pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2019Q2]: pkgsrc/security/clamav Pullup ticket #6036 - requeste...
details: https://anonhg.NetBSD.org/pkgsrc/rev/3a07d3ece48d
branches: pkgsrc-2019Q2
changeset: 339052:3a07d3ece48d
user: bsiegert <bsiegert%pkgsrc.org@localhost>
date: Thu Sep 05 09:26:25 2019 +0000
description:
Pullup ticket #6036 - requested by taca
security/clamav: security fix
Revisions pulled up:
- security/clamav/Makefile 1.51
- security/clamav/Makefile.common 1.11
- security/clamav/PLIST 1.7
- security/clamav/buildlink3.mk 1.8
- security/clamav/distinfo 1.28
- security/clamav/options.mk 1.6
- security/clamav/patches/patch-Makefile.in 1.5
- security/clamav/patches/patch-ab 1.2
---
Module Name: pkgsrc
Committed By: wiz
Date: Sat Jul 20 22:46:59 UTC 2019
Modified Files:
pkgsrc/security/clamav: Makefile
Log Message:
*: recursive bump for nettle 3.5.1
---
Module Name: pkgsrc
Committed By: prlw1
Date: Mon Aug 5 14:44:20 UTC 2019
Modified Files:
pkgsrc/security/clamav: Makefile Makefile.common PLIST buildlink3.mk
distinfo options.mk
pkgsrc/security/clamav/patches: patch-Makefile.in patch-ab
Log Message:
Update clamav to 0.101.2
Remove rar support to workaround PR pkg/54420
This release includes 3 extra security related bug fixes that do not
apply to prior versions. In addition, it includes a number of minor bug
fixes and improvements.
* Fixes for the following vulnerabilities affecting 0.101.1 and
prior:
+ CVE-2019-1787: An out-of-bounds heap read condition may occur
when scanning PDF documents. The defect is a failure to
correctly keep track of the number of bytes remaining in a
buffer when indexing file data.
+ CVE-2019-1789: An out-of-bounds heap read condition may occur
when scanning PE files (i.e. Windows EXE and DLL files) that
have been packed using Aspack as a result of inadequate
bound-checking.
+ CVE-2019-1788: An out-of-bounds heap write condition may occur
when scanning OLE2 files such as Microsoft Office 97-2003
documents. The invalid write happens when an invalid pointer
is mistakenly used to initialize a 32bit integer to zero. This
is likely to crash the application.
* Fixes for the following ClamAV vulnerabilities:
+ CVE-2018-15378: Vulnerability in ClamAV's MEW unpacking
feature that could allow an unauthenticated, remote attacker
to cause a denial of service (DoS) condition on an affected
device. Reported by Secunia Research at Flexera.
+ Fix for a 2-byte buffer over-read bug in ClamAV's PDF parsing
code. Reported by Alex Gaynor.
* Fixes for the following vulnerabilities in bundled third-party
libraries:
+ CVE-2018-14680: An issue was discovered in mspack/chmd.c in
libmspack before 0.7alpha. It does not reject blank CHM
filenames.
+ CVE-2018-14681: An issue was discovered in kwajd_read_headers
in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file
header extensions could cause a one or two byte overwrite.
+ CVE-2018-14682: An issue was discovered in mspack/chmd.c in
libmspack before 0.7alpha. There is an off-by-one error in the
TOLOWER() macro for CHM decompression.
+ Additionally, 0.100.2 reverted 0.100.1's patch for
CVE-2018-14679, and applied libmspack's version of the fix in
its place.
* Fixes for the following CVE's:
+ CVE-2017-16932: Vulnerability in libxml2 dependency (affects
ClamAV on Windows only).
+ CVE-2018-0360: HWP integer overflow, infinite loop
vulnerability. Reported by Secunia Research at Flexera.
+ CVE-2018-0361: ClamAV PDF object length check, unreasonably
long time to parse relatively small file. Reported by aCaB.
