MFH: r569156
mail/spamassassin: Update 3.4.4 --> 3.4.5, fixing CVE-2020-1946 According to https://s.apache.org/ng9u9, 3.4.5 fixes CVE-2020-1946. The announce text: Apache SpamAssassin 3.4.5 was recently released [1], and fixes an issue of security note where malicious rule configuration (.cf) files can be configured to run system commands. In Apache SpamAssassin before 3.4.5, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.5, users should only use update channels or 3rd party .cf files from trusted places. Apache SpamAssassin would like to thank Damian Lukowski at credativ for ethically reporting this issue. This issue has been assigned CVE id CVE-2020-1946 [2] To contact the Apache SpamAssassin security team, please e-mail security at spamassassin.apache.org. For more information about Apache SpamAssassin, visit the https://spamassassin.apache.org/ web site. Apache SpamAssassin Security Team [1]: https://s.apache.org/ng9u9 [2]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-1946 PR: 254526 Submitted by: cy Reported by: cy Approved by: maintainer (zeising) Security: https://s.apache.org/ng9u9 https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-1946
This commit is contained in:
parent
588b85e42f
commit
3689883c38
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/branches/2021Q1/; revision=569158
@ -2,7 +2,7 @@
|
|||||||
# $FreeBSD$
|
# $FreeBSD$
|
||||||
|
|
||||||
PORTNAME= spamassassin
|
PORTNAME= spamassassin
|
||||||
PORTVERSION= 3.4.4
|
PORTVERSION= 3.4.5
|
||||||
CATEGORIES?= mail perl5
|
CATEGORIES?= mail perl5
|
||||||
MASTER_SITES= APACHE/spamassassin/source CPAN/Mail
|
MASTER_SITES= APACHE/spamassassin/source CPAN/Mail
|
||||||
DISTNAME= Mail-SpamAssassin-${PORTVERSION}
|
DISTNAME= Mail-SpamAssassin-${PORTVERSION}
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
TIMESTAMP = 1580419680
|
TIMESTAMP = 1616608645
|
||||||
SHA256 (Mail-SpamAssassin-3.4.4.tar.gz) = 8ea27a165b81e3ce8c84ae85c3ecba1f2edfa04ef4a86f07fe28ab612fc8ff60
|
SHA256 (Mail-SpamAssassin-3.4.5.tar.gz) = a640842c5f3f468e3a21cbb9c555647306ec77807e57c5744ef0065e4a8675f6
|
||||||
SIZE (Mail-SpamAssassin-3.4.4.tar.gz) = 3274482
|
SIZE (Mail-SpamAssassin-3.4.5.tar.gz) = 6572220
|
||||||
|
@ -131,6 +131,7 @@ lib/libspamc.so.0
|
|||||||
%%SITE_PERL%%/Mail/SpamAssassin/Util/TinyRedis.pm
|
%%SITE_PERL%%/Mail/SpamAssassin/Util/TinyRedis.pm
|
||||||
%%SITE_PERL%%/spamassassin-run.pod
|
%%SITE_PERL%%/spamassassin-run.pod
|
||||||
%%PERL5_MAN1%%/sa-awl.1.gz
|
%%PERL5_MAN1%%/sa-awl.1.gz
|
||||||
|
%%PERL5_MAN1%%/sa-check_%%USER%%.1.gz
|
||||||
%%PERL5_MAN1%%/sa-compile.1.gz
|
%%PERL5_MAN1%%/sa-compile.1.gz
|
||||||
%%PERL5_MAN1%%/sa-learn.1.gz
|
%%PERL5_MAN1%%/sa-learn.1.gz
|
||||||
%%PERL5_MAN1%%/sa-update.1.gz
|
%%PERL5_MAN1%%/sa-update.1.gz
|
||||||
|
Loading…
Reference in New Issue
Block a user