LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Development page

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LK2008: The values of the Linux community

LWN.net Weekly Edition for October 9, 2008

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Apache SpamAssassin 3.1.8 released

[Posted February 19, 2007 by corbet]

From:  Theo Van Dinter <felicity-AT-apache.org>
To:  Spamassassin Users List <users-AT-spamassassin.apache.org>, Spamassassin Devel List <dev-AT-spamassassin.apache.org>, Spamassassin Announcements List <announce-AT-spamassassin.apache.org>
Subject:  ANNOUNCE: Apache SpamAssassin 3.1.8 available!
Date:  Wed, 14 Feb 2007 17:33:58 -0500
Archive-link:  Article, Thread 

Apache SpamAssassin 3.1.8 is now available!  This is a maintenance and
security release of the 3.1.x branch.  It is highly recommended that
people upgrade to this version.

Downloads are available from:
   http://spamassassin.apache.org/downloads.cgi?update=20070...

The release file will also be available via CPAN in the near future.

md5sum of archive files:
  e8184a9a4ff11da5bd20b294cfeac7ac  Mail-SpamAssassin-3.1.8.tar.bz2
  20a3a6b651a89dcc70634715ca833996  Mail-SpamAssassin-3.1.8.tar.gz
  c81ef93066e60353032c21991e3c9ae2  Mail-SpamAssassin-3.1.8.zip

sha1sum of archive files:
  0d092c4de6e6df66f1d0fb0ca8589147ee4096cb  Mail-SpamAssassin-3.1.8.tar.bz2
  08f81f72d8a783887cf815dfc55ea38e3582b966  Mail-SpamAssassin-3.1.8.tar.gz
  f172c47a896c3c78aacf21f2af99088bd53363d0  Mail-SpamAssassin-3.1.8.zip


The release files also have a .asc accompanying them.  The file serves
as an external GPG signature for the given release file.  The signing
key is available via the wwwkeys.pgp.net key server, as well as
http://spamassassin.apache.org/released/GPG-SIGNING-KEY

The key information is:

pub  1024D/265FA05B 2003-06-09 SpamAssassin Signing Key <release@spamassassin.org>
      Key fingerprint = 26C9 00A4 6DD4 0CD5 AD24  F6D7 DEE0 1987 265F A05B

3.1.8 is a major bug-fix release, including a potential DoS.  The major
highlights are:

- bug 5318: fix for CVE-2007-0451: possible DoS due to incredibly
  long URIs found in the message content.
- bug 5240: disable perl module usage in update channels unless
  --allowplugins is specified
- bug 5288: files with names starting/ending in whitespace weren't usable
- bug 5056: remove Text::Wrap related code due to upstream issues
- bug 5145: update spamassassin and sa-learn to better deal with STDIN
- bug 5140 and 5179: improvements and bug fixes related to DomainKeys
  and DKIM support
- several updates for Received header parsing
- several documentation updates and random taint-variable related issues

A more detailed change log can be read here:

  http://svn.apache.org/repos/asf/spamassassin/branches/3.1...

-- 
Randomly Selected Tagline:
"I have a simple test to determine if any windows executable that I
 received via E-mail is a virus or not: If I received it, it's a virus."
         - Charlie Watts on the SpamAssassin mailing list
(Log in to post comments)

Copyright © 2007, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds