opendmarc (1.4.2-5) unstable; urgency=medium * Non-maintainer upload. [ David Bürgin ] * Add patch "cve-2024-25768.patch" for CVE-2024-25768: Fix null pointer dereference in opendmarc_policy.c (Closes: #1070390) * Replace obsolete pkg-config dependency with pkgconf * Bump Standards-Version to 4.7.0 without further change [ Chris Hofstaedtler ] * Install systemd units into /usr. (Closes: #1058764) [ Scott Kitterman ] * Move packaging git from my personal namespace to debian * Remove myself as maintainer and move David from Uploaders to Maintainer -- Scott Kitterman Wed, 07 Aug 2024 20:13:39 -0400 opendmarc (1.4.2-4.1) unstable; urgency=medium * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. Closes: #1063084 -- Benjamin Drung Thu, 29 Feb 2024 12:17:41 +0000 opendmarc (1.4.2-4) unstable; urgency=medium * systemd: Revert introduction of sandboxing in opendmarc service, as it breaks sending of reports, which is a core function (Closes: #1047168) * Drop unused opendbx dependencies from Recommends (Closes: #1053435) -- David Bürgin Fri, 08 Dec 2023 20:09:31 +0100 opendmarc (1.4.2-3) unstable; urgency=medium [ David Bürgin ] * debian/patches: Add missing upstream bug metadata, add new patches: - arcares-segfaults.patch: Fix segfaults in ARC-A-Res headers - parse-arc-leaks.patch: Fix memory leaks when parsing ARC headers * Update debian/watch to monitor GitHub tags instead of releases page * Remove obsolete debian/opendmarc.NEWS * Remove obsolete lsb-base dependency in opendmarc package * systemd: Enable some basic sandboxing features in opendmarc service * Bump Standards-Version to 4.6.2 without further change [ Remus-Gabriel Chelu ] * [INTL:ro] Romanian debconf templates translation (Closes: #1033171) -- David Bürgin Sun, 09 Jul 2023 10:40:05 +0200 opendmarc (1.4.2-2) unstable; urgency=medium * systemd: Start service after network is online * Add patch "check-correct-domain.patch": opendmarc-check: print correct domain in loop * Bump Standards-Version to 4.6.1 without further change -- David Bürgin Tue, 16 Aug 2022 16:04:54 +0200 opendmarc (1.4.2-1) unstable; urgency=medium * New upstream release - Refresh patches - Drop debian/patches/cve-2021-34555.patch, equivalent fix incorporated upstream -- Scott Kitterman Tue, 18 Jan 2022 12:14:37 -0500 opendmarc (1.4.1.1-2) unstable; urgency=medium * Deprecate /lib/opendmarc/opendmarc.service.generate script: instead, edit /etc/opendmarc.conf directly, or use "systemctl edit opendmarc.service" to create configuration overrides * Remove unexplained diff applied to reports/opendmarc-import.in from patch "ticket193.patch" (Closes: #995694) * Add patch "cleanup-buflen.patch": Fix off-by-one error buffer overrun * Align package synopses with opendkim packages -- David Bürgin Wed, 03 Nov 2021 09:08:33 +0100 opendmarc (1.4.1.1-1) unstable; urgency=medium [ David Bürgin ] * New upstream release - Refresh patches, delete patches incorporated upstream - Update copyright information * Add new patches: - hold-quarantined-messages-doc.patch: Correct HoldQuarantinedMessages doc - insheader.patch: Insert trace headers at index 0 - check_domain.patch: Make function check_domain static - arcseal-segfaults.patch: Fix segfaults in ARC-Seal headers - conf_refcnt.patch: Remove invalid assert statement - free-arcdomain.patch: Fix memory leak when evaluating ARC chain - arc-override-quarantine.patch: Add ARC override for policy "quarantine" * Set "Rules-Requires-Root: no" in d/control * Bump Standards-Version to 4.6.0 without further change [ Camaleón ] * [INTL:es] Spanish translation of