notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
NOTE: There is a known problem on production with searching pkg-plist - it returns no results. This problem is not present on
non port: mail/spamassassin/distinfo

Number of commits found: 6

Sun, 10 Jul 2022
[ 20:24 Dima Panov (fluffy) search for other commits by this committer ]    commit hash:0ea4db436eea02a15ea1aa66f1d45311207bff7a  commit hash:0ea4db436eea02a15ea1aa66f1d45311207bff7a  commit hash:0ea4db436eea02a15ea1aa66f1d45311207bff7a  0ea4db4 
mail/spamassassin: update to 3.4.6 release (+)

Apache SpamAssassin 3.4.6 fixes two bugs that were introduced by the
3.4.5 release that could prevent certain rules from properly firing.

Wed, 24 Mar 2021
[ 20:02 cy search for other commits by this committer ] Original commit   Revision:569156
mail/spamassassin: Update 3.4.4 --> 3.4.5, fixing CVE-2020-1946

According to, 3.4.5 fixes CVE-2020-1946.
The announce text:

Apache SpamAssassin 3.4.5 was recently released [1], and fixes an issue
of security note where malicious rule configuration (.cf) files can be
configured to run system commands.

In Apache SpamAssassin before 3.4.5, exploits can be injected in a number
of scenarios. In addition to upgrading to SA 3.4.5, users should only use
update channels or 3rd party .cf files from trusted places.

Apache SpamAssassin would like to thank Damian Lukowski at credativ for
ethically reporting this issue.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Fri, 31 Jan 2020
[ 16:06 zeising search for other commits by this committer ] Original commit   Revision:524723
mail/spamassassin: Update to 3.4.4

Update mail/spamassassin to 3.4.4.  This fixes several security

- Improvements to OLEVBMacro
- Fix for CRLF handling with SpamAssMilter & DKIM
- Small fix for a regexp to provide Perl 5.8.x compatability again
- Increased fns_extrachars default value to 50
- Fixed nosubject and maxhits tflags when sa-compile is used
- Limited the Bayes parsed token count
- Improvements to whitespace trimming

PR:		243744
Submitted by:	cy
MFH:		2020Q1
Security:	c86bfee3-4441-11ea-8be3-54e1ad3d6335
Fri, 13 Dec 2019
[ 20:03 cy search for other commits by this committer ] Original commit   Revision:520065
Update 3.4.2 --> 3.4.3

2019-12-11: Apache SpamAssassin 3.4.3 has been released! Apache
SpamAssassin 3.4.3 contains numerous tweaks and bug fixes as we prepare
to move to version 4.0.0 with better, native UTF-8 handling. There are a
number of functional patches, improvements as well as security reasons to
upgrade to 3.4.3. In this release, there is also one new plugin and there
are bug fixes for two CVEs:

    CVE-2019-12420 for Multipart Denial of Service Vulnerability
    CVE-2018-11805 for nefarious CF files can be configured to run system
                   commands without any output or errors.

PR:		242618
Submitted by:	cy
Reported by:	cy
Approved by:	zeising (maintainer)
MFH:		2019Q4
Security:	CVE-2019-12420, CVE-2018-11805
Wed, 26 Sep 2018
[ 19:30 zeising search for other commits by this committer ] Original commit   Revision:480763
mail/spamassassin: Update to 3.4.2

Update mail/spamassassin to 3.4.2.  This update includes security fixes.
For complete changelog and upgrade notes, see:" REL="NOFOLLOW">

Big thanks to Larry Rosenman (ler) for help with testing!

PR:		231412
Reported by:
Tested by:	ler
MFH:		2018Q3
Security:	613193a0-c1b4-11e8-ae2d-54e1ad3d6335
Wed, 29 Apr 2015
[ 18:46 adamw search for other commits by this committer ] Original commit   Revision:385003 (Only the first 10 of 11 ports in this commit are shown above. View all ports for this commit)
Update spamassassin to 3.4.1.

  * improved automation to help combat spammers that are abusing new top level
  * tweaks to the SPF support to block more spoofed emails;
  * increased character set normalization to make rules easier to develop and
    stop spammers from using alternate character sets to bypass tests;
  * continued refinement to the native IPv6 support; and
  * improved Bayesian classification with better debugging and attachment

Full ChangeLog at

The japanese/spamassassin port is broken until it's updated for 3.4.1.

Number of commits found: 6