you are running with spamd, you must add the following to rc.conf:
+spamd_enable="YES"
+
+Security Note: If you did NOT deselected AS_ROOT, spamd will be running
+as root. To change this, also add this to rc.conf:
+spamd_flags="-u spamd -H /var/spool/spamd"
diff -bBru /var/tmp/p5-Mail-SpamAssassin-3.20/pkg-plist ./pkg-plist
--- /var/tmp/p5-Mail-SpamAssassin-3.20/pkg-plist Sat Jun 2 03:09:46 2007
+++ ./pkg-plist Thu Jun 7 08:27:14 2007
@@ -6,6 +6,9 @@
bin/spamassassin
bin/spamc
bin/spamd
+lib/libspamc.so
+lib/libsslspamc.so
+include/libspamc.h
@unexec rm -rf %D/etc/mail/spamassassin/sa-update-keys || true
etc/mail/spamassassin/local.cf.sample
@unexec if cmp -s %B/init.pre.sample %B/init.pre; then rm -f %B/init.pre; fi
Only in ./: sa321.patch
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list