[Rspamd-Users] [Rspamd-Announce] Rspamd 1.9.0 has been released - Hash Sum mismatch

Keith Williams keithwilliamsnp at gmail.com
Fri Mar 15 16:12:53 UTC 2019


I had a little issue with installing it, apt said package rspamd kept back.
It installed properly after I did

apt-get update
apt-get --with-new-pkgs upgrade

Keith

On Fri, 15 Mar 2019 at 23:34, Wolfgang Riedel via Users <
users at lists.rspamd.com> wrote:

> Hi Folks,
>
> I just tried to upgrade and running into the issue.
> Just wonder if someone has an idea how to get this fixed?
>
> cd /etc && cat *_ver* *-rel* /proc/version && uname -a && lsb_release -a
> 9.8
> PRETTY_NAME="Debian GNU/Linux 9 (stretch)"
> NAME="Debian GNU/Linux"
> VERSION_ID="9"
> VERSION="9 (stretch)"
> ID=debian
> HOME_URL="https://www.debian.org/"
> SUPPORT_URL="https://www.debian.org/support"
> BUG_REPORT_URL="https://bugs.debian.org/"
> Linux version 4.9.0-8-amd64 (debian-kernel at lists.debian.org) (gcc version
> 6.3.0 20170516 (Debian 6.3.0-18+deb9u1) ) #1 SMP Debian 4.9.144-3.1
> (2019-02-19)
> Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.144-3.1 (2019-02-19) x86_64 GNU/Linux
> No LSB modules are available.
> Distributor ID: Debian
> Description:    Debian GNU/Linux 9.8 (stretch)
> Release:        9.8
> Codename:       stretch
>
> sudo apt-get update -y
>
> Get:7 http://rspamd.com/apt-stable stretch/main Sources [816 B]
> Err:7 http://rspamd.com/apt-stable stretch/main Sources
>   Hash Sum mismatch
>   Hashes of expected file:
>    - Filesize:816 [weak]
>    -
> SHA256:5692f73ec5aaa5d75cb3578c8f479129d898b61bbbc42f582beaeae6980548bf
>    - SHA1:7603e41744128c39861da7743ccebf42e62ff3c2 [weak]
>    - MD5Sum:55deb45acedb252e3c4fe2a6fd75b7a7 [weak]
>   Hashes of received file:
>    -
> SHA256:6232b5aa457ea42f5417c81048c107a945cc6a30b9770fb3b2aaebeeda58f6be
>    - SHA1:9bbed9e8d7d638dbd1a8712d31a480172f6627e0 [weak]
>    - MD5Sum:9d7b1219356147383ab31eab8c0ae87b [weak]
>    - Filesize:813 [weak]
>   Last modification reported: Mon, 03 Dec 2018 16:19:47 +0000
>   Release file created at: Wed, 13 Mar 2019 09:32:29 +0000
> Get:8 http://rspamd.com/apt-stable stretch/main amd64 Packages [1,109 B]
> Err:8 http://rspamd.com/apt-stable stretch/main amd64 Packages
>
> Thank you,
> Wolfgang
>
> > On 12. Mar 2019, at 17:02, Vsevolod Stakhov <vsevolod at rspamd.com> wrote:
> >
> >
> > We have released Rspamd 1.9.0 today.
> >
> > There are various important features in this release. The vast majority
> > of those should not have any impact on the existing systems. However,
> > you are recommended to read the Upgrade Notes.
> >
> > This release contains lots of improvements, reworks and bugs being
> > fixed. Here is a list of the most important changes in this release:
> >
> >
> > External services
> >
> > Rspamd is now shipped with the external services module contributed by
> > Carsten Rosenberg. This module provides a generic integration with the
> > following services:
> >
> > -   Generic ICAP protocol:
> >    -   ClamAV (using c-icap server and squidclamav)
> >    -   Sophos (via SAVDI)
> >    -   Symantec Protection Engine for Cloud Services
> >    -   Kaspersky Web Traffic Security 6.0
> > -   OleTools
> > -   DCC
> > -   VadeSecure
> >
> > This plugin is a part of a more generic lua_scanners framework that
> > allows more flexible integration with different Antivirus and AntiSpam
> > OEM services.
> >
> >
> > New mime modify tool in Rspamadm
> >
> > Rspamadm mime subcommand now allows to modify messages. This tool allows
> > to add or remove headers in a message, add footers in HTML and text
> > parts and do some subject rewriting. For example, to add a footer and
> > rewrite subject in a message, one can use the following command:
> > rspamadm mime modify --text-footer=footer.txt --html-footer=footer.html
> > --rewrite-header="Subject=TEST: %s".
> >
> > This tool has full MIME support (including multipart messages), supports
> > various messages encoding and convert those to UTF8, allows to modify
> > both plain old messages and multipart messages with attachments. It also
> > properly detects and excludes GPG signed/encrypted messages.
> >
> >
> > Offline DKIM signing tool in Rspamadm
> >
> > Another tool that has been added to rspamadm is sign subcommand. This
