Release notes:
December 22, 2004
amavisd-new-2.2.1 release notes
SECURITY:
- add support for the pax(1) archive decoder, which can handle tar/cpio/pax
archives (including legacy format variants). Due to limitations in cpio
(and in Archive::Tar), for security reasons it is preferred to decode
such archives with pax and no longer with cpio; please add a line:
$pax = 'pax';
to amavisd.conf and verify that the program pax is installed on the system
(and in the jail if running in chroot);
- perform additional tests at startup time on the proper protection
of the configuration file;
- add file name extensions wmf, emf and grp to the example list of
banned extension, according to recent Microsoft security bulletins;
suggested by Stephane Lentz;
- introduces 'clean but inconclusive' av scanner result to avoid a specialized
or quick partial av scanner like jpeg checker to claim mail is clean
when all other general purpose av scanners fail (see below);
INCOMPATIBILITY:
- removed some legacy $*_ldap variables, as they are no longer needed;
These variables were still declared but ignored in 2.2.0 for compatibility
with older amavisd.conf files. Such variables need to be removed from
the amavisd.conf if they are still present there from older versions,
otherwise Perl will complain with 'Global symbol ... requires explicit
package name";
OTHER FIXES:
- files_to_scan and decompose_mail are now able to remove unexpected
directories which may have been left behind by some failed decoding
and were causing temporary failures and mail delivery retries;
error recovery problem after failed unarj reported by Ralf Hildebrandt;
- error recovery code in files_to_scan and rmdir_recursively now tries to
change protection on directories and files, and retry if the first attempt
to access them fails because of denied permission;
- pre-load some additional Perl modules needed by SA when running in chroot;
- add module Net::LDAP::Search to a list of pre-fetched modules;
omission pointed out by Paul Jacobson;
- when quarantining is disabled by keeping $QUARANTINEDIR undefined,
the log entry and administrator notification message inappropriately
suggested that mail was quarantined, which in fact (appropriately)
it was not. Setting $QUARANTINEDIR='' did work as expected.
Reported by Sascha Lucas;
- avoid the use of Encode::is_utf8 due to a Perl bug (still present in 5.8.5)
where Encode::is_utf8 on tainted utf8 character string produces false;
- modify safe_encode() to guarantee the result is a string of octets,
not a string of UTF-8 characters; it saves some unnecessary work in
further processing and keeps MIME::Entity from UTF swamp when running
in chroot; problem pointed out by Branko F. Gracnar;
- avoid braindead Perl default where an empty regexp implies the last
successfully matched regexp, which (if not being very careful) brings in
some completely unrelated last-executed regular expression;
- change kill 'TERM' into kill 'KILL' when a forked process within run_command
and run_command_consumer gets into deep trouble, to avoid exit handlers
being invoked in the subprocess (which could lead to two processes trying
to clean the same set of temporary files);
- in an old sendmail setup using the amavis(.c) helper program without
LDA arguments, avoid inappropriate warning:
"WARN: no recips left (forgot to set $forward_method=undef using milter?)
and return status 0 instead of 99 when message is to be blocked, as the
helper program amavis(.c) does not recognize status 99 in this situation
and inappropriately passed it on to sendmail; reported by The Mindflayer;
- the @bypass_header_checks_maps is now able to also bypass the bad header
checks as provided by MIME::Parser; inconsitency reported by CRivera;
- avoid some Perl warning messages; thanks to Bill Landry;
CHANGES AND MINOR NEW FEATURES:
- add configuration variable @newvirus_admin_maps (and $newvirus_admin,
along with corresponding SQL field 'newvirus_admin') which works like
the existing @virus_admin_maps (and $virus_admin), except that it sends
virus administrator notification to specified e-mail address only for newly
encountered viruses which have not yet been encountered since the amavisd
startup. It makes use of by-virusname counters in the SNMP counters
database. If more than one child process starts working on infected
message containing a not-yet-accounted-for virus, there might be more
than one 'first time' notification, this is not a malfunction. Both
the @newvirus_admin_maps and the @virus_admin_maps may be enabled,
each (possibly both) would receive their notifications as appropriate.