For the full release notes, see:
https://github.com/Cisco-Talos/clamav-devel/blob/clamav-0.101.2/NEWS.md
diffstat:
security/clamav/Makefile | 21 +++++++++++----------
security/clamav/Makefile.common | 4 ++--
security/clamav/PLIST | 8 ++++----
security/clamav/buildlink3.mk | 5 +++--
security/clamav/distinfo | 14 +++++++-------
security/clamav/options.mk | 3 ++-
security/clamav/patches/patch-Makefile.in | 22 +++++++++++-----------
security/clamav/patches/patch-ab | 4 ++--
8 files changed, 42 insertions(+), 39 deletions(-)
diffs (227 lines):
diff -r 91c529eba6fc -r 3a07d3ece48d security/clamav/Makefile
--- a/security/clamav/Makefile Tue Sep 03 10:37:57 2019 +0000
+++ b/security/clamav/Makefile Thu Sep 05 09:26:25 2019 +0000
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.48 2019/05/04 16:12:00 rillig Exp $
+# $NetBSD: Makefile,v 1.48.2.1 2019/09/05 09:26:25 bsiegert Exp $
-PKGREVISION= 3
.include "Makefile.common"
COMMENT= Anti-virus toolkit
@@ -16,16 +15,20 @@
CONFIGURE_ARGS+= --with-group=${CLAMAV_GROUP}
CONFIGURE_ARGS+= --with-user=${CLAMAV_USER}
CONFIGURE_ARGS+= --with-libcurl=${BUILDLINK_PREFIX.curl}
+CONFIGURE_ARGS+= --with-libjson=${BUILDLINK_PREFIX.json-c}
CONFIGURE_ARGS+= --with-ltdl-include=${BUILDLINK_PREFIX.libltdl}/include
CONFIGURE_ARGS+= --with-ltdl-lib=${BUILDLINK_PREFIX.libltdl}/lib
CONFIGURE_ARGS+= --with-openssl=${BUILDLINK_PREFIX.openssl}
CONFIGURE_ARGS+= --with-pcre=${BUILDLINK_PREFIX.pcre2}
+CONFIGURE_ARGS+= --with-system-libmspack=${BUILDLINK_PREFIX.libmspack}
CONFIGURE_ARGS+= --with-xml=${BUILDLINK_PREFIX.libxml2}
CONFIGURE_ARGS+= --with-zlib=${BUILDLINK_PREFIX.zlib}
CONFIGURE_ARGS+= --enable-readdir_r
# pkgsrc enforces a "secure" version of zlib, so don't let this check
# bomb the build
CONFIGURE_ARGS+= --disable-zlib-vcheck
+# Work around build failure PR pkg/54420
+CONFIGURE_ARGS+= --disable-unrar
CHECK_PORTABILITY_SKIP= contrib/* unit_tests/* win32/*
@@ -46,11 +49,6 @@
FILES_SUBST+= CLAMAV_DBDIR=${CLAMAV_DBDIR}
MESSAGE_SUBST+= CLAMAV_USER=${CLAMAV_USER}
-SUBST_CLASSES+= vars
-SUBST_STAGE.vars= pre-configure
-SUBST_FILES.vars= etc/clamav-milter.conf.sample etc/clamd.conf.sample
-SUBST_VARS.vars= CLAMAV_DBDIR
-
RCD_SCRIPTS= clamd freshclamd
SMF_METHODS= ${RCD_SCRIPTS}
SMF_INSTANCES= ${SMF_METHODS}
@@ -63,10 +61,11 @@
EGDIR= ${PREFIX}/share/examples/clamav
+CONF_SAMPLES= clamd.conf freshclam.conf
OWN_DIRS_PERMS= ${CLAMAV_DBDIR} ${CLAMAV_USER} ${CLAMAV_GROUP} 0775
CONF_FILES= # empty
CONF_FILES_PERMS= # empty
-.for i in clamav-milter.conf clamd.conf freshclam.conf
+.for i in ${CONF_SAMPLES}
CONF_FILES+= ${EGDIR}/${i} ${PKG_SYSCONFDIR}/${i}
.endfor
@@ -75,16 +74,18 @@
.include "options.mk"
post-install:
-.for i in clamav-milter.conf clamd.conf freshclam.conf
- ${INSTALL_DATA} ${WRKSRC}/etc/${i}.sample ${DESTDIR}${EGDIR}/${i}
+.for i in ${CONF_SAMPLES}
+ ${MV} ${DESTDIR}${PREFIX}/etc/${i}.sample ${DESTDIR}${EGDIR}/${i}
.endfor
.include "../../archivers/bzip2/buildlink3.mk"
+.include "../../archivers/libmspack/buildlink3.mk"
.include "../../devel/libltdl/buildlink3.mk"
.include "../../devel/pcre2/buildlink3.mk"
.include "../../devel/zlib/buildlink3.mk"
.include "../../devel/gmp/buildlink3.mk"
.include "../../security/openssl/buildlink3.mk"
+.include "../../textproc/json-c/buildlink3.mk"
.include "../../textproc/libxml2/buildlink3.mk"
.include "../../www/curl/buildlink3.mk"
.include "../../mk/curses.buildlink3.mk"
