From: Vsevolod Stakhov Date: Fri, 5 Jun 2026 10:36:33 +0000 (+0100) Subject: Release 4.1.0 X-Git-Tag: 4.1.0 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e2b0b188fde983c9e47be08c2f2c79533ee95668;p=thirdparty%2Frspamd.git Release 4.1.0 --- diff --git a/ChangeLog b/ChangeLog index c6b68a4aa5..32ae9a7daa 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,86 @@ +4.1.0: 05 Jun 2026 + + ** Incompatible changes ** + * [Rework] mx_check: three-layer Redis cache and finer outcome symbols (MX_NONE replaces MX_NXDOMAIN/MX_MISSING) + * [Conf] fuzzy_check: discover rspamd.com servers via SRV by default + + ** Major features ** + * [Feature] protocol: Expose custom metadata for /checkv3 via metadata headers and task:get_metadata() + * [Feature] composites: Add hot-reloadable dynamic composites map + * [Feature] lua_task: Add bulk and regexp symbol lookups + * [Feature] lua_tcp: Add phase-specific timeouts (connect/read/write) and on_error callback + * [Feature] task: Report pending async events and stalled symbols at scan timeout + * [Feature] upstream: Load-aware selection with Power of Two Choices, latency EWMA, and slow start on revive + * [Feature] upstream: Expand each SRV target into its own upstream, honouring SRV weights and per-target error budgets + * [Feature] upstream: Defer DNS resolution for unreachable hosts so transient startup DNS failures no longer drop upstreams + * [Feature] mx_check: Add IP-class classification, bad_mxs/bad_ips trust maps, and per-source checks + * [Feature] external_services: Add per-service _CHECK anchor symbol for dependency ordering + * [Feature] url_redirector: Add chain-aware cache with intermediate hop injection + * [Feature] url_redirector: Add coherent browser fingerprint profiles for stealth resolution + * [Feature] url_redirector: Switch redirector_hosts_map from set to glob + * [Feature] url_redirector: Allow GET for a user-defined list of URLs + * [Feature] http: Optional insertion-ordered header emission + * [Feature] elastic: Log Reply-To, received IPs, URL metadata, and forcing module + * [Feature] clickhouse: Add named extra_columns presets with an outbound preset + * [Feature] selectors: Add fuzzy_digest, fuzzy_shingles, authenticated, and received_count + * [Feature] html: Add HTML5 tag definitions (video/audio/picture/svg/...) + * [Feature] dmarc_report: Add --batch-wait option to throttle batches + * [Feature] autolearnstats: Add --sort-by and --group options + * [Feature] lualib: Add lua_feedback_parsers for DSN and ARF reports + * [Feature] lua_extras: Structured loader for custom selectors, maps, and regexps with cross-kind dependency ordering + * [Feature] lua_scanners: Add eXpurgate engine support + * [Feature] Add rspamadm control memstat for per-worker memory dumps (RSS, mempool callsites, Lua heap, jemalloc) + * [Feature] Make baseline pidfile and logging env-overridable for containers + * [Feature] Auto-load shipped fasttext model when present + * [Feature] fpconv: Add fixed-point (%.Nf) formatting with correct rounding + + ** Bug fixes ** + * [CritFix] mime_parser: Avoid NULL deref on S/MIME with empty pkcs7-data + * [Fix] mime_parser: Bound S/MIME recursion depth to prevent stack exhaustion (DoS) + * [Fix] mime_parser: Defensive guards against NULL deref and resource leaks + * [Fix] multipattern: Bound URL query scan reentrancy to prevent crash on nested query URLs (DoS) + * [Fix] composites: Avoid over-eager second-pass deferral so filter-stage composites are visible from postfilters + * [Fix] ratelimit: Track all buckets in selector rules + * [Fix] archives: Harden RAR/ZIP/7-zip parsers against malformed input (bounds, varint, infinite loop, OOB reads) + * [Fix] images: Guard image linking against NULL decoded header + * [Fix] css: Fix out-of-bounds read in ident escape scanner + * [Fix] str_util: Fix lookahead over-read in find_eoh + * [Fix] spf: Fix over-read on a bare "spf2." sender-id record + * [Fix] rdns: Reject DNS labels that overrun the packet + * [Fix] html: Prevent buffer overflow in entity decoding + * [Fix] html: Preserve verbatim href as url->raw + * [Fix] url: Fix out-of-bounds read on empty/all-dots host + * [Fix] url: Canonicalise mailto: URIs and bare emails to a consistent slash-less form (RFC 6068) + * [Fix] url: Do not drop URLs with long userinfo (userinfo-obfuscation phishing) + * [Fix] url_suspect: Require TLD >= 3 chars for word_dot naked domain matches + * [Fix] mime_headers: Avoid uninitialised bytes in rfc2047 decode + * [Fix] mime_headers/encoding: Correct lengths after in-place rewrites + * [Fix] arc: Emit ARC headers in a deterministic order + * [Fix] Map DKIM permfail to dkim=permerror in Authentication-Results + * [Fix] Honor mime_utf8 option in INVALID_MSGID rule + * [Fix] fuzzy_storage: Harden network input paths + * [Fix] fuzzy_storage: Fix peer-pipe partial-write resume and shutdown drain + * [Fix] fuzzy_storage: Avoid per-refresh leak in dynamic ban inserts + * [Fix] fuzzy_storage: Fix per-frame memory leak on persistent TCP connections + * [Fix] fuzzy: Do not block allowed clients on TCP + * [Fix] neural: Preserve trained ANN across symbol-list drift and symcache-driven profile rotation + * [Fix] neural: Stabilise profile digest under disable_symbols_input and retarget training to the newest profile + * [Fix] protocol: Apply inline metadata.settings on /checkv3 + * [Fix] protocol: Populate request headers in /checkv3 + * [Fix] upstream: Refill token bucket over time so a flapping upstream recovers + * [Fix] upstream: Avoid infinite loop in get_random when the only candidate is excluded + * [Fix] lua_tcp: Avoid connection leak on read without write + * [Fix] lua_redis: Resolve Redis master for rspamadm tools under Sentinel + * [Fix] elastic: Use Queue:new() instead of non-existent lua_util.newdeque() + * [Fix] dmarc: Floor connect timestamp before os.date for PUC Lua compatibility + * [Fix] greylist: Separate greylisting period from Redis connection timeout + * [Fix] rspamadm vault: Write formatted output to stdout directly + * [Fix] regexp: Do not discard capture groups following an empty one + * [Fix] Skip ICU conversion for synthetic x-binaryenc charset + * [Fix] Warn on task_timeout less than symcache symbol timeout + * [Fix] Port security fixes from libucl upstream (msgpack, parser bounds, schema) + * [Fix] Use string_view::data() for pointer access to fix libc++ builds + 4.0.1: 05 Apr 2026 ** Features **