Fedora 32 Sympa 6.2.54 Critical Update: CVE-2020-9369 Buffer Overflow

Sympa is scalable and highly customizable mailing list manager. It

can cope with big lists (200,000 subscribers) and comes with a

complete (user and admin) Web interface. It is internationalized,

and supports the us, fr, de, es, it, fi, and chinese locales. A

scripting language allows you to extend the behavior of commands.

Sympa can be linked to an LDAP directory or an RDBMS to create

dynamic mailing lists. Sympa provides S/MIME-based authentication

and encryption.

Update to sympa 6.2.54 : - Fixes CVE-2020-9369 - See https://www.sympa.community/security/2020-001.html for details

* Mon Mar 2 2020 Xavier Bachelot 6.2.54-1

- Update to 6.2.54.

* Fri Jan 31 2020 Fedora Release Engineering - 6.2.52-2.1

- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild

* Sun Jan 19 2020 Xavier Bachelot 6.2.52-2

- Add upstream patches to fix 2 scenario failures.

* Fri Dec 27 2019 Xavier Bachelot 6.2.52-1

- Update to 6.2.52.

* Sun Dec 22 2019 Xavier Bachelot 6.2.50-1

- Update to 6.2.50.

- Re-enable Crypt::OpenSSL::X509 for EL8.

* Fri Nov 29 2019 Xavier Bachelot 6.2.48-3

- Add patch to fix compile executables test on F32.

- Add dependency on Socket6 and IO::Socket::IP

(or alternatively Socket6 and IO::Socket::INET6 on EL6).

- Add patch to fix ldap 2 level query.

- Re-enable Crypt::SMIME for EL8.

- Re-enable all web subpackages for EL8.

* Wed Oct 16 2019 Xavier Bachelot 6.2.48-2

- Don't require optional perl modules unavailable on EL8.

- Disable httpd and lighttpd support for EL8 until missing bits are available.

- Change sympa localstatedir owner/group to sympa:sympa. Fixes RHBZ#1761455.

* Mon Sep 30 2019 Xavier Bachelot 6.2.48-1

- Update to 6.2.48.

* Mon Sep 23 2019 Xavier Bachelot 6.2.46-1

- Update to 6.2.46.

- Unbundle foundation-icons font.

- Add dependency on LWP::Protocol::https (RHBZ#1753111).

- Don't unbundle js-respond on EL8 (yet).

* Sat Jul 27 2019 Fedora Release Engineering - 6.2.44-3.1

- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

* Thu Jul 18 2019 Xavier Bachelot 6.2.44-3

- Don't build for ix86 on EL6.

- Re-order some parts of spec for better readability.

- Use bcond_with macro instead of custom macros.

* Mon Jul 15 2019 Xavier Bachelot 6.2.44-2

- Don't package OChangeLog and ONEWS. Saves 5MB.

- Move developers documentation to devel-doc sub-package.

- Compute an accurate License: tag.

* Wed Jun 26 2019 Xavier Bachelot 6.2.44-1

- Update to 6.2.44.

* Mon Jun 10 2019 Xavier Bachelot 6.2.43-0.2.b.2

- Update to 6.2.43 beta 2.

* Thu May 23 2019 IKEDA Soji 6.2.43-0.1.b.1

- Update to 6.2.43 beta 1.

- Move sympa.conf-dist to doc.

* Thu Mar 21 2019 Xavier Bachelot 6.2.42-1

- Update to 6.2.42.

* Sun Mar 10 2019 Xavier Bachelot 6.2.41-0.2.b.2

- Update to 6.2.41 beta 2.

* Sun Feb 3 2019 Xavier Bachelot 6.2.41-0.1.b.1

- Update to 6.2.41 beta 1.

* Mon Jan 28 2019 Xavier Bachelot 6.2.40-2

- Unbundle jqplot on F29+.

- Use versioned Requires and BuildRequires for unbundled fonts and libs.

* Sat Jan 19 2019 Xavier Bachelot 6.2.40-1

- Update to 6.2.40.

* Fri Jan 11 2019 Xavier Bachelot 6.2.38-2

- Fix fontawesome, jquery-ui and jquery-migrate unbundling on EL7.

- Fix wwsympa/sympasoap not being restarted on update.

* Fri Dec 21 2018 Xavier Bachelot 6.2.38-1

- Update to 6.2.38.

* Sat Dec 8 2018 Xavier Bachelot 6.2.37-0.3.b.3

- Update to 6.2.37 beta 3.

* Sat Nov 3 2018 Xavier Bachelot 6.2.37-0.2.b.2

- Update to 6.2.37 beta 2.

* Sun Oct 7 2018 Xavier Bachelot 6.2.37-0.1.b.1

- Update to 6.2.37 beta 1.

* Sun Sep 23 2018 IKEDA Soji 6.2.36-1

- Update to 6.2.36.

* Sun Aug 26 2018 IKEDA Soji 6.2.35-0.1.b.1

- Update to 6.2.35b.1.

- For sympa-httpd with Fedora & EL7: Use mod_proxy_fcgi instead of mod_fcgid.

* Sun Aug 26 2018 IKEDA Soji 6.2.34-2

- Issue #36: Init scripts for wwsympa/sympasoap were broken.

* Thu Jul 5 2018 Xavier Bachelot 6.2.34-1

- Update to 6.2.34.

* Fri Jun 29 2018 IKEDA Soji 6.2.33-0.2.b.2

- Update to 6.2.33 beta 2.

Upstream #170 WWSympa: Switch to Foundation 6

Upstream #220 static_content directory structure

Upstream #336 Starting a test framework

* Wed Apr 25 2018 Xavier Bachelot 6.2.32-2

- Add missing Requires on EL6 and EL7.

* Thu Apr 19 2018 Xavier Bachelot 6.2.32-1

- Update to 6.2.32 (Security release).

See https://www.sympa.community/security/2018-001.html

* Mon Mar 26 2018 Xavier Bachelot 6.2.30-1

- Update to 6.2.30.

* Thu Mar 22 2018 Xavier Bachelot 6.2.28-1

- Update to 6.2.28.

* Tue Mar 20 2018 Xavier Bachelot 6.2.26-1

- Update to 6.2.26.

- Fix scriptlet.

* Tue Mar 13 2018 Xavier Bachelot 6.2.25-0.3.b.3

- Update to 6.2.25 beta 3.

- Add Requires on optional Crypt::Eksblowfish.

* Mon Mar 5 2018 Xavier Bachelot 6.2.25-0.2.b.2

- Update to 6.2.25 beta 2.

- Move static_content to an FHS compliant location.

su -c 'dnf upgrade --advisory FEDORA-2020-8f7dcb7d00' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/