diff -r 91c529eba6fc -r 3a07d3ece48d security/clamav/Makefile.common
--- a/security/clamav/Makefile.common Tue Sep 03 10:37:57 2019 +0000
+++ b/security/clamav/Makefile.common Thu Sep 05 09:26:25 2019 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile.common,v 1.10 2018/03/21 06:55:57 prlw1 Exp $
+# $NetBSD: Makefile.common,v 1.10.12.1 2019/09/05 09:26:25 bsiegert Exp $
#
# used by security/clamav/Makefile
# used by security/clamav-doc/Makefile
-DISTNAME= clamav-0.99.4
+DISTNAME= clamav-0.101.2
CATEGORIES= security
MASTER_SITES= http://www.clamav.net/downloads/production/
diff -r 91c529eba6fc -r 3a07d3ece48d security/clamav/PLIST
--- a/security/clamav/PLIST Tue Sep 03 10:37:57 2019 +0000
+++ b/security/clamav/PLIST Thu Sep 05 09:26:25 2019 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.6 2014/05/08 16:01:09 jperkin Exp $
+@comment $NetBSD: PLIST,v 1.6.44.1 2019/09/05 09:26:25 bsiegert Exp $
bin/clamav-config
bin/clambc
bin/clamconf
@@ -8,10 +8,10 @@
bin/clamsubmit
bin/freshclam
bin/sigtool
+include/clamav-types.h
include/clamav.h
lib/libclamav.la
-lib/libclamunrar.la
-lib/libclamunrar_iface.la
+lib/libclammspack.la
lib/pkgconfig/libclamav.pc
man/man1/clambc.1
man/man1/clamconf.1
@@ -28,6 +28,6 @@
man/man8/clamd.8
${PLIST.milter}sbin/clamav-milter
sbin/clamd
-share/examples/clamav/clamav-milter.conf
+${PLIST.milter}share/examples/clamav/clamav-milter.conf
share/examples/clamav/clamd.conf
share/examples/clamav/freshclam.conf
diff -r 91c529eba6fc -r 3a07d3ece48d security/clamav/buildlink3.mk
--- a/security/clamav/buildlink3.mk Tue Sep 03 10:37:57 2019 +0000
+++ b/security/clamav/buildlink3.mk Thu Sep 05 09:26:25 2019 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.7 2017/09/25 22:27:43 joerg Exp $
+# $NetBSD: buildlink3.mk,v 1.7.18.1 2019/09/05 09:26:25 bsiegert Exp $
BUILDLINK_TREE+= clamav
@@ -8,10 +8,11 @@
BUILDLINK_API_DEPENDS.clamav+= clamav>=0.95.3nb1
BUILDLINK_ABI_DEPENDS.clamav+= clamav>=0.98.7nb2
BUILDLINK_PKGSRCDIR.clamav?= ../../security/clamav
-.endif # CLAMAV_BUILDLINK3_MK
.include "../../archivers/bzip2/buildlink3.mk"
.include "../../devel/pcre2/buildlink3.mk"
+.include "../../textproc/json-c/buildlink3.mk"
.include "../../textproc/libxml2/buildlink3.mk"
+.endif # CLAMAV_BUILDLINK3_MK
BUILDLINK_TREE+= -clamav
diff -r 91c529eba6fc -r 3a07d3ece48d security/clamav/distinfo
--- a/security/clamav/distinfo Tue Sep 03 10:37:57 2019 +0000
+++ b/security/clamav/distinfo Thu Sep 05 09:26:25 2019 +0000
@@ -1,12 +1,12 @@
-$NetBSD: distinfo,v 1.27 2019/04/13 08:48:22 szptvlfn Exp $
+$NetBSD: distinfo,v 1.27.2.1 2019/09/05 09:26:25 bsiegert Exp $
-SHA1 (clamav-0.99.4.tar.gz) = 31f91cb63329385325821a03db46e7001dc40fa2
-RMD160 (clamav-0.99.4.tar.gz) = 5925f4727c98d328f7f12267bb1af11fc368f9d8
-SHA512 (clamav-0.99.4.tar.gz) = 778d5ef510d8d4bdfac5dc33d92469ed4283c414b3d42da6e1a0b13ed70e37755d5c837622dc336bc728ba1f8bf5485fc8a8d3a67a90e9aaa9e4dc71ece0691d
-Size (clamav-0.99.4.tar.gz) = 16083015 bytes
-SHA1 (patch-Makefile.in) = c7f106f812952ef22f32aaa0354a15d501460c01
+SHA1 (clamav-0.101.2.tar.gz) = 6545fc72fbc4e3e8b7e845e08edd0a36142d033e
+RMD160 (clamav-0.101.2.tar.gz) = 53fddb9858c49c8b11654b204cf2e5938e193a7c
+SHA512 (clamav-0.101.2.tar.gz) = f9ea4589a8081acf7b6d454d1a068da05ae6574a9070a08f9438935795cb6dc084ffb9222b11fb1623f31962f859e6536a2f5bd1de29ef6b9b314efa5edc8c7e
+Size (clamav-0.101.2.tar.gz) = 21722932 bytes