A useful setting is to globally enable only the new virus notifications,
and additionally enable _all_ administrator notifications for internally
originating mail only (by the use of policy banks);
- provide separate configuration variables @banned_admin_maps and
@bad_header_admin_maps, along with corresponding SQL fields
'banned_admin' and 'bad_header_admin'; their function was previously
covered by @virus_admin_maps, which now only still controls administrator
notifications in case of viruses;
- introduces 'clean but inconclusive' av scanner result to avoid a specialized
or quick partial av scanner like jpeg checker to claim mail is clean
when all other general purpose av scanners fail:
in av scanner entries (lists @av_scanners and @av_scanners_backup) give
an extended meaning to undefined fourth argument (the 'match for clean'
list or regexp). The interpretation of the fourth argument is now:
4. an array ref of av scanner exit status values, or a regexp (to be
matched against scanner output), indicating NO VIRUSES found;
a special case is a value undef, which does not claim file to be clean
(i.e. it never matches, similar to []), but suppresses a failure warning;
to be used when the result is inconclusive (useful for specialized and
quick partial scanners such as jpeg checker);
Also modified example jpeg checker entry in amavisd.conf accordingly.
- NOD32 av scanner: changed @av_scanners entry to match the new version
of the scanner; thanks to Nejc Skoberne;
- added @av_scanners entry for File::Scan;
- when preparing a SQL SELECT clause for white/blacklisting lookup,
take into account a relative position of ? and %k in the
$sql_select_white_black_list template to improve flexibility
of specifying the clause; suggested by Matt Petteys;
- reduce the log level of some more common and harmless log messages;
- macro %p and the log entry now reports full policy bank path,
not just the last loaded policy bank name;
- added LDAP attributes amavisWarnVirusRecip, amavisWarnBannedRecip,
and amavisWarnBadHeaderRecip; by Joel Nimety and Michael Hall;
- renamed LDAP attribute name amavisSpamModifiesSubject to
amavisSpamModifiesSubj in order to match the documented LDAP schema;
noticed by Kees Bos, patch by Michael Hall;
- add support for ripOLE decoder, which attempt to extract embedded documents
from MS OLE documents (MS Office) (http://www.pldaniels.com/ripole/,
by Paul L Daniels)); ripOLE is still experimental/alpha code;
To be make amavisd-new find the installed program 'ripole', add the:
$ripole = 'ripole';
to the amavisd.conf; suggested by David Wilson and Noel Jones;
- allow multiple occurrences of command line option: -c config_file
and execute the provided configuration files one after the other;
based on a subset of functionality provided as a patch by Davor Ocelic;
- a slight improvement (in default $map_full_type_to_short_type_re)
in classifying mpeg and some other multimedia files;
- several minor code cleanups;
- add a recommendation by Daniel J McDonald to a documentation file INSTALL:
If different UID is preferred for an AV scanner, a solution for
ClamAV is to add user clamav to the amavis group, and then add
AllowSupplementaryGroups to clamd.conf;
- enclosed a simple demonstrational Perl program amavis.pl, which is
functionally much like the amavis.c helper program, but talks the new
AM.PDP protocol with the amavisd daemon. See README.protocol for the
description of AM.PDP protocol. To be placed in amavisd.conf:
$protocol='AM.PDP'; $unix_socketname='/var/amavis/amavisd.sock';
Usage: amavis.pl sender recip1 recip2 ... < message.txt
- documentation updates;
* Show base (if not decimal, hexadecimal or non-standard) as subscript
* Use singular instead of abbreviated name for completion
* Fix "Convert result" button
* Use the last operator for leftover stack values
* Fix RPN crash and don't add lonely stack value to itself
* Workaround freeze with message dialog without buttons
squid-2.5.STABLE7-response_splitting.patch was updated, so update distinfo
and DIST_SUBDIR. It seems that a patch to one more file was added.