the debconf template (Closes: #987480) -- David Bürgin Tue, 24 Aug 2021 12:03:05 +0200 opendmarc (1.4.0~beta1+dfsg-6) unstable; urgency=high * Add patch for CVE-2021-34555 from upstream issue tracker: - Do not dereference NULL in multi-value From headers (Closes: #990001) -- David Bürgin Fri, 18 Jun 2021 09:37:57 +0200 opendmarc (1.4.0~beta1+dfsg-5) unstable; urgency=high * Amend cve-2020-12272.patch to keep libopendmarc2 public ABI unchanged -- David Bürgin Wed, 02 Jun 2021 14:17:33 +0200 opendmarc (1.4.0~beta1+dfsg-4) unstable; urgency=high * Backport patches from upstream version 1.4.1.1 (Closes: #977766, #977767): - CVE-2019-16378: Fix handling of multi-valued From headers - CVE-2019-20790: Validate incoming SPF headers - CVE-2020-12272: Check DKIM and SPF domain syntax -- David Bürgin Sat, 29 May 2021 16:22:50 +0200 opendmarc (1.4.0~beta1+dfsg-3) unstable; urgency=high * Cherry-pick patch for CVE-2020-12460 from upstream: - Add proper null-termination in opendmarc_xml_parse (Closes: #966464) * Shut down debconf with db_stop in opendmarc.postinst, patch by "B.R.S.Roso" (Closes: #965284) * Add missing DEP-3 headers tracking upstream bug in d/patches -- David Bürgin Sat, 19 Sep 2020 08:40:47 +0200 opendmarc (1.4.0~beta1+dfsg-2) unstable; urgency=medium * Mark shared library packages as "Multi-Arch: same" in d/control * Add dependency on libjson-perl as suggested in reports/README * Do not package README.update-db-schema.mysql (not applicable in Debian) * Correct public suffix list file path in default opendmarc.conf * Update debhelper to compatibility level 13, and rename d/opendmarc.tmpfile as required by new dh_installtmpfiles * Silence a debhelper warning by renaming d/opendmarc.service.generate * Replace build dependency on opendkim-tools with new miltertest package -- David Bürgin Sun, 21 Jun 2020 08:24:04 +0200 opendmarc (1.4.0~beta1+dfsg-1) unstable; urgency=medium [ Scott Kitterman ] * Also update paths in Debian opendmarc.conf to use /run vice /var/run * Bump standards-version to 4.5.0 without further change * Update d/watch to point at new Github repository, use version 4 - Thanks to David Bürgin for the opendkim version that made it easy * New upstream release - Refresh patches - Delete debian/patches/ticket137.patch, ticket146.patch, ticket153.patch, and ticket203.patch: incorporated upstream * Add David Bürgin to Uploaders [ David Bürgin ] * Check d/copyright and convert to DEP-5 format * Repack upstream sources, excluding non-free Internet Draft documents * Add Build-Depends-Package field to d/libopendmarc*.symbols file * Use dh_auto_configure instead of ./configure for multiarch support * Update debhelper to compatibility level 12 (with accompanying changes in d/*.install and similar to silence dh_missing warnings) * Update remaining paths in d/* to use /run vice /var/run -- David Bürgin Sun, 29 Mar 2020 08:51:08 +0200 opendmarc (1.3.2-7) unstable; urgency=high [ Scott Kitterman ] * Add change from https://github.com/trusteddomainproject/OpenDMARC/pull/48 to address incorrect DMARC pass results with multi-from mail (Closes: #940081) - Addresses CVE-2019-16378 * Update opendmarc.service to use /run vice /var/run (See #933357) [ Adriano Rafael Gomes ] * [INTL:pt_BR] Brazilian Portuguese debconf templates translation (Closes: #920540) [ Lev Lamberov ] * [INTL:ru] Russian translation of debconf template (Closes: #920918) -- Scott Kitterman Mon, 16 Sep 2019 16:13:59 -0400 opendmarc (1.3.2-6) unstable; urgency=medium [ Scott Kitterman ] * Remove unused ticket181.patch from patch directory * Correct