Ubuntu
libspf2 package

lp:ubuntu/hardy-security/libspf2

  1. Hardy (8.04)
  2. hardy-security
Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/hardy-security/libspf2
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

14. By Scott Kitterman

* SECURITY UPDATE:
* 51_actually-keep-track-of-max_var_len.dpatch: Fix possible DoS with
  long sender addresses. Thanks to Hannah Schroeter.
* 52_compile_bufoverflow.dpatch: Prevent buffer overflows in SPF_compile
  from mechanisms with huge domainspecs. Workaround suggested by
  upstream. Limits the size of mechanisms and modifiers, but that
  shouldn't be a problem in practice.
* 42_empty_sender.dpatch could previously cause segfaults by trying to
  write to a constant string. Fixed.
* Thanks to Magnus Holmgren <email address hidden> for the fixes
* Thanks to Michael Casadevall for testing

13. By Jamie Strandboge

* SECURITY UPDATE: buffer overflow when handling DNS responses (LP: #271025)
  - debian/patches/50_dns_resolv_bufoverflow.dpatch: dynamically allocate
    responsebug and properly check txt record lengths. Thanks to Scott
    Kitterman.
  - CVE-2008-2469

12. By Magnus Holmgren

* Added 23_spfquery_ipv6.dpatch: Make spfquery accept IPv6 addresses
  (Closes: #440147). Thanks to Matthias Cramer.
* 35_untabify_help.dpatch: Make --help output of utilities less ugly by
  converting tabs to spaces.

11. By Magnus Holmgren

* 22_spfquery_fallback_segfault.dpatch: Fix fallback-related segfault in
  spfquery (Closes: #430414). Thanks to Robert Millan.
* Correct debian/copyright (Closes: #433047). Thanks to Julian Mehnle.
* A second patch from Robert split into three:
  * 40_permanent_include_errors.dpatch: Make permanent errors in
    processing an include: directive cause the parent evaluation to return
    a permanent error as well (Closes: #435139).
  * 41_none_not_neutral.dpatch: Use a diffent explanation for
    SPF_RESULT_NONE than the one for SPF_RESULT_NEUTRAL (Closes: #435140).
* 42_empty_sender.dpatch: Use the HELO identity in MAIL FROM checks if
  the sender address has been set to the empty string (Closes: #431239).
* debian/control: Add XS-Vcs-* fields.

10. By Magnus Holmgren

* 21_spfquery_infininte_loop.dpatch: Fix infinite loop when giving
  unimplemented options to spfquery.
* 20_printf_types.dpatch: Revert to using standard conversion specifiers
  without z modifiers.
* debian/watch: mangle away .dfsg from package version.
* Lower spfquery and spfd alternatives priorities to 25.
* Skip applying 01_line-endings.dpatch; it's meaningless.

9. By Magnus Holmgren

* New maintainer (Closes: #372629).
* Repacked .orig.tar.gz without non-free IETF Internet Draft (Closes:
  #393390).
* Merge updates from Ubuntu:
  - Add debian/compat and Build-depend on debhelper >= 5.
  - Add alternatives handling for /usr/bin/spfquery (Closes: #306875).
    - Conflict on libmail-spf-query-perl << 1:1.999.1-3.
    - Add postinst and prerm scripts.
  - debian/copyright: update author address.
  - debian/control: add final newline.
* debian/control:
  * Change description of spfquery (Closes: #410592).
  * Add homepage to package descriptions.
* Reduce Debian diff by changing line endings with sed instead.
* Further reduce Debian diff by eliminating config.sub and config.guess
  from there. Build-depend on autotools-dev to ensure up-to-date
  versions instead.
* The autogenerated spf_lib_version.h was put in the wrong directory,
  while there was a static spf_lib_version.h in the right directory.
  Fix that with some rules in debian/rules.
* Use dpatch to manage patches.
* Apply 20_64bit_types.dpatch to hopefully prevent segfaults on 64-bit
  architectures (Closes: #392793). Thanks to Thomas Jacob, Carsten
  Koch-Mauthe and Herbert Straub.
* 20_printf_types.dpatch: Change format strings to use the z flag,
  meaning size_t, among other things.
* 30_spfd_check_unlink_failure.dpatch: Fix a typo in spfd (patch from
  Thomas Jacob).
* debian/watch: added.
* Update Standards-Version to 3.7.2 without changes.
* Apply 20_spf_dns_include_std_headers.dpatch: Include arpa/nameser.h and
  netdb.h from spf_dns.h instead of defining the constants needed unless
  certain HAVE_ macros are defined (Closes: #405885).
* Apply 25_maxvals.dpatch, which brings certain processing limits (meant
  to mitigate DoS attacks) in line with RFC 4408. Thanks to Scott
  Kitterman.
* debian/control: Change libspf2-dev dependency to ${binary:Version} so
  that binNMUs will work.
* Ship spfd in the spfquery package (Closes: #258360).

8. By Scott Kitterman

* Added patch to change MX and PTR limits to match RFC (Closes LP: #92569)
  - Patch thanks to Thomas Jacob <email address hidden>

7. By Scott Kitterman

* Fix data types to avoid segfault on AMD64
  - Patch thanks to Thomas Jacob <email address hidden>
  - Corrects LP: #65952 (Closes Debian #392793)
* Change maintainer to MOTU
* Add dpatch and debian/patches for fix.

6. By Scott Kitterman

* Changes for update alternatives (Fixes Debian #306875, Ubuntu #79683).
  - debian/control: Updated conflicts and added Section and final newline
  - debian/rules: Rename spfquery for update alternatives
  - debian/spfquery.postinst: Added for update alternatives
  - debian/spfquery.prerm: Added for update alternatives
* debian/copyright: Updated author e-mail address
* debian/compat: Added

5. By Eric Dorland

Orphan.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/karmic/libspf2
This branch contains Public information 
Everyone can see this information.

Subscribers