File opendmarc.changes of Package opendmarc

-------------------------------------------------------------------
Fri Mar 18 06:46:02 UTC 2022 - Dirk Stoecker <opensuse@dstoecker.de>

- update to 1.4.2
  * Fix issue #175: Don't reject a multi-valued From when all of the
                    domains match.
  * Fix issue #179: Don't crash when a value in a multi-valued From field
                    is missing a domain name.  Resolves CVE-2021-34555.
- Drop cve-2021-34555.patch (in upstream)

-------------------------------------------------------------------
Wed Jan 19 13:00:16 UTC 2022 - Dirk Stoecker <opensuse@dstoecker.de>

- update support components (smaller bugfixes only)

-------------------------------------------------------------------
Wed Oct 13 11:41:57 UTC 2021 - Togan Muftuoglu <toganm@opensuse.org>

- cve-2021-34555: fix multi-value from rejection logic
  Fixes https://github.com/trusteddomainproject/OpenDMARC/issues/179

-------------------------------------------------------------------
Thu May 13 10:31:13 UTC 2021 - Matthias Fehring <buschmann23@opensuse.org>

- update to version 1.4.1.1
  * This release is a fix for 1.4.1 which suffered a broken merge to
    the "master" branch and thus was unusable. The merge was repaired
    and "master" was re-tested before this release was posted. There's
    no change to RELEASE_NOTES since no functionality was added or
    removed.
- changes from 1.4.1
  * NOTE: In response to CVE-2019-20790, opendmarc has changed how it
    evaluates headers added by previous SPF milters. Users are
    encouraged to read the CVE-2019-20790 file in the "SECURITY"
    folder for more details. (CVE-2019-20790)
    (gh#trusteddomainproject/OpenDMARC#49)
    (gh#trusteddomainproject/OpenDMARC#158)
  * Addition of defines for MUSL C Library. (gh#trusteddomainproject/OpenDMARC#129)
    (gh#trusteddomainproject/OpenDMARC#133)
  * Fix two #ifdefs in arc functions for strlcpy. (gh#trusteddomainproject/OpenDMARC#138)
  * Fixes to MySQL Schema (gh#trusteddomainproject/OpenDMARC#98)
    (gh#trusteddomainproject/OpenDMARC#99)
  * Add compatibility with AutoConf 2.70. (gh#trusteddomainproject/OpenDMARC#95)
  * Only accept results from Received-SPF fields that indicate clearly
    which identifier was being evaluated, since DMARC specifically
    only wants results based on MAIL FROM.
  * Many build-time fixes
  * Added config option HoldQuarantinedMessages (default false), which
    controls if messages with p=quarantine will be passed on to the
    mail stream (if False) or placed in the MTA's "hold" queue
    (if True). (gh#trusteddomainproject/OpenDMARC#105)
  * Remove "--with-wall" from "configure".
  * LIBOPENDMARC: Ignore all RRTYPEs other than TXT.
    (gh#trusteddomainproject/OpenDMARC#50)
  * LIBOPENDMARC: Repair absurd RRTYPE test in SPF code.
    (gh#trusteddomainproject/OpenDMARC#89)
  * LIBOPENDMARC: Fix bogus header field parsing code.
    (gh#trusteddomainproject/OpenDMARC#104)
  * LIBOPENDMARC: Don't pass the client IP address through htonl()
    since it's already in network byte order. This was causing SPF
    errors when the internal SPF implementation was in use.
    (gh#trusteddomainproject/OpenDMARC#161)
  * LIBOPENDMARC: Fix numerous problems with the internal SPF
    implementation.
- changes from 1.4.0
  * Add ARC support. Extensive work contributed by ValiMail, with
    patches by Jonathan Kamens.
  * Add "DomainWhitelist" and "DomainWhitelistFile" config options.
  * Extract client IP address for ARC reports when provided via
    Authentication-Results.
  * Update SQL schema to support new reporting functionality for DKIM
    selectors and ARC local policy overrides (refer to the example
    schema.mysql file).
  * Add experimental support for reporting of ARC local policy overrides.
  * Add support for recording and reporting of DKIM selectors.
  * Override a DMARC "fail" if an ARC "pass" is recorded in conjunction
    with an ARC policy pass.
  * Add "RejectMultiValueFrom" configuration option to reject messages
    with multi-valued From fields, unless all domains in that field
    are the same.
  * Handle base64 inside AR tokens that are values.
  * Fix Authentication-Results tokenizing.
  * LIBOPENDMARC: Fix bug #203: Reject DMARC records that have duplicate
    tags in them.
  * LIBOPENDMARC: Pull request #70: For a non-pass DKIM outcome, discard
    unaligned domain.
  * LIBOPENDMARC: Pull request #67: Fix resource leakage on systems
    using res_ndestroy().
  * LIBOPENDMARC: In opendmarc_xml_parse(), ensure NULL-termination of
    the buffer passed to opendmarc_xml().
  * LIBOPENDMARC: Add opendmarc_policy_fetch_from_domain().
  * LIBOPENDMARC: Fix handling of long or malformed DMARC records.
  * LIBOPENDMARC: Enable opendmarc_policy_store_dkim() to report a
    missingFrom domain.
  * REPORTS: Feature request #146: Add option to pull input from a file.
  * REPORTS: Fix bug #153: Suppress duplicate results from the same
    domain.
- update DMARC support scripts from TechSneeze to current versions
- update patch collection by Juri Haberland from 2018040601 to
  2021051301
  * remove obsolete patches now included upstream
    + ticket137.patch (Chokes on OpenDKIM Authentication-Results headers)
    + ticket146.patch (Use an input file alternatively)
    + ticket153.patch (duplicate dkim auth_result sections)
    + ticket203.patch (Duplicate E-Mail due to strange dmarc entry)
    + ticket227.patch (Consistent opendmarc_policy.c Segfault When Processing DMARC Data...)
    + z00_ticket138_v3.patch (Pass failed messages from p=quarantine domains)
    + z06_use_envdomain_SPF_logging.patch
  * remove patches currently not applicable because of bigger changes
    in upstream code
    + ticket180.patch (Override MLM patch)
    + z04_moreHeadersFailureReportVsBeta1.patch