d/patches/ticket168.patch description [ Chris Leick ] * [INTL:de] Initial German debconf translation (Closes: #917284) [ Portuguese Translation Team ] * [INTL:pt] Portuguese translation for debconf messages (Closes: #918615) [ Jean-Pierre Giraud ] * [INTL:fr] French debconf templates translation (Closes: #918691) [ Frans Spiesschaert ] * [INTL:nl] Dutch translation of debconf messages (Closes: #919302) -- Scott Kitterman Sat, 19 Jan 2019 01:21:27 -0500 opendmarc (1.3.2-5) unstable; urgency=medium * Use dbconfig to automatically set up the database for generating aggregate reports (Closes: #879241) - Thanks to Jack Bates for the patch * Update patches based on Juri Haberland's review of pending upstream changes and the current Debian patch set: - Drop debian/patches/ticket174.patch, already fixed in 1.3.2 another way - Add debian/patches/ticket137.patch, fix auth-res parsing - Add debian/patches/ticket146.patch, adds a '--input' parameter to opendmarc-import - Add debian/patches/ticket203.patch, opendmarc-reports would send multiple reports to the same address if given multiple times in a rua tag - patch marks such dmarc records invalid - Add debian/patches/ticket204.patch, fix the import tool, so that domains are always entered in lower case - Add debian/patches/ticket207.patch, correct opendmarc-report domain used in - Add debian/patches/ticket208.patch, adds a new option to ignore mail to a given email address to prevent report loops - Add debian/patches/ticket212.patch, fixes a memory leak in opendmarc_tld_read_file() - Add debian/patches/ticket227.patch, fixes segfault in opendmarc_policy_ parse_dmarc() that occurs under certain circumstances * Fix various references to opendkim (Closes: #905361, #903253) * Bump standards-version to 4.2.1 without further change -- Scott Kitterman Mon, 17 Dec 2018 02:14:56 -0500 opendmarc (1.3.2-4) unstable; urgency=medium * Add Vcs-* for salsa * Bump standards-version to 4.1.3 without further change * Drop rddmarc exmample script binary and ship examples in opendmarc (LP: #1611806) * Switch to 3.0 (quilt) source package format * Enable all hardening options (Closes: #880524), thanks to Jack Bates for the patch * Bump compat to 10 so that systemd, autoreconf, and parallel fun are handeled automatically (Closes: #878473), Thanks to Jack Bates for the patch * Change package priority to optional to match override -- Scott Kitterman Sun, 11 Mar 2018 15:35:42 -0400 opendmarc (1.3.2-3) unstable; urgency=medium * Update opendmarc service file so changes in opendmarc.conf are used and update opendmarc.conf to match values previously hard-coded in the service file and better align to the organization in the upstream example configuration (Closes: #863612) - Thanks to Jack Bates for the patch -- Scott Kitterman Mon, 11 Dec 2017 14:22:44 -0500 opendmarc (1.3.2-2) unstable; urgency=medium * Do not remove /etc/default/opendkim on upgrade since it is a conffile because policy 10.7.3 (Closes: #863173) -- Scott Kitterman Mon, 22 May 2017 18:11:58 -0400 opendmarc (1.3.2-1) unstable; urgency=medium * New upstream release - Update debian/copyright (added 2017) - Remove patches applied upstrea (debian/patches/ticket095.patch, ticket165_incomplete.patch, ticket166.patch, ticket185.patch, and ticket187.patch) * Update README.Debian to point to use of opendmarc.service.d/overrride.conf with systemd (Closes: #856489, #856057) * Update README.Debian to explain that TCP sockets bound to a specific IP address will not work if that address is not bound to a network connection and how to work avoid