> > command allows to perform DKIM signing using a specific private key for
> > some message or messages. It can either return isolated header or modify
> > the message itself.
> >
> > In conjunction with the previous tooling, it could be used to modify and
> > sign messages produced by mailing lists or some local forwarding
> > scripts.
> >
> > Please bear in mind that this tool is available when using LuaJIT only
> > as it requires FFI interfaces.
> >
> >
> > HTTP Keep-Alive support
> >
> > From this version, Rspamd supports keep-alive in its HTTP Lua client.
> > This could be used to implement high frequent requests to some external
> > services and to reduce load by keeping the pool of HTTP connections
> > instead of opening a connection per each request.
> >
> >
> > New Lua UDP client
> >
> > Rspamd now support sending of generic UDP requests as well as TCP ones.
> > There are various modes supported, both one-way and two-ways with
> > optional retransmits and timeouts. This module comes with the
> > documentation available.
> >
> >
> > Better unicode normalisation
> >
> > This version comes with further improvements towards unicode
> > normalisation and detecting anomalies. Words now are sanitized from any
> > combining characters after translating to NFKC form.
> >
> >
> > Configuration graph utility
> >
> > You can now visualise your configuration by building the include graph.
> > There is a new tool called rspamadm configgraph that takes configuration
> > and convert it to the graphviz DOT graph.
> >
> >
> > Flexible actions support
> >
> > Rspamd now support any actions definitions in addition to normal ones.
> > You can set custom actions with thresholds or without (e.g. to set
> > action equal to phishing or to social). All actions should be explicitly
> > defined in the configuration.
> >
> >
> > New Received headers parser
> >
> > We have migrated from a strict RFC compatible state machine to a custom
> > parser for the Received headers. This change allows to extract more data
> > from non-conforming Received headers used by some MTA (Exim is one of
> > the notable examples).
> >
> >
> > Telephone URLs support
> >
> > Rspamd now parses and processes telephone URLs. That allows to build
> > blacklist for spam/scam/phishing phones as well as plain URLs.
> >
> >
> > Support for ED25519 signatures
> >
> > Rspamd now supports dual signing and ed25519 DKIM signatures. New
> > ed25519 keys could be generated using rspamadm dkim_keygen tool:
> >
> >    rspamadm dkim_keygen -t ed25519
> >
> >
> CuHc4MOZYXEVH0M4WFQHL5UC2NbVJO8aq2CjGNznxm36mJPlu9GVMfq0lQI1dkeoHByqfsJgMgnCX0vFeMkjoA==
> >    selector._domainkey IN TXT ( "v=DKIM1; k=ed25519; "
> >        "p=+piT5bvRlTH6tJUCNXZHqBwcqn7CYDIJwl9LxXjJI6A=" ) ;
> >
> > Ed25519 keys are much shorter than RSA providing RSA2048 security margin
> > in just 32 bytes for public keys. Unfortunately, these signatures are
> > not widely supported so dual signing is still required. We believe that
> > support of the modern algorithms in Rspamd would those algorithms to
> > spread.
> >
> >
> > Custom functions in Regexp module
> >
> > Regexp module is now extended with custom Lua functions support. This
> > feature allows to mix fast regexp rules and custom logic of Lua rules
> > without explicit composite rules.
> >
> >
> > Added support of gzip archives
> >
> > Rspamd now support reading filenames from GZip archives that are
> > surprisingly often used by some spam senders. With this feature, Rspamd
> > can filter some tricky scam emails that are targeting to install
> > backdoors or malware on users’ machines (e.g. cryptolockers).
> >
> >
> > Additional detection of types for attachments
> >
> > To filter malware and bad attachments that are somehow hidden by
> > malicious Content-Type header, Rspamd also performs libmagic scan on
> > attachments to detect the real type by its content. This is useful to
> > detect and filter some tricky malware that utilizes bugs in popular
> > email clients.
> >
> >
> > Lots of major fixes
> >
> > This version includes many major fixes that required massive rework to
> > improve stability and performance:
> >
> > -   Race conditions in the maps reading code
> > -   Support RFC2231 encoding in headers
> > -   Better zero characters handling
> > -   Better HTML parsing and handling of the URLs
> > -   Coroutines are now explicitly separated from the async code to
> >    prevent tricky race conditions that caused crashes on certain load
> > -   Allow to disable/enable composite symbols
> > -   Lots of fixes in 7z processor
> > -   Detect encrypted rarv5 archives
> > -   Fix ETags support
> > -   Fix processing of NDNs of certain type
> > -   Improved Content-Type parsing
> > -   Fix deletion of the duplicate headers
> > -   Fix parsing of mime parts without closing boundary
> >
> > We recommend to update Rspamd to this version to apply all these
> > features and fixes.
> >
> >
> > Full list of the meaningful changes
> >
> > -   [Conf] Add missing includes
> > -   [Conf] Move to options
> > -   [Conf] Rbl: DWL is actually special whitelist
> > -   [Conf] Relax some uribl rules
> > -   [Conf] Remove abuse.ch
> > -   [CritFix] Html: Entities are not valid within tag params values
> > -   [Feature] Add rspamadm mime sign tool
> > -   [Feature] Add configgraph utility
> > -   [Feature] Add dedicated ZW spaces detection for URLs
> > -   [Feature] Add flag to url object when visible part is url_like
> > -   [Feature] Add method task:lookup_words
> > -   [Feature] Add pyzor support (by crosenberg)
> > -   [Feature] Allow to add upstream watchers to Lua API
> > -   [Feature] Allow to set rewrite subject pattern from settings
> > -   [Feature] Better escaping of unicode
> > -   [Feature] Clickhouse: Allow to store subject in Clickhouse
> > -   [Feature] Core: Add QP encoding utility
> > -   [Feature] Core: Add libmagic detection for all parts
> > -   [Feature] Core: Add support for gzip archives
> > -   [Feature] Core: Allow to construct scan tasks from raw data
> > -   [Feature] Core: Detect charset in archived files
> > -   [Feature] Core: Ignore and mark invisible spaces
> > -   [Feature] Core: Normalise zero-width spaces in urls
> > -   [Feature] Core: Process data urls for images
> > -   [Feature] Core: Relax quoted-printable encoding
> > -   [Feature] Core: Support RFC2231 encoding in headers
> > -   [Feature] Core: Support telephone URLs
> > -   [Feature] Core: allow to emit soft reject on task timeout
> > -   [Feature] DCC: Add bulkness and reputation checks to dcc
> > -   [Feature] Elastic: Modernize plugin
> > -   [Feature] Export visible part of url to lua
> > -   [Feature] Fuzzy_storage: add preliminary support of rate limits
> > -   [Feature] HTML: Specially treat data urls in HTML
> > -   [Feature] Implement event watchers for upstreams
> > -   [Feature] Implement includes tracing in Lua
> > -   [Feature] Improve dkim part in configwizard
> > -   [Feature] Lua_scanners: Add VadeSecure engine support
> > -   [Feature] Lua_task: Add flexible method to get specific urls
> > -   [Feature] Mime_types: Add MIME_BAD_UNICODE rule
> > -   [Feature] Mime_types: Use detected content type as well
> > -   [Feature] Plugins: Add preliminary version of the external services
> >    plugin
> > -   [Feature] Query sentinel on master errors
> > -   [Feature] Regexp: Allow local lua functions in Rspamd regexp module
> > -   [Feature] Rspamadm: Allow to append footers to plain messages
> > -   [Feature] Rspamadm: Allow to rewrite headers in messages
> > -   [Feature] Selectors: Add ipmask processor
> > -   [Feature] Settings: Allow hostname match
> > -   [Feature] Settings: Allow local when selecting settings
> > -   [Feature] Settings: Allow multiple selectors
> > -   [Feature] Settings: Allow to inverse conditions
> > -   [Feature] Support User-Agent in HTTP requests
> > -   [Feature] Support ed25519 dkim keys generation
> > -   [Feature] Try to filter bad unicode types during normalisation
> > -   [Feature] external_services - oletools (olefy) support
> > -   [Feature] lua_scanners - icap protocol support
> > -   [Feature] lua_scanners - spamassassin spam scanner
> > -   [Fix] Add filter for absurdic URLs
> > -   [Fix] Add some more cases for Received header
> > -   [Fix] Allow to disable/enable composite symbols
> > -   [Fix] Arc: Use a separated list of headers for arc signing
> > -   [Fix] Archive: Final fixes for 7z archives
> > -   [Fix] Clickhouse: Fix database usage
> > -   [Fix] Controller: Make save stats timer persistent
> > -   [Fix] Core: Detect encrypted rarv5 archives
> > -   [Fix] Core: Don’t detect language twice
