head	1.4;
access;
symbols
	pkgsrc-2013Q2:1.4.0.38
	pkgsrc-2013Q2-base:1.4
	pkgsrc-2012Q4:1.4.0.36
	pkgsrc-2012Q4-base:1.4
	pkgsrc-2011Q4:1.4.0.34
	pkgsrc-2011Q4-base:1.4
	pkgsrc-2011Q2:1.4.0.32
	pkgsrc-2011Q2-base:1.4
	pkgsrc-2009Q4:1.4.0.30
	pkgsrc-2009Q4-base:1.4
	pkgsrc-2008Q4:1.4.0.28
	pkgsrc-2008Q4-base:1.4
	pkgsrc-2008Q3:1.4.0.26
	pkgsrc-2008Q3-base:1.4
	cube-native-xorg:1.4.0.24
	cube-native-xorg-base:1.4
	pkgsrc-2008Q2:1.4.0.22
	pkgsrc-2008Q2-base:1.4
	pkgsrc-2008Q1:1.4.0.20
	pkgsrc-2008Q1-base:1.4
	pkgsrc-2007Q4:1.4.0.18
	pkgsrc-2007Q4-base:1.4
	pkgsrc-2007Q3:1.4.0.16
	pkgsrc-2007Q3-base:1.4
	pkgsrc-2007Q2:1.4.0.14
	pkgsrc-2007Q2-base:1.4
	pkgsrc-2007Q1:1.4.0.12
	pkgsrc-2007Q1-base:1.4
	pkgsrc-2006Q4:1.4.0.10
	pkgsrc-2006Q4-base:1.4
	pkgsrc-2006Q3:1.4.0.8
	pkgsrc-2006Q3-base:1.4
	pkgsrc-2006Q2:1.4.0.6
	pkgsrc-2006Q2-base:1.4
	pkgsrc-2006Q1:1.4.0.4
	pkgsrc-2006Q1-base:1.4
	pkgsrc-2005Q4:1.4.0.2
	pkgsrc-2005Q4-base:1.4
	pkgsrc-2005Q3:1.2.0.14
	pkgsrc-2005Q3-base:1.2
	pkgsrc-2005Q2:1.2.0.12
	pkgsrc-2005Q2-base:1.2
	pkgsrc-2005Q1:1.2.0.10
	pkgsrc-2005Q1-base:1.2
	pkgsrc-2004Q4:1.2.0.8
	pkgsrc-2004Q4-base:1.2
	pkgsrc-2004Q3:1.2.0.6
	pkgsrc-2004Q3-base:1.2
	pkgsrc-2004Q2:1.2.0.4
	pkgsrc-2004Q2-base:1.2
	pkgsrc-2004Q1:1.2.0.2
	pkgsrc-2004Q1-base:1.2;
locks; strict;
comment	@# @;


1.4
date	2005.11.22.13.03.22;	author rillig;	state dead;
branches;
next	1.3;

1.3
date	2005.11.22.10.35.00;	author rillig;	state Exp;
branches;
next	1.2;

1.2
date	2003.12.27.19.16.04;	author heinz;	state dead;
branches;
next	1.1;

1.1
date	2003.12.01.16.04.40;	author heinz;	state Exp;
branches;
next	;


desc
@@


1.4
log
@Removed patch-ar again, as I have found a way to exploit it. Bumped
PKGREVISION.
@
text
@$NetBSD: patch-ar,v 1.3 2005/11/22 10:35:00 rillig Exp $

See http://mail-index.netbsd.org/tech-pkg/2005/11/22/0003.html

--- lib/Mail/SpamAssassin/Conf/Parser.pm.orig	Fri Aug 12 02:38:46 2005
+++ lib/Mail/SpamAssassin/Conf/Parser.pm	Tue Nov 22 11:31:13 2005
@@@@ -908,6 +908,12 @@@@ sub is_regexp_valid {
   # will therefore open a hole!
   if (eval { ("" =~ m#${re}#); 1; }) {
 
+    # untaint $safere. We know it's safe since $re, which is derived from
+    # $safere, passed the above test for code injection. Just good that
+    # Perl prevents injection of (?{...}) and (??{...}) groups automatically,
+    # so we don't need to check for that.
+    if ($safere =~ m#^(.*)$#) { $safere = $1; }
+    
     # now double-check -- try with the user-supplied delimiters as well
     my $evalstr = '("" =~ '.$safere.'); 1;';
     if (eval $evalstr) {
@


1.3
log
@Added patch-ar, which fixes a Perl error in tainted mode. Removed the
checksum of the non-existant patch-ax from distinfo.
@
text
@d1 1
a1 1
$NetBSD$
@


1.2
log
@Update to version 2.61

Summary of major changes since 2.60
-----------------------------------

  - Dramatically reduced memory usage of Bayes expiry.
  - avoid false positives on Outlook 2003 messages, mails from Mac, Palm, and
    localized versions of Eudora, several AOL MUAs, and newer versions of The
    Bat!
  - new set of French translations from Michel Bouissou
  - updated to reflect new Dynablock DNSBL location
  - avoids a possible hole that was giving AWL bonuses to
    spammer forgeries on some networks
  - miscellaneous bug fixes
@
text
@d1 1
a1 1
$NetBSD: patch-ar,v 1.1 2003/12/01 16:04:40 heinz Exp $
d3 17
a19 10
--- rules/30_text_de.cf.orig	Thu Aug 28 03:05:24 2003
+++ rules/30_text_de.cf
@@@@ -168,7 +168,6 @@@@ lang de describe DNS_FROM_RFCI_DSN Absen
 lang de describe HABEAS_VIOLATOR Sender verletzt das Warenzeichen der Firma Habeas
 lang de describe RCVD_IN_BSP_TRUSTED Senderechner in Liste von http://www.bondedsender.org/
 lang de describe RCVD_IN_BSP_OTHER Senderechner in Liste von http://www.bondedsender.org/
-lang de describe RCVD_IN_DYNABLOCK Senderechner nur temporär mit Internet verbunden
 lang de describe RCVD_IN_BL_SPAMCOP_NET Transportiert via Rechner in Liste von www.spamcop.net
 lang de describe RCVD_IN_MAPS_RBL Transportiert via Rechner in Liste von http://www.mail-abuse.org/rbl/
 lang de describe RCVD_IN_MAPS_DUL Transportiert via Rechner in Liste von http://www.mail-abuse.org/dul/
@


1.1
log
@Remove DNSBL rules using *.easynet.nl (shut down today, see http://abuse.easynet.nl/dynablocker.html
@
text
@d1 1
a1 1
$NetBSD$
@