startup issues if network initialization is too slow (Closes: #856488) -- Scott Kitterman Mon, 13 Mar 2017 21:44:33 -0400 opendmarc (1.3.2~Beta1-2) unstable; urgency=medium * Add debian/patches/ticket193.patch to fix compatibility with mysql strict mode - Update openmarc.docs for new README and schema update files * Add debian/patches/ticket159.patch so that history file location is taken from opendmarc.conf rather than hard coded -- Scott Kitterman Sat, 07 Jan 2017 11:36:04 -0500 opendmarc (1.3.2~Beta1-1) unstable; urgency=medium * New upstream release * Remove patches applied upstream (debian/patches/ticket181.patch, ticket186.patch, ticket188.patch, ticket194.patch, ticket195.patch, and ticket196.patch * Update debian/copyright * Fix symbols-file-contains-debian-revision in debian/libopendmarc2.symbols * Update debian/opendmarc.docs for removal of reports/mkdb.mysql -- Scott Kitterman Sat, 07 Jan 2017 01:06:55 -0500 opendmarc (1.3.2~Beta0+dfsg-5) unstable; urgency=medium * Fix opendmarc.service so it will successfully start opendmarc in the absence of the (usually present) override file -- Scott Kitterman Tue, 06 Dec 2016 20:20:21 -0500 opendmarc (1.3.2~Beta0+dfsg-4) unstable; urgency=medium * Fix debiam/rules so linking to libspf2 actually works * Additional patches from the upstream bug tracker: - Correct SPF related processing issues with IPv6 https://sf.net/p/opendmarc/tickets/95/ - Complete correction for #165: Fix logic in checking which SPF, identifier was used: debian/patches/ticket165_incomplete.patch -- Scott Kitterman Sat, 03 Dec 2016 20:54:45 -0500 opendmarc (1.3.2~Beta0+dfsg-3) unstable; urgency=medium * Fixup opendmarc.service installation and update based on changes from the opendkim package (Closes: #843247, #843327) - /etc/default/opendmarc will be removed on systems using systemd (see opendmarc.NEWS) * Create run dir on install in postinst * Only override dh_fixperms instead of dh_install as it is more correct and only override for -arch, not indep to fix indep only build (Closes: #843366) - Thanks to Santiago Vila for the report and the fix * Cherry-pick additional changes from upstream bug tracker: - Correct processing if a domain has a size limit on its ruf address https://sourceforge.net/p/opendmarc/tickets/174/ - Correct error in help processing for opendmarc-reports https://sourceforge.net/p/opendmarc/tickets/181/ - Fix segfaults when invoked for local/ignored hosts (Closes: #843330) https://sourceforge.net/p/opendmarc/tickets/185/ - Fix bug in dmarcf_config_reload function https://sourceforge.net/p/opendmarc/tickets/186/ - Fix compile and functional fix for SPF result logging (more complete replacement for current fix_compile.patch) https://sourceforge.net/p/opendmarc/tickets/187/ - Fix issue with deleting zip file too early in opendmarc-reports https://sourceforge.net/p/opendmarc/tickets/188/ - Fix history file SPF results (use AR format) https://sourceforge.net/p/opendmarc/tickets/195/ - Fix issue with wrong DMARC state in Auth-Res header https://sourceforge.net/p/opendmarc/tickets/194/ - Fix RecordAllMessages = false so it works https://sourceforge.net/p/opendmarc/tickets/196/ -- Scott Kitterman Tue, 08 Nov 2016 00:48:22 -0500 opendmarc (1.3.2~Beta0+dfsg-2) unstable; urgency=medium * Upload to unstable - Despite being a beta, it appears to be more reliable than the previous release * Replace TimeoutStartSec=10 with Restart=on-failure in opendmarc.service to give more time for initial start-up and to make sure opendmarc starts eventually See #837376 * Fix group permissions on /var/run/opendmarc See #837375 * Generate opendkim.service in postinst instead of shipping it in the package See #837374 * Correct executability of opendmarc.service.generate -- Scott Kitterman Sun, 30 Oct 2016 08:47:07 -0400 opendmarc (1.3.2~Beta0+dfsg-1) experimental; urgency=medium * New upstream beta release - Drop patches for incorporated changes - Refresh remaining patches - Update libopendmarc2.symbols * Add systemd service file - Parameters generated from /etc/default/opendmarc based on opendkim implementation -- Scott Kitterman Wed, 20 Jul 2016 01:39:28 -0400 opendmarc (1.3.1+dfsg-4) unstable; urgency=medium * Set CONFIG_SHELL=/bin/sh to work around captures_shell_variable_in_autofoo _script and make the build reproducible * Bump standards version to 3.9.8 without further change * Update debian/watch so it is working again * Add reviewed patches from sourceforge tickets since a new upstream release seems to be nowhere in sight. - Adds new RejectString option to define custom text for rejection reason -- Scott Kitterman Sat, 02 Jul 2016 22:52:59 -0400 opendmarc (1.3.1+dfsg-3) unstable; urgency=medium * Use system public suffix list so organizational domain can be determined - Add publicsuffix to opendmarc depends - Add PublicSuffixList to installed opendmarc.conf * Fix use of Debian revision in libopendmarc2.symbols * Update debian/watch (thanks to bartm) -- Scott Kitterman Tue, 26 Jan 2016 17:06:30 -0500 opendmarc (1.3.1+dfsg-2) unstable; urgency=medium * Upload to unstable * Add debian/patches/fix-incompatible-pointer-type - Thanks to Sebastian A. Siewior for the patch * Fix enabling of SPF: update configure and add new symbols (Closes: #781048) - Thanks to Christophe Wolfhugel for both the report and the fix * Update installed opendmarc.conf to use the term FailureReports vice ForensiceReports (Closes: #783180) - Thanks to Olaf Zaplinski for the report -- Scott Kitterman Thu, 23 Apr 2015 13:41:35 -0400 opendmarc (1.3.1+dfsg-1) experimental; urgency=medium * New upstream release (Closes: #761444, #761451) * Bump standards version to 3.9.6 without further change) -- Scott Kitterman Mon, 23 Feb 2015 16:52:23 -0500 opendmarc (1.3.0+dfsg-1) unstable; urgency=medium * Upload to unstable * New upstream release - Drop debian/patches/missing_include.patch, incorporated upstream - Update for new soname (rename libopendmarc1 to libopendmarc2, update libopendmarc-dev depends, and rename install/symbols files) * Update debian/copyright -- Scott Kitterman Fri, 01 Aug 2014 03:03:09 -0400 opendmarc (1.3.0~beta4+dfsg-2) experimental; urgency=medium * Update debian/patches/missing_include.patch to move the build-config.h before the STRL checks in opendmarc/config.c and test.c -- Scott Kitterman Wed, 30 Jul 2014 15:45:28 -0400 opendmarc (1.3.0~beta4+dfsg-1) experimental; urgency=medium * New upstream beta release * Patch configure.ac to add tests for presence of libbsd/string.h and use USE_BSD_H and USE_STRL_H to select the correct include - Based on similar changes done for opendkim -- Scott Kitterman Wed, 30 Jul 2014 12:00:37 -0400 opendmarc (1.3.0~beta3+dfsg-1) experimental; urgency=medium * New upstream beta release - Repacked tarball to remove non-free internet draft - Updated debian/libopendmarc1.symbols - Enable new internal SPF checking with libspf2 - Add libspf2-dev to build-depends - Adjust configure in debian/rules * Update standards version to 3.9.5 without further change * Enable use of syslog by default * Run as opendmarc:opendmarc by default * Decluttered installed configuration file * Improved rddmarc