LorbusChris · ajayramaswamy · Mar 19, 2023 · Aug 8, 2023 · Jan 21, 2024 · Jan 21, 2024
diff --git a/ffbab4fbf218514845b8e5209aec044621b1f460.patch b/ffbab4fbf218514845b8e5209aec044621b1f460.patch
@@ -0,0 +1,54 @@
+From ffbab4fbf218514845b8e5209aec044621b1f460 Mon Sep 17 00:00:00 2001
+From: Vsevolod Stakhov <vsevolod@rspamd.com>
+Date: Sun, 6 Aug 2023 18:33:37 +0100
+Subject: [PATCH] [CritFix] Fix leak in `gzip` function
+
+Issue: #4564
+---
+ src/libutil/util.c | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/src/libutil/util.c b/src/libutil/util.c
+index 4be7cc620..deba3e807 100644
+--- a/src/libutil/util.c
++++ b/src/libutil/util.c
+@@ -1,11 +1,11 @@
+-/*-
+- * Copyright 2017 Vsevolod Stakhov
++/*
++ * Copyright 2023 Vsevolod Stakhov
+  *
+  * Licensed under the Apache License, Version 2.0 (the "License");
+  * you may not use this file except in compliance with the License.
+  * You may obtain a copy of the License at
+  *
+- *   http://www.apache.org/licenses/LICENSE-2.0
++ *    http://www.apache.org/licenses/LICENSE-2.0
+  *
+  * Unless required by applicable law or agreed to in writing, software
+  * distributed under the License is distributed on an "AS IS" BASIS,
+@@ -2231,6 +2231,7 @@ rspamd_fstring_gzip(rspamd_fstring_t **in)
+ 	strm.avail_out = sizeof(temp) > buf->allocated ? buf->allocated : sizeof(temp);
+ 	ret = deflate(&strm, Z_FINISH);
+ 	if (ret == Z_STREAM_ERROR) {
++		deflateEnd(&strm);
+ 		return FALSE;
+ 	}
+
+@@ -2247,6 +2248,8 @@ rspamd_fstring_gzip(rspamd_fstring_t **in)
+ 		if (ret != Z_BUF_ERROR || strm.avail_in == 0) {
+ 			buf->len = strm.next_out - (unsigned char *) buf->str;
+ 			*in = buf;
++			deflateEnd(&strm);
++
+ 			return ret == Z_STREAM_END;
+ 		}
+ 	}
+@@ -2267,6 +2270,7 @@ rspamd_fstring_gzip(rspamd_fstring_t **in)
+ 	g_free(hold);
+ 	buf->len = strm.next_out - (unsigned char *) buf->str;
+ 	*in = buf;
++	deflateEnd(&strm);
+
+ 	return ret == Z_STREAM_END;
+ }
diff --git a/rspamd-3.4-Deserialise_hyperscan_to_the_page-aligned_space_to_prevent_alignment_issues.patch b/rspamd-3.4-Deserialise_hyperscan_to_the_page-aligned_space_to_prevent_alignment_issues.patch
diff --git a/rspamd-secure-ssl-ciphers.patch b/rspamd-secure-ssl-ciphers.patch
@@ -1,20 +1,11 @@
-diff --git a/src/libserver/ssl_util.c b/src/libserver/ssl_util.c
-index c01f7467f..aafbb0826 100644
---- a/src/libserver/ssl_util.c
-+++ b/src/libserver/ssl_util.c
-@@ -1076,7 +1076,7 @@ void
- rspamd_ssl_ctx_config (struct rspamd_config *cfg, gpointer ssl_ctx)
+--- rspamd-3.7.5/src/libserver/ssl_util.c.orig	2023-12-05 07:49:47.680818537 +0530
++++ rspamd-3.7.5/src/libserver/ssl_util.c	2023-12-05 07:50:26.251380202 +0530
+@@ -1095,7 +1095,7 @@
+ void rspamd_ssl_ctx_config(struct rspamd_config *cfg, gpointer ssl_ctx)
  {
- 	struct rspamd_ssl_ctx *ctx = (struct rspamd_ssl_ctx *)ssl_ctx;
+ 	struct rspamd_ssl_ctx *ctx = (struct rspamd_ssl_ctx *) ssl_ctx;
 -	static const char default_secure_ciphers[] = "HIGH:!aNULL:!kRSA:!PSK:!SRP:!MD5:!RC4";
 +	static const char default_secure_ciphers[] = "PROFILE=SYSTEM";
 