* 2005-01-31 01:50 (Security issue)
Strengthen Squid from HTTP response splitting cache pollution attack
Changes:
0.35 [CORE] Support for Genecyst patch files / Game Genie
[CORE] Support for AVI uncompressed and MJPEG output
[68000] Re-added busy wait removal that got lost
[SOUND] Added configurable single-pole low-pass filter
[CORE] Added autoconf/automake version checks
[VDP] Fix FIFO busy flag (Nicholas Van Veen)
[SOUND] Various further endian improvements from Bastien Nocera
and andi@fischlustig.de (Debian)
[SOUND] Various BSD compatibility improvements from
Alistair Crooks and Michael Core (NetBSD)
[UI] SDL Joystick support from Matthew N. Dodd (FreeBSD)
[68000] Do pre-decrement with two reads (Steve Snake)
[68000] Make TAS not write (Steve Snake) fixes Gargoyles, Ex Mutant
[68000] Re-write ABCD,etc based on info from Bart Trzynadlowski
[68000] Implement missing BTST op-code (fixes NHL Hockey 94)
Bump BUILDLINK_DEPENDS of pico, and the PKGREVISION of both pico and pine.
To help avoid this problem in the future, add a comment to pico/Makefile,
indicating where the shlib version is maintained and when it should be bumped.
> apply a patch from evution CVS:
> 2005-01-20 Not Zed <NotZed@Ximian.com>
> * camel-lock-helper.c (main): since malloc(MAXINT+1) returns a
> valid pointer, validate the length of the path before using it.
> set maximum path to 65000 characters. Spotted by Max Vozeler
> <max@hinterhof.net>
>
> This fixes the security vulnerability refered to as CAN-2005-0102.
> bump PKGREVISION
* Incorporated OpenVMS port by Jouk Jansen
<joukj@hrem.stm.tudelft.nl>
http://nchrem.tnw.tudelft.nl/openvms/software2.html
* PNG is now the default image format
* Corrected long standing bug in StdSnapshotCallback() in graphic.c
* Added -clipboard option which loads files from command line
into clipboard.
Version 0.8.9:
* new translations:
* bulgarian
* latin
* updated most translations
* new or updated portraits:
* Konrad, Delfador, Li'sar and Kalenz (Heir to the Throne)
* Gweddry and Dacyn (Eastern Invasion)
* added missing animations for:
* Mermaid Initiate, Mermaid Enchantress and Mermaid Siren
* Ancient Wose
* Goblin Direwolf Rider and Goblin Knight
* Gryphon
* Skeleton Archer, Revenant and Death Knight
* Troll Warrior, Troll Hero and Great Troll, Young Ogre
* Grand Knight, Lord and Master Bowman
* Cuttlefish
* new or overhauled Graphics for:
* Footpad, Outlaw, Thief and Rogue
* Orcish Shamans, Elvish Lord and Elvish High Lord
* Ghost, Nightgaunt, Shadow, Spectre and Wraith
* new female units for:
* Footpad, Thief, Rogue and Assassin
* added new tiles:
* Desert, desert hills, desert mountain, desert villages (adobe and tent),
desert road, desert oasis, savanna, tropical forest,
tropical forest village
* added icon for petrified units
* fixed missing diagonal projectiles on many units
* removed old unused images:
* time-of-day
* downloaded campaigns no longer require a restart to be able to play them
* new units:
* Javelineer
* unit balancing:
* Naga fighter: increased hitpoints from 27 to 30
* Merman Hoplite: increased resistances and damage
* Mermaid Initiate/Enchantress/Siren: reduced number of attacks,
increased damage, removed special resistances
* Mermaid Initiate: increased experience needed to level, other minor tweaks
* Swordsman: increase resistance to blade and impact
* Royal guard: increase resistance to blade and impact
* Pikeman: increase resistance to pierce, change attacks number and damage
* Halberdier: increase resistance to pierce, increase blade damage, decrease
pierce damage
* Saurian Tribalist, Saurian Icecaster, Saurian Soothsayer: remove 'skirmish'
* Saurian Skirmisher: Increase cost to 14 gold
