View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0016544CentOS-7spamassassinpublic2019-10-06 07:302019-10-06 10:34
Reporterbrianjmurrell 
PrioritynormalSeveritymajorReproducibilityalways
Status newResolutionopen 
Product Version7.7-1908 
Target VersionFixed in Version 
Summary0016544: Update spamassassin
DescriptionVersion 3.4.2 has been released:

2018-09-16: SpamAssassin 3.4.2 has been released! This release contains numerous tweaks and bug fixes over the past three and 1/2 years including:
sa-update now uses SHA-256 & SHA-512 hashing to verify rule updates;
4 new plugins; and
Four CVE security bug fixes: CVE-2017-15705, CVE-2016-1238, CVE-2018-11780 & CVE-2018-11781.

But most importantly, there are checks (i.e. to increase spam score) that are only available in versions >= 3.4.1 so having such an outdated release in CentOS-7 is actually allowing spam to be under-scored.
TagsNo tags attached.
abrt_hash
URLhttps://spamassassin.apache.org/news.html

Activities

brianjmurrell

brianjmurrell

2019-10-06 10:04

reporter   ~0035346

FWIW, https://src.fedoraproject.org/rpms/spamassassin/tree/master with this PR: https://src.fedoraproject.org/rpms/spamassassin/pull-request/9 builds on EL7: https://copr.fedorainfracloud.org/coprs/brianjmurrell/epel-7/build/1048927/
arrfab

arrfab

2019-10-06 10:11

administrator   ~0035347

as you know that spamassassin is a pkg from upstream RHEL 7, maybe the request should be made upstream (so on bugzilla.redhat.com) so that when it enters upstream rhel, it will land automatically on centos
brianjmurrell

brianjmurrell

2019-10-06 10:33

reporter   ~0035348

Yes, but as you know, RH typically only really pay attention to RHEL bug reports from RHEL subscribers.

I was assuming there was some amount of relationship between CentOS and RH (now that RH owns CentOS) that would enable getting these kinds of updates upstream in a more responsive manner than reports from average-joe non-RHEL-subscribers.
brianjmurrell

brianjmurrell

2019-10-06 10:34

reporter   ~0035349

In any case, I have my update, in my COPR and it's working much better than 3.4.0.

I just thought I would try to initiate some activity that would provide this benefit to the larger community rather than just solving it for myself.

Issue History

Date Modified Username Field Change
2019-10-06 07:30 brianjmurrell New Issue
2019-10-06 10:04 brianjmurrell Note Added: 0035346
2019-10-06 10:11 arrfab Note Added: 0035347
2019-10-06 10:33 brianjmurrell Note Added: 0035348
2019-10-06 10:34 brianjmurrell Note Added: 0035349