head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.40
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.38
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.36
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.34
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2009Q4:1.2.0.32
	pkgsrc-2009Q4-base:1.2
	pkgsrc-2008Q4:1.2.0.30
	pkgsrc-2008Q4-base:1.2
	pkgsrc-2008Q3:1.2.0.28
	pkgsrc-2008Q3-base:1.2
	cube-native-xorg:1.2.0.26
	cube-native-xorg-base:1.2
	pkgsrc-2008Q2:1.2.0.24
	pkgsrc-2008Q2-base:1.2
	pkgsrc-2008Q1:1.2.0.22
	pkgsrc-2008Q1-base:1.2
	pkgsrc-2007Q4:1.2.0.20
	pkgsrc-2007Q4-base:1.2
	pkgsrc-2007Q3:1.2.0.18
	pkgsrc-2007Q3-base:1.2
	pkgsrc-2007Q2:1.2.0.16
	pkgsrc-2007Q2-base:1.2
	pkgsrc-2007Q1:1.2.0.14
	pkgsrc-2007Q1-base:1.2
	pkgsrc-2006Q4:1.2.0.12
	pkgsrc-2006Q4-base:1.2
	pkgsrc-2006Q3:1.2.0.10
	pkgsrc-2006Q3-base:1.2
	pkgsrc-2006Q2:1.2.0.8
	pkgsrc-2006Q2-base:1.2
	pkgsrc-2006Q1:1.2.0.6
	pkgsrc-2006Q1-base:1.2
	pkgsrc-2005Q4:1.2.0.4
	pkgsrc-2005Q4-base:1.2
	pkgsrc-2005Q3:1.2.0.2;
locks; strict;
comment	@# @;


1.2
date	2005.11.13.22.48.32;	author heinz;	state dead;
branches
	1.2.2.1;
next	1.1;

1.1
date	2005.11.13.05.08.00;	author heinz;	state Exp;
branches;
next	;

1.2.2.1
date	2005.11.13.22.48.32;	author salo;	state dead;
branches;
next	1.2.2.2;

1.2.2.2
date	2005.11.22.00.34.24;	author salo;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Updated to version 3.1.0.

Pkgsrc changes:
  - p5-Storable is no longer a necessary.
  - Let DragonFlyBSD also use the rc.d script (patch-ad).
  - Sa-update needs p5-libwww (for LWP::UserAgent, HTTP::Date),
    p5-Archive-Tar and p5-IO-Zlib.
  - Many of the plugins are available as pkgsrc packages (p5-Mail-SPF-Query,
    p5-IP-Country, p5-Net-Ident, ...) but are not required.
  - Renamed some options to follow the naming conventions described in the
    pkgsrc guide.
  - Removed patch-ax again; it is already incorporated in 3.1.0.

  - Reworked DESCR to use less than 25 lines.
  - Removed SPAMASSASSIN_VERSION for clarity of DISTNAME and PKGNAME.
  - Prepended variables internal to the package with an underscore.
  - Rearranged MAKE_PARAMS alphabetically.
  - Simplified some internal variables (concatenation instead of
    substitution: _EGDIR, _DOCDIR,...)
  - Loop variables use all lower-case now.
  - Added a rule to lower score for mail from pkgsrc-bugs in netbsd_lists.cf.
  - The test t/spf.t (fails for SPF_HELO_*) has a know problem (SA Bug 4685).

Relevant changes since version 3.0.4:
=====================================
- Apache preforking algorithm adopted; number of spamd child processes is now
  scaled, according to demand.  This provides better VM behaviour when not
  under peak load.

- Inclusion of sa-update script which will allow for updates of rules and
  scores in between code releases.

- added PostgreSQL, MySQL 4.1+, and local SDBM file Bayes storage modules. SQL
  storage is now recommended for Bayes, instead of DB_File. NDBM_File support
  has been dropped due to a major bug in that module.

- detect legitimate SMTP AUTH submission, to avoid false positives on
  Dynablock-style rules.

- new Advance Fee Fraud (419 scam) rules.

- removed use of the Storable module, due to several reported hangs on SMP
  Linux machines.

- Converted several rule/engine components into Plugins such as:
  AccessDB, AWL, Pyzor, Razor2, DCC, Bayes AutoLearn Determination, etc.

- new plugins: DomainKeys (off by default), MIMEHeader: a new plugin to perform
  tests against header in internal MIME structure, ReplaceTags: plugin by Felix
  Bauer to support fuzzy text matching, WhiteListSubject: plugin added to
  support user whitelists by Subject header.

- TextCat language guesser moved to a plugin.  (This means "ok_languages"
  is no longer part of the core engine by default.)

- Razor: disable Razor2 support by default per our policy, since the
  service is not free for non-personal use.  It's trivial to reenable.

- DCC: disable DCC for similar reasons, due to new license terms.

- Net::DNS bug: high load caused answer packets to be mixed up and delivered as
  answers to the wrong request, causing false positives.  worked around.

- DNSBL lookups and other DNS operations are now more efficient, by using a
  custom single-socket event-based model instead of Net::DNS.

- add support for accreditation services, including Habeas v2.

- better URI parsing -- many evasion tricks now caught.

- URIBL lookups are prioritized based on the location in the message
  the URI was found.

- mass-check now supports reusing realtime DNSBL hit results, and sample-based
  Bayes autolearning emulation, to reduce complexity.

- sa-learn, spamassassin and mass-check now have optional progress bars.

- modify header ordering for DomainKeys compatibility, by placing markup
  headers at the top of the message instead at the bottom of the list.

- spamd/spamc now support remote Bayes training, and reporting spam.

- spamc now supports reading its flags from a configuration file using the -F
  switch, contributed by John Madden.

- added SPF-based whitelisting.

- Polish rules contributed by Radoslaw Stachowiak.

- many rule changes and additions.
@
text
@$NetBSD: patch-ax,v 1.1 2005/11/13 05:08:00 heinz Exp $

--- lib/Mail/SpamAssassin/Message.pm.orig	Mon Jun  6 03:31:23 2005
+++ lib/Mail/SpamAssassin/Message.pm
@@@@ -324,7 +324,7 @@@@ sub get_pristine_header {
   my ($self, $hdr) = @@_;
   
   return $self->{pristine_headers} unless $hdr;
-  my(@@ret) = $self->{pristine_headers} =~ /^(?:$hdr:[ \t]+(.*\n(?:\s+\S.*\n)*))/mig;
+  my(@@ret) = $self->{pristine_headers} =~ /^\Q$hdr\E:[ \t]+(.*?\n(?![ \t]))/smgi;
   if (@@ret) {
     return wantarray ? @@ret : $ret[-1];
   }
@


1.2.2.1
log
@file patch-ax was added on branch pkgsrc-2005Q3 on 2005-11-13 22:48:32 +0000
@
text
@d1 13
@


1.2.2.2
log
@Pullup ticket 919 - requested by Klaus Heinz
security fix for spamassassin

Revisions pulled up:
- pkgsrc/mail/spamassassin/Makefile		1.61
- pkgsrc/mail/spamassassin/distinfo		1.31
- pkgsrc/mail/spamassassin/patches/patch-ax	1.1

   Module Name:		pkgsrc
   Committed By:	heinz
   Date:		Sun Nov 13 05:08:00 UTC 2005

   Modified Files:
   	pkgsrc/mail/spamassassin: Makefile distinfo
   Added Files:
   	pkgsrc/mail/spamassassin/patches: patch-ax

   Log Message:
   Added a patch to fix a potential DoS vulnerability (CVE-2005-3351).
   See
     http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4570
     http://secunia.com/advisories/17386
@
text
@a0 13
$NetBSD: patch-ax,v 1.2.2.1 2005/11/22 00:34:24 salo Exp $

--- lib/Mail/SpamAssassin/Message.pm.orig	Mon Jun  6 03:31:23 2005
+++ lib/Mail/SpamAssassin/Message.pm
@@@@ -324,7 +324,7 @@@@ sub get_pristine_header {
   my ($self, $hdr) = @@_;
   
   return $self->{pristine_headers} unless $hdr;
-  my(@@ret) = $self->{pristine_headers} =~ /^(?:$hdr:[ \t]+(.*\n(?:\s+\S.*\n)*))/mig;
+  my(@@ret) = $self->{pristine_headers} =~ /^\Q$hdr\E:[ \t]+(.*?\n(?![ \t]))/smgi;
   if (@@ret) {
     return wantarray ? @@ret : $ret[-1];
   }
@


1.1
log
@Added a patch to fix a potential DoS vulnerability (CVE-2005-3351).
See
  http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4570
  http://secunia.com/advisories/17386
@
text
@d1 1
a1 1
$NetBSD$
@