* Wraith, Spectre: reduce resistance to blade, pierce, impact by 20%,
increase HP by 10%
* Poacher: Reduce cost to 14
* Tentacle of the Deep: Change movement type to 'float'
* Flying creatures can now cross canyons
* Removed ZoC from level 0 units
* Language fixes and polishing (English)
* Added 'x' to the terrain letters reserved for campaign writers
* Scenario revisions for 'The Eastern Invasion' campaign:
* Lake Vrug
* Two Paths
* Northern Outpost
* Elven Alliance
* Unexpected Appearance
* Escape Tunnel
* Tribal Warfare
* Approaching Weldyn
* Scenario revisions in Heir to the Throne:
* Blackwater Port- Make the port look like more of a port, other minor
changes that mute each other out
* The Isle of Anduin- Extend shallow water around the Isle, remove the
Saurians in favour of Goblins
* The Bay of Pearls- Flip the map so the Ocean is on the West side
* Muff Malal's Peninsula- Make it a peninsula, give Konrad the option of
fighting (bonus) or fleeing
* Isle of the Damned- Touched up the map so it is clear that the islands are
islands, made the islands tropical, and moved the temples
* The Siege of Elensefar- New map, and other changes
* The Crossroads- New map, weaker more diffuse ambushes, and less gold for
the Orcs
* The Princess of Wesnoth- Minor map changes, and made the scenario harder
* Set result=continue in 'Plunging into the Darkness'
* Scenario revisions in The Rise of Wesnoth:
* fixed {CROSS} in 'Temple of the Deep'
* fixed sign glitch
* Reduce the difficulty of TRoW on 'Hard' particularly, and reduce the
difficulty slightly on 'Easy' & 'Normal'
* A New Land - Sync with the map from Bay of Pearls
* Cursed Isle- Sync with the map from Isle of the Damned, make the temples
match locations
* Made 'Peoples in Decline' and 'Rough Landing' look tropical
* multiplayer improvements
* multiplayer game settings (map name, gold per village, ...) are saved now
* added several missing units
* Random Map (Desert) uses new desert environment; also tweaked
* make the cave in 'An Island' (MP) be 'underground'
* enlarge side descriptions for remote player during game creation
* added support for player nick tab completion and /me-substitution in game chat
* theme syntax improvements:
* added support for specifying a reference rectangle when using
relative-positioning syntax
* added support for theme inheritance; avoids duplicating mostly-unchanged
code
* added a "droid" game command, and allow for computer player to do a campaign
* added a "canrecruit" filter
* updated manpages and added support for translating them
* "," is no longer the column separator, it does not have to be escaped
anymore in some translations, "=" is the new separator (#10368)
* take advantage of libzipios++ if available, to read cfg files, maps,
images, sound effects, and fonts from zip files. Call "make zip-install"
to install data zipped.
* removed drain allowing to go past maximum hp
* removed long-range attacks
(Pirate Galleon, Transport Galleon, Wall Guard, Watch Tower)
* fixed various bugs with respect to multiplayer game setup
(#10896, #11236, #11265, #11442, #11527)
* added new pathfinder (Redsun)
* fixed some pathfinding bugs
* fixed untranslatable strings
* fixed "damage inflicted" statistic (incorrectly computed when defending)
* fixed that move-and-attack allowed attacking stone units
* fixed the side turn event being fired incorrectly
* fixed repeat recruit hotkey not respecting WML recruit changes
* removed support for turning off genders
* removed obsolete tools: make_translation merge_translations
* removed obsolete id= for messages in TRoW & HttT
* code cleanups and bug fixing
* added a wesnoth "fortunes" file