package description -- Scott Kitterman Sat, 19 Jul 2014 02:18:01 -0400 opendmarc (1.2.0+dfsg-1) unstable; urgency=medium * Upload to Unstable * New upstream release - Repacked tarball to remove non-free internet draft - Fixes hard coded parameters in dmarcfail (Closes: #720392) -- Scott Kitterman Mon, 17 Mar 2014 20:38:42 -0400 opendmarc (1.2.0~beta3+dfsg-1) experimental; urgency=low * New upstream beta release - Repack upstream tarball to remove non-free IETF draft - Add libbsd-dev to build-depends to use system strlcat/strlcpy - Update libopendkim1.symbols - Fixes hard coded parameters in dmarcfail (Closes: #720392) * Move dmarcfail and rddmarc to /usr/share/doc as suggested by upstream * Update package descriptions -- Scott Kitterman Thu, 13 Mar 2014 00:27:01 -0400 opendmarc (1.1.3-1) unstable; urgency=low * New upstream release - Update draft-dmarc-base version number in opendmarc.docs -- Scott Kitterman Sun, 14 Apr 2013 18:34:00 -0400 opendmarc (1.1.2-1) unstable; urgency=low * New upstream release -- Scott Kitterman Mon, 01 Apr 2013 10:58:46 -0400 opendmarc (1.1.1-1) unstable; urgency=low * New upstream release * Update debian/watch now that we don't mangle the version anymore -- Scott Kitterman Mon, 18 Mar 2013 22:04:19 -0400 opendmarc (1.1.0-1) unstable; urgency=low * Uploading to unstable * New upstream final release -- Scott Kitterman Fri, 08 Mar 2013 13:40:54 -0500 opendmarc (1.1.0~beta2-1) experimental; urgency=low * New upstream beta release - Drop debian/patches/warnings_fix.patch since it is included upstream - Update debian/copyright - Update for new library SO name libopendmarc0* -> libopendmarc1 - Update symbols file -- Scott Kitterman Thu, 28 Feb 2013 03:24:00 -0500 opendmarc (1.1.0~beta1-2) experimental; urgency=low * Fix borked dh_autoreconf change in debian/rules in the last upload -- Scott Kitterman Tue, 12 Feb 2013 00:21:10 -0500 opendmarc (1.1.0~beta1-1) experimental; urgency=low * New upstream beta release - Update symbols file - Update debian/copyright * Add debian/patches/warnings_fix.patch for upstream changes made post- release to address compiler warnings * Update debian/rules for better cross-building support, based on changes from Adam Conrad for opendkim - Add dh-autoreconf to build-depends -- Scott Kitterman Mon, 11 Feb 2013 15:27:52 -0500 opendmarc (1.1.0~beta0-1) experimental; urgency=low * New upstream beta release - Repacking on longer required because DMARC specification license is now included in the upstream tarball - Update symbols file - Re-enable tests since they no longer require network access - Added new reports/mkdb.mysql setup script to debian/opendmarc.docs * Include MySQL schema files and readme in /usr/share/doc/opendmarc to support DMARC aggregate reporting * Update debian/README.Debian * Set umask in opendmarc.conf so Unix socket has proper permissions * Fix libopendmarc-dev package description to be about opendmarc and not opendkim (Closes: #699278) -- Scott Kitterman Wed, 06 Feb 2013 10:24:23 -0500 opendmarc (1.0.1+dfsg-3) unstable; urgency=low * Upload to unstable * Correct option for using installed configuration file in debian/opendmarc.init -- Scott Kitterman Wed, 12 Dec 2012 18:48:33 -0500 opendmarc (1.0.1+dfsg-2) experimental; urgency=low * Disable opendmarc tests since they require network access -- Scott Kitterman Wed, 12 Dec 2012 00:49:42 -0500 opendmarc (1.0.1+dfsg-1) experimental; urgency=low * Initial release (Closes: #692940) * Repacked upstream tarball to add license for DMARC specification -- Scott Kitterman Mon, 23 Jul 2012 18:17:11 -0400