-------------------------------------------------------------------
Fri Oct  9 21:33:16 UTC 2020 - Dirk Stoecker <opensuse@dstoecker.de>

- update support scripts

-------------------------------------------------------------------
Mon Jul  6 12:45:40 UTC 2020 - Matthias Fehring <buschmann23@opensuse.org>

- use group mail in the systemd service file to start the daemon
- prerequire group(mail)

-------------------------------------------------------------------
Sun Jul  5 14:11:49 UTC 2020 - Matthias Fehring <buschmann23@opensuse.org>

- use systemd's RuntimeDirectory= service variable to create the
  runtime directory instead of systemd's tmpfiles
- use %%{_localstatedir}/spool/%%{name} as home directory for user
  opendmarc instead of %%{_rundir}/%%{name}
- update DMARC support stuff from TechSneeze to current versions

-------------------------------------------------------------------
Mon Sep 17 07:21:31 UTC 2018 - Dirk Stoecker <opensuse@dstoecker.de>

- add requires for perl Domain::PublicSuffix

-------------------------------------------------------------------
Thu Aug 23 14:21:01 UTC 2018 - opensuse@dstoecker.de

- update utilities

-------------------------------------------------------------------
Thu May 24 08:46:08 UTC 2018 - opensuse@dstoecker.de

- add set of patches collect by Juri Haberland, update report tools

-------------------------------------------------------------------
Mon Mar 27 16:12:43 UTC 2017 - opensuse@dstoecker.de

- add skip history patch: skiphistory.patch

-------------------------------------------------------------------
Thu Mar  9 12:13:18 UTC 2017 - opensuse@dstoecker.de

- add support stuff

-------------------------------------------------------------------
Tue Mar  7 16:39:47 UTC 2017 - opensuse@dstoecker.de

- update to 1.3.2

-------------------------------------------------------------------
Wed Feb  8 20:04:20 UTC 2017 - opensuse@dstoecker.de

- fix missing dependencies for support scripts

-------------------------------------------------------------------
Sat Apr 16 12:00:18 UTC 2016 - opensuse@dstoecker.de

- first version for openSUSE (based on Fedora version by Steve Jenkins and Todd Lyons)