Hide Forgot
Description of problem: Bayesian classification is not working due to a bug already fixed upstream Version-Release number of selected component (if applicable): spamassassin-3.4.0-2.el7.x86_64 How reproducible: 100% Steps to Reproduce: 1. Set up a mail server with spamassassin 2. Run an e-mail through spamassassin -D Actual results: warn: plugin: eval failed: Insecure dependency in sprintf while running with -T switch at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/Logger.pm line 241. and no bayesian classification Expected results: Should not get an error and bayesian classification should work Additional info: Here's the snippit where the problem happens. Sep 28 07:44:54.705 [13763] dbg: plugin: Mail::SpamAssassin::Plugin::Bayes=HASH(0x2a3a6c8) implements 'learner_new', priority 0 Sep 28 07:44:54.705 [13763] dbg: bayes: learner_new self=Mail::SpamAssassin::Plugin::Bayes=HASH(0x2a3a6c8), bayes_store_module=Mail::SpamAssassin::BayesStore::DBM Sep 28 07:44:54.720 [13763] dbg: bayes: learner_new: got store=Mail::SpamAssassin::BayesStore::DBM=HASH(0x2dbb710) Sep 28 07:44:54.721 [13763] dbg: plugin: Mail::SpamAssassin::Plugin::Bayes=HASH(0x2a3a6c8) implements 'learner_is_scan_available', priority 0 Sep 28 07:44:54.721 [13763] dbg: config: using "/home/brian.real/.spamassassin" for user state dir Sep 28 07:44:54.722 [13763] dbg: bayes: tie-ing to DB file R/O /home/brian.real/.spamassassin/bayes_toks Sep 28 07:44:54.726 [13763] dbg: bayes: tie-ing to DB file R/O /home/brian.real/.spamassassin/bayes_seen Sep 28 07:44:54.735 [13763] dbg: bayes: found bayes db version 3 Sep 28 07:44:54.737 [13763] warn: plugin: eval failed: Insecure dependency in sprintf while running with -T switch at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/Logger.pm line 241. This is fixed upstream with this commit: https://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/BayesStore/DBM.pm?r1=1608413&r2=1608412&pathrev=1608413 and presumably in 3.4.1. The version that is in RHEL 7.2 right now is over 2 years old!
Can you verify that the problem gets fixed by applying the above mentioned patch for you? I set up a Copr repo (epel7) with spamassassin with this patch: https://copr.fedorainfracloud.org/coprs/jjelen/spamasassin-epel7/
Yes, I already patched my local installation here with that and it's working fine.
I'm seeing the same issue on RHEL7.3 rpm -q spamassassin spamassassin-3.4.0-2.el7.x86_64 Any idea when this might get fixed?
I have applied the above patch locally and can confirm it has fixed the issue for me.
Simple reproducer: [root@localhost]# yum install -y spamassassin [root@localhost]# cat gen.sh #!/bin/bash test -d spam || mkdir spam ham for i in $(seq $1 $2); do cat << EOF > spam/$i Subject: foo $i bar EOF cat << EOF > ham/$i Subject: abc $i def EOF done [root@localhost]# bash gen.sh 1 200 [root@localhost]# sa-learn --spam spam Learned tokens from 200 message(s) (200 message(s) examined) [root@localhost]# sa-learn --ham ham Learned tokens from 200 message(s) (200 message(s) examined) [root@localhost]# cat mail Subject: foo bar [root@localhost]# cat mail | spamassassin -D 2>&1 | grep Insecure [root@localhost]# bash gen.sh 201 250 [root@localhost]# sa-learn --spam spam Learned tokens from 50 message(s) (250 message(s) examined) [root@localhost]# sa-learn --ham ham Learned tokens from 50 message(s) (250 message(s) examined) [root@localhost]# cat mail | spamassassin -D 2>&1 | grep Insecure říj 28 12:29:46.590 [12945] warn: plugin: eval failed: Insecure dependency in sprintf while running with -T switch at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/Logger.pm line 241. říj 28 12:29:46.593 [12945] warn: plugin: eval failed: Insecure dependency in sprintf while running with -T switch at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/Logger.pm line 241.
Red Hat Enterprise Linux version 7 entered the Maintenance Support 1 Phase in August 2019. In this phase only qualified Critical and Important Security errata advisories (RHSAs) and Urgent Priority Bug Fix errata advisories (RHBAs) may be released as they become available. Other errata advisories may be delivered as appropriate. This bug has been reviewed by Support and Engineering representative and does not meet the inclusion criteria for Maintenance Support 1 Phase. If this issue still exists in newer major version of Red Hat Enterprise Linux, it has been cloned there and work will continue in the cloned bug. For more information about Red Hat Enterprise Linux Lifecycle, please see https://access.redhat.com/support/policy/updates/errata/
Development Management has reviewed and declined this request. You may appeal this decision by using your Red Hat support channels, who will make certain the issue receives the proper prioritization with product and development management. https://www.redhat.com/support/process/production/#howto