Accepted spamassassin 3.4.2-0+deb8u1 (source all amd64) into oldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted spamassassin 3.4.2-0+deb8u1 (source all amd64) into oldstable
From: Antoine Beaupré <anarcat@debian.org>
Date: Tue, 13 Nov 2018 19:00:46 +0000
Message-id: <[🔎] E1gMdva-0000FG-73@seger.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 30 Oct 2018 13:28:29 -0400
Source: spamassassin
Binary: spamassassin spamc sa-compile
Architecture: source all amd64
Version: 3.4.2-0+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Noah Meyerhans <noahm@debian.org>
Changed-By: Antoine Beaupré <anarcat@debian.org>
Description:
 sa-compile - Tools for compiling SpamAssassin rules into C
 spamassassin - Perl-based spam filter using text analysis
 spamc      - Client for SpamAssassin spam filtering daemon
Closes: 784023 865924 883775 889501 891041 908969 908970 908971 913571
Changes:
 spamassassin (3.4.2-0+deb8u1) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * New upstream version to fix several security issues and critical bugs:
     - CVE-2017-15705: Denial of service issue in which certain unclosed
       tags in emails cause markup to be handled incorrectly leading to
       scan timeouts. (Closes: 908969)
     - CVE-2016-1238: Unsafe usage of "." in @INC in a configuration
       script.
     - CVE-2018-11780: potential Remote Code Execution bug with the
       PDFInfo plugin. (Closes: 908970)
     - CVE-2018-11781: local user code injection in the meta rule syntax.
       (Closes: 908971)
     - BayesStore: bayes_expire table grows, remove_running_expire_tok not
       called (Closes: 883775)
     - Fix use of uninitialized variable warning in PDFInfo.pm
       (Closes: 865924)
     - Fix "failed to parse plugin" error in
       Mail::SpamAssassin::Plugin::URILocalBL (Closes: 891041)
     - SSLv3 support removed from spamc
   * Don't recursively chown /var/lib/spamassassin during postinst.
     (Closes: 889501)
   * Update SysV init script to cope with upstream's change to $0.
   * Run test suite during build (Closes: #784023).
   * Refresh patches
   * Removed patches merged upstream:
     - 30_edit_README
     - 35_bug752542-libnet-dns-perl.patch
     - 97_bug720499-pod-5.18
     - bug_771408_perl_version
     - bug_774768_disable_ahbl
   * Added patch to silence extra debugging messages (Closes: #913571)
Checksums-Sha1:
 3454a58e1b7fb91284a706949219bb01142e446d 2126 spamassassin_3.4.2-0+deb8u1.dsc
 a7c72a47e9aa88276aeefc926a159c27dc4a74ab 234232 spamassassin_3.4.2.orig-pkgrules.tar.xz
 f295571631e4163225ee3eab04d5c0cce3a69fbc 1873396 spamassassin_3.4.2.orig.tar.xz
 3618a83860fb605b35983ca7b997871652134791 36876 spamassassin_3.4.2-0+deb8u1.debian.tar.xz
 679a3814a3993d7902778d30389dba61216409b3 1176290 spamassassin_3.4.2-0+deb8u1_all.deb
 af1ee6858931ad81f389002622e2f2976af6e5fe 46968 sa-compile_3.4.2-0+deb8u1_all.deb
 f3c14a2296d26c70cdd8aba3f21e5ff162a82fed 81194 spamc_3.4.2-0+deb8u1_amd64.deb
Checksums-Sha256:
 4d3fa6333bbcb6a62ebe83c8187c0489da0df5de433213cb7cc7ac16fb53fc65 2126 spamassassin_3.4.2-0+deb8u1.dsc
 3f3349bb45ac63a7b85a7562a365a9805c4afce91aa11718f0dacfe034890066 234232 spamassassin_3.4.2.orig-pkgrules.tar.xz
 aae73f835e1201713458fbe012f686eae395f7672c4729e62c91a92b3ced50df 1873396 spamassassin_3.4.2.orig.tar.xz
 a44de59dce688c9e02a081797229404bb2ad296214365ce0d979ce9e25d2c363 36876 spamassassin_3.4.2-0+deb8u1.debian.tar.xz
 89e3063d4733665835fcf82104e612231bb242cffbeb44d8ac778f743e56bb10 1176290 spamassassin_3.4.2-0+deb8u1_all.deb
 8a2aa523c733d48657b81d6dba1fe62d59526c61d4a6d0c00f84d6570e673a66 46968 sa-compile_3.4.2-0+deb8u1_all.deb
 0f06178a02f6b123c8675b1f6572520bd0ff6e3b84416e74b6f65725ae0d0505 81194 spamc_3.4.2-0+deb8u1_amd64.deb
Files:
 a245f95524a82c86906e8582e3f6b176 2126 mail optional spamassassin_3.4.2-0+deb8u1.dsc
 d1616326f1d3a442aff01347e615cabd 234232 mail optional spamassassin_3.4.2.orig-pkgrules.tar.xz
 0f6d6733613ec670b13d37ce6f6244f8 1873396 mail optional spamassassin_3.4.2.orig.tar.xz
 1065a02ec5c934835398f377c01a3216 36876 mail optional spamassassin_3.4.2-0+deb8u1.debian.tar.xz
 9c47273d94caa3cbf8e8835562f7f089 1176290 mail optional spamassassin_3.4.2-0+deb8u1_all.deb
 ca299ea1fba3396d1eae3061bf6dd52f 46968 mail optional sa-compile_3.4.2-0+deb8u1_all.deb
 46d2e6e39cf11215eb07dd026a870174 81194 mail optional spamc_3.4.2-0+deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEexZCBNCWcjsBljWrPqHd3bJh2XsFAlvrGtsACgkQPqHd3bJh
2Xto2Af/TXe0JQP+l1bhV9ooDC0gkTX7Mmt6OXkWXdjuAreBcJcFHf41wg1a0r8L
m6Ar3noRfgCgsfsxl2zX1pDFHPBWuIgm2ojvHkDGxwzXklmEf0u0kMJf37obAONj
HY0v9qdxDdgI67lsH8g1qsaqahfz77YK9uoDAvoKHLV+mzjZAkarBSLXSKgvbvnk
ArbParEvl0/L0mjSVrA258X0tSnSGKK/DKdrl327L7nDYEUsg9GEH/pgVcmMAZMt
j3dT+ez4+3A04YjaNlqPASzuJraKC4WeVoFZE8ai0GYFN6PuZNr3zd+2uo1PbesB
XTBMng9+wxE8W3bbEy/XgtmEDT0IWA==
=3PR9
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted xen 4.4.4lts4-0+deb8u1 (source all amd64) into oldstable
Next by Date: Accepted rustc 1.24.1+dfsg1-1~deb8u2 (source amd64 all) into oldstable
Previous by thread: Accepted xen 4.4.4lts4-0+deb8u1 (source all amd64) into oldstable
Next by thread: Accepted rustc 1.24.1+dfsg1-1~deb8u2 (source amd64 all) into oldstable
Index(es):
- Date
- Thread