> > -   [Fix] Core: Fix address rotation bug
> > -   [Fix] Core: Fix content calculations for message parts
> > -   [Fix] Core: Fix emails comments parsing and other issues
> > -   [Fix] Core: Fix etags support
> > -   [Fix] Core: Fix headers folding on the last token
> > -   [Fix] Core: Fix iso-8859-16 encoding
> > -   [Fix] Core: Fix log_urls flag (and encrypted logging)
> > -   [Fix] Core: Fix part length when dealing with boundaries
> > -   [Fix] Core: Fix parts distance calculations
> > -   [Fix] Core: Fix processing of NDNs of certain type
> > -   [Fix] Core: Implement logic to find some bad characters in URLs
> > -   [Fix] Core: treat nodes with ttl properly in lru cache
> > -   [Fix] Fix Content-Type parsing
> > -   [Fix] Fix HTTP headers signing case
> > -   [Fix] Fix control interface
> > -   [Fix] Fix deletion of the duplicate headers
> > -   [Fix] Fix emails filtering in emails module
> > -   [Fix] Fix greylisting log message and logic
> > -   [Fix] Fix issues with storing of the accepted addr in rspamd control
> > -   [Fix] Fix maps object update race condition
> > -   [Fix] Fix memor leaks and whitespace processing
> > -   [Fix] Fix processing of null bytes in headers
> > -   [Fix] Fix rcpt_mime and from_mime in user settings
> > -   [Fix] Fix rfc2047 decoding for CD headers
> > -   [Fix] Fix rfc2231 for Content-Disposition header
> > -   [Fix] Fix setting of the subject pattern in config
> > -   [Fix] Greylist: fix records checking
> > -   [Fix] HTML: Another HTML comments exception fix
> > -   [Fix] HTML: Another entities decoding logic fix
> > -   [Fix] HTML: Fix HTML comments with many dashes
> > -   [Fix] HTML: Fix entities in HTML attributes
> > -   [Fix] HTML: Fix some more SGML tags issues
> > -   [Fix] Ignore whitespaces at the end of value in DKIM records
> > -   [Fix] MID module: Fix DKIM domain matching
> > -   [Fix] Milter_headers: Fix remove_upstream_spam_flag and modernise
> >    config
> > -   [Fix] Mime_parser: Fix issue with parsing of the trailing garbadge
> > -   [Fix] Mime_parser: Fix parsing of mime parts without closing
> >    boundary
> > -   [Fix] Multimap: Fix operating with userdata
> > -   [Fix] Process orphaned symbols section
> > -   [Fix] Rdns: Fix multiple replies in fake replies
> > -   [Fix] Rework groups scores definitions
> > -   [Fix] Set proper element when reading data from Sentinel
> > -   [Fix] Set rspamd user to initialise supplementary groups on reload
> > -   [Fix] Settings: Fix selectors usage
> > -   [Fix] Sort data received from Sentinel to avoid constant replacing
> > -   [Fix] groups.conf - filename typo
> > -   [Fix] lua_scanner - oletools typos, logging
> > -   [Fix] lua_scanners - actions and symbol_fail
> > -   [Fix] lua_scanners - fix luacheck
> > -   [Fix] lua_scanners - kaspersky - response with fname
> > -   [Fix] lua_scanners - savapi redis prefix
> > -   [Fix] tests - antivirus - fprot symbols
> > -   [Project] Add concept of flexible actions
> > -   [Project] Add heuristical from parser to received parser
> > -   [Project] Add new flags to clickhouse, redis and elastic exporters
> > -   [Project] Attach new received parser
> > -   [Project] Fallback to callbacks from coroutines
> > -   [Project] Implement keep-alive support in lua_http
> > -   [Project] Lua_udp: Implement fully functional client
> > -   [Project] Plug keepalive knobs into http connection handling
> > -   [Project] Rspamadm: Add modify tool
> > -   [Rework] Convert rspamd-server to a shared library
> > -   [Rework] Dcc: Rework DCC plugin
> > -   [Rework] Enable explicit coroutines symbols
> > -   [Rework] Rework telephone urls parsing logic
> > -   [Rework] Rewrite RBL module
> > -   [Rework] Settings: Rework settings check
> > -   [Rework] Slashing: Distinguish lualibdir, pluginsdir and sharedir
> > -   [Rework] Unify task_timeout
> > -   [Rework] Use VEX instructions in assembly, relocate
> > -   [WebUI] Notify user if uploaded data was not learned
> > -   [WebUI] Remove redundant condition
> > --
> > Announce mailing list
> > Announce at lists.rspamd.com
> > https://lists.rspamd.com/mailman/listinfo/announce
>
> --
> Users mailing list
> Users at lists.rspamd.com
> https://lists.rspamd.com/mailman/listinfo/users
>


More information about the Users mailing list