+SHA1 (patch-Makefile.in) = c3bdefe7f7d0fee58ce3a1f16c00b3739ab8586a
SHA1 (patch-aa) = 8539a90ac5591c86f7e9f6b8c073f36523f221a5
-SHA1 (patch-ab) = fea995ea944c2ae0f51a41e1a1076badf65c6c8b
+SHA1 (patch-ab) = 78793f0267ce8c820b51937186dc17dabb4a1ccf
SHA1 (patch-af) = d217633ed33c72b6d01a9aeef03f0f5dd33b4336
SHA1 (patch-configure) = d3a0a77c522b8abb4a5144e29aacc8b110f31c5a
SHA1 (patch-etc_clamav-milter.conf.sample) = 0cbf22bf380213c9e9f2b9baf15d7eba745afd46
diff -r 91c529eba6fc -r 3a07d3ece48d security/clamav/options.mk
--- a/security/clamav/options.mk Tue Sep 03 10:37:57 2019 +0000
+++ b/security/clamav/options.mk Thu Sep 05 09:26:25 2019 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: options.mk,v 1.5 2016/02/01 12:45:38 jperkin Exp $
+# $NetBSD: options.mk,v 1.5.30.1 2019/09/05 09:26:25 bsiegert Exp $
PKG_OPTIONS_VAR= PKG_OPTIONS.clamav
PKG_SUPPORTED_OPTIONS= milter clamav-experimental unit-test
@@ -15,6 +15,7 @@
. include "../../mail/libmilter/buildlink3.mk"
CONFIGURE_ARGS+= --enable-milter
PLIST.milter= yes
+CONF_SAMPLES+= clamav-milter.conf
SMF_INSTANCES+= clamav-milter
.else
CONFIGURE_ARGS+= --disable-milter
diff -r 91c529eba6fc -r 3a07d3ece48d security/clamav/patches/patch-Makefile.in
--- a/security/clamav/patches/patch-Makefile.in Tue Sep 03 10:37:57 2019 +0000
+++ b/security/clamav/patches/patch-Makefile.in Thu Sep 05 09:26:25 2019 +0000
@@ -1,15 +1,15 @@
-$NetBSD: patch-Makefile.in,v 1.4 2016/06/12 16:06:01 taca Exp $
+$NetBSD: patch-Makefile.in,v 1.4.28.1 2019/09/05 09:26:25 bsiegert Exp $
Install etc files manually.
---- Makefile.in.orig 2016-04-22 16:19:51.000000000 +0000
+--- Makefile.in.orig 2018-09-19 19:29:07.000000000 +0000
+++ Makefile.in
-@@ -551,7 +551,7 @@ top_builddir = @top_builddir@
- top_srcdir = @top_srcdir@
- ACLOCAL_AMFLAGS = -I m4
- SUBDIRS = libltdl libclamav clamscan clamd clamdscan freshclam sigtool \
-- clamconf database docs etc clamav-milter test clamdtop clambc \
-+ clamconf database docs clamav-milter test clamdtop clambc \
- unit_tests $(am__append_1) $(am__append_2)
- EXTRA_DIST = FAQ examples BUGS shared libclamav.pc.in libclamunrar_iface/Makefile.am libclamunrar_iface/Makefile.in UPGRADE COPYING.bzip2 COPYING.lzma COPYING.unrar COPYING.LGPL COPYING.llvm
COPYING.file COPYING.zlib COPYING.getopt COPYING.regex COPYING.YARA COPYING.pcre platform.h.in clamdscan/clamdscan.map win32
- bin_SCRIPTS = clamav-config
+@@ -303,7 +303,7 @@ ETAGS = etags
+ CTAGS = ctags
+ CSCOPE = cscope
+ DIST_SUBDIRS = libltdl libclamav clamscan clamd clamdscan freshclam \
+- sigtool clamconf database docs etc clamav-milter test clamdtop \
++ sigtool clamconf database docs clamav-milter test clamdtop \
+ clambc unit_tests clamsubmit libfreshclam fuzz
+ DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ distdir = $(PACKAGE)-$(VERSION)
diff -r 91c529eba6fc -r 3a07d3ece48d security/clamav/patches/patch-ab
--- a/security/clamav/patches/patch-ab Tue Sep 03 10:37:57 2019 +0000
+++ b/security/clamav/patches/patch-ab Thu Sep 05 09:26:25 2019 +0000
@@ -1,6 +1,6 @@
-$NetBSD: patch-ab,v 1.1.1.1 2010/12/24 07:11:05 kefren Exp $
+$NetBSD: patch-ab,v 1.1.1.1.72.1 2019/09/05 09:26:25 bsiegert Exp $
-Make this pkgsrc friedly.
+Make this pkgsrc friendly.
--- libclamav/c++/llvm/utils/buildit/build_llvm.orig 2010-11-10 16:57:04.000000000 +0000
+++ libclamav/c++/llvm/utils/buildit/build_llvm
Home |
Main Index |
Thread Index |
Old Index