  	if (cfg->ssl_ca_path) {
- 		if (SSL_CTX_load_verify_locations (ctx->s, cfg->ssl_ca_path,
-@@ -1112,4 +1112,4 @@ rspamd_ssl_ctx_free (gpointer ssl_ctx)
- 	rspamd_lru_hash_destroy (ctx->sessions);
- 	SSL_CTX_free (ctx->s);
- 	g_free (ssl_ctx);
--}
-\ No newline at end of file
-+}
+ 		if (SSL_CTX_load_verify_locations(ctx->s, cfg->ssl_ca_path,
diff --git a/rspamd.spec b/rspamd.spec
@@ -1,6 +1,6 @@
 Name:             rspamd
-Version:          3.4
-Release:          2%{?dist}
+Version:          3.8.0
+Release:          1%{?dist}
 Summary:          Rapid spam filtering system
 License:          ASL 2.0 and LGPLv3 and BSD and MIT and CC0 and zlib
 URL:              https://www.rspamd.com/
@@ -11,7 +11,7 @@ Source3:          rspamd.logrotate
 Source4:          rspamd.sysusers
 Source5:          rspamd.tmpfilesd
 Patch0:           rspamd-secure-ssl-ciphers.patch
-Patch1:           rspamd-3.4-Deserialise_hyperscan_to_the_page-aligned_space_to_prevent_alignment_issues.patch
+
 
 # see https://bugzilla.redhat.com/show_bug.cgi?id=2043092
 %undefine _package_note_flags
@@ -190,10 +190,10 @@ install -Dpm 0644 LICENSE.md %{buildroot}%{_docdir}/licenses/LICENSE.md
 %dir %{_datadir}/%{name}/{elastic,languages}
 %{_datadir}/%{name}/{elastic,languages}/*.json
 %{_datadir}/%{name}/languages/stop_words
-%dir %{_datadir}/%{name}/{lualib,plugins,rules}
-%{_datadir}/%{name}/{lualib,plugins,rules}/*.lua
-%dir %{_datadir}/%{name}/lualib/{lua_content,lua_ffi,lua_magic,lua_scanners,lua_selectors,plugins,rspamadm}
-%{_datadir}/%{name}/lualib/{lua_content,lua_ffi,lua_magic,lua_scanners,lua_selectors,plugins,rspamadm}/*.lua
+%dir %{_datadir}/%{name}/{lualib,plugins,rules,redis_scripts}
+%{_datadir}/%{name}/{lualib,plugins,rules,redis_scripts}/*.lua
+%dir %{_datadir}/%{name}/lualib/{lua_content,lua_ffi,lua_magic,lua_scanners,lua_selectors,plugins,redis_scripts,rspamadm}
+%{_datadir}/%{name}/lualib/{lua_content,lua_ffi,lua_magic,lua_scanners,lua_selectors,plugins,redis_scripts,rspamadm}/*.lua
 %dir %{_datadir}/%{name}/rules/{controller,regexp}
 %{_datadir}/%{name}/rules/{controller,regexp}/*.lua
 %dir %{_datadir}/%{name}/www
@@ -216,6 +216,18 @@ install -Dpm 0644 LICENSE.md %{buildroot}%{_docdir}/licenses/LICENSE.md
 %dir %attr(0750,%{name},%{name}) %{_localstatedir}/log/%{name}
 
 %changelog
+* Sun Jan 21 2024 Ajay Ramaswamy <ajay@ramaswamy.net> - 3.8-1
+- update to 3.8
+
+* Sun Dec 31 2023 Ajay Ramaswamy <ajay@ramaswamy.net> - 3.7.5-1
+- update to 3.7.5
+
+* Tue Aug 08 2023 Ajay Ramaswamy <ajay@ramaswamy.net> - 3.6-1
+- update to 3.6
+
+* Sun Mar 19 2023 Ajay Ramaswamy <ajay@ramaswamy.net> - 3.5-1
+- update to 3.5
+
 * Wed Dec 07 2022 Ajay Ramaswamy <ajay@ramaswamy.net> - 3.4-2
 - disable package-note-flags to fix link with gcc12
   see details in rhbz #2043092