Subject: CVS commit: pkgsrc/security/amavisd-new
From: Jeremy C. Reed
Date: 2008-02-19 17:20:15
Message id:

Log Message:
Update to 2.5.3. This update is from maintainer in PR #38062.

>From the amavisd-new-2.5.3 release notes:


- fix parsing a SMTP status response from MTA when releasing from a
  quarantine, when a MTA response did not include an enhanced status
  code (RFC 3463) (such as with old versions of Postfix);  a parsing
  failure resulted in attribute "setreply=450 4.5.0 Unexpected:..."
  in an AM.PDP protocol response, even though a release was successful;
  reported by Ron Miller, John M. Kupski, investigated by Tony Caduto
  and Jeremy Fowler;

- change parsing of addresses in From, To, and Cc header fields, avoiding
  complex Perl regular expressions which could crash a process on certain
  degenerate cases of these header fields; thanks for detailed problem
  reports to Carsten L├╝hrs and Attila Nagy;

- completely rewritten parsing of Received header field to work around a
  Perl regular expression problem which could crash a process on certain
  degenerate cases of mail header fields; problem reported by Thomas Gelf;

- harden to some extent regular expressions in parse_message_id to cope
  better with degenerate cases of header fields carrying message-id;

- sanitize 8-bit characters in In-Reply-To and References header fields
  before using them in Pen Pals SQL lookups to avoid UTF-8 errors like:
    penpals_check FAILED: sql exec: err=7, 22021, DBD::Pg::st execute failed:
    ERROR: invalid byte sequence for encoding "UTF8": 0xd864

- when turning an infection report into a spam report, avoid adding newly
  discovered virus names (i.e. fraud names) to a cached list if these names
  are already listed; previously the list would just grow on each passage
  through a cache, leading to unsightly long lists of spam tests in a
  report; based on a patch by Henrik Krohns;

- fix diagnostics when an invalid command line argument is given;


- reduce log clutter when certain Perl modules are loaded late, i.e. after
  chrooting and daemonizing, but still before a fork; now only issue one
  log entry by a parent process: "extra modules loaded after daemonizing: \ 

- slightly relax mail address syntax in subroutine split_address;

- fetch additional information (tags) from SpamAssassin: TESTS, ASN,
  ASNCIDR, DKIMDOMAIN and DKIMIDENTITY, making them available through a macro
  'supplementary_info' (if a version of SpamAssassin in use provides them);

- updated DKIM section in amavisd-new-docs.html, removing the historical
  DomainKeys milter from examples;

- declared a dummy subroutine dkim_key() and new dummy configuration
  variables @dkim_signature_options_bysender_maps, %signed_header_fields,
  $reputation_factor, @signer_reputation_maps and $sql_partition_tag, members
  of policy banks, in preparation for 2.6.0 - declared now for improved
  downgrade compatibility of 2.6.0 configuration files, if need arises.