pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/clamav Update clamav to 0.99.4 (fixes build)
details: https://anonhg.NetBSD.org/pkgsrc/rev/b5e8dd7e4e89
branches: trunk
changeset: 377624:b5e8dd7e4e89
user: prlw1 <prlw1%pkgsrc.org@localhost>
date: Wed Mar 21 06:55:57 2018 +0000
description:
Update clamav to 0.99.4 (fixes build)
ClamAV 0.99.4 is a hotfix release to patch a set of vulnerabilities.
- fixes for the following CVE's: CVE-2012-6706, CVE-2017-6419,
CVE-2017-11423, CVE-2018-0202, and CVE-2018-1000085.
- also included are 2 fixes for file descriptor leaks as well fixes for
a handful of other important bugs, including patches to support g++ 6, C++11.
diffstat:
security/clamav/Makefile | 3 +-
security/clamav/Makefile.common | 4 +-
security/clamav/distinfo | 11 +-
security/clamav/patches/patch-libclamav_scanners.c | 92 ----------------------
4 files changed, 8 insertions(+), 102 deletions(-)
diffs (148 lines):
diff -r df5b67e6244b -r b5e8dd7e4e89 security/clamav/Makefile
--- a/security/clamav/Makefile Wed Mar 21 03:40:21 2018 +0000
+++ b/security/clamav/Makefile Wed Mar 21 06:55:57 2018 +0000
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.42 2018/01/26 16:26:57 bouyer Exp $
+# $NetBSD: Makefile,v 1.43 2018/03/21 06:55:57 prlw1 Exp $
.include "Makefile.common"
COMMENT= Anti-virus toolkit
-PKGREVISION= 1
USE_LANGUAGES= c c++
USE_LIBTOOL= yes
diff -r df5b67e6244b -r b5e8dd7e4e89 security/clamav/Makefile.common
--- a/security/clamav/Makefile.common Wed Mar 21 03:40:21 2018 +0000
+++ b/security/clamav/Makefile.common Wed Mar 21 06:55:57 2018 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile.common,v 1.9 2018/01/26 12:20:16 bouyer Exp $
+# $NetBSD: Makefile.common,v 1.10 2018/03/21 06:55:57 prlw1 Exp $
#
# used by security/clamav/Makefile
# used by security/clamav-doc/Makefile
-DISTNAME= clamav-0.99.3
+DISTNAME= clamav-0.99.4
CATEGORIES= security
MASTER_SITES= http://www.clamav.net/downloads/production/
diff -r df5b67e6244b -r b5e8dd7e4e89 security/clamav/distinfo
--- a/security/clamav/distinfo Wed Mar 21 03:40:21 2018 +0000
+++ b/security/clamav/distinfo Wed Mar 21 06:55:57 2018 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.25 2018/01/26 16:26:57 bouyer Exp $
+$NetBSD: distinfo,v 1.26 2018/03/21 06:55:57 prlw1 Exp $
-SHA1 (clamav-0.99.3.tar.gz) = 13b37de9bcd1c7c092cd3148db9886c556f12c8f
-RMD160 (clamav-0.99.3.tar.gz) = 0c999f266b496edc3ac3a59768262d9973363287
-SHA512 (clamav-0.99.3.tar.gz) = 0d3c75d571ed4aa4937ef2b743a39a9a144f5adfd6f56f71046e5a8387b8ed7c3c4d9a4196aa85750f9ec4dc545720fdd659289d0cce086ab13a7cc505a0ab3e
-Size (clamav-0.99.3.tar.gz) = 16082645 bytes
+SHA1 (clamav-0.99.4.tar.gz) = 31f91cb63329385325821a03db46e7001dc40fa2
+RMD160 (clamav-0.99.4.tar.gz) = 5925f4727c98d328f7f12267bb1af11fc368f9d8
+SHA512 (clamav-0.99.4.tar.gz) = 778d5ef510d8d4bdfac5dc33d92469ed4283c414b3d42da6e1a0b13ed70e37755d5c837622dc336bc728ba1f8bf5485fc8a8d3a67a90e9aaa9e4dc71ece0691d
+Size (clamav-0.99.4.tar.gz) = 16083015 bytes
SHA1 (patch-Makefile.in) = c7f106f812952ef22f32aaa0354a15d501460c01
SHA1 (patch-aa) = 8539a90ac5591c86f7e9f6b8c073f36523f221a5
SHA1 (patch-ab) = fea995ea944c2ae0f51a41e1a1076badf65c6c8b
@@ -15,4 +15,3 @@
SHA1 (patch-etc_freshclam.conf.sample) = 520ffbca5421ef2dc270e3c5a13cfb36a469e676
SHA1 (patch-libclamav_fmap.c) = a4c08f96e3d3aae57533e8e8294358fcb26a6db4
SHA1 (patch-libclamav_fmap.h) = c486e4fd957f2cc9811c5a0422db69c85f0f9e0f
-SHA1 (patch-libclamav_scanners.c) = cf118cd70100c2176738d06c01feb03b4c44a598
diff -r df5b67e6244b -r b5e8dd7e4e89 security/clamav/patches/patch-libclamav_scanners.c
--- a/security/clamav/patches/patch-libclamav_scanners.c Wed Mar 21 03:40:21 2018 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,92 +0,0 @@
-$NetBSD: patch-libclamav_scanners.c,v 1.1 2018/01/26 16:26:57 bouyer Exp $
-
-avoid memory and file descriptor leak.
-Submitted upstream as:
-https://bugzilla.clamav.net/show_bug.cgi?id=12021
-
---- libclamav/scanners.c.orig 2018-01-26 14:46:31.000000000 +0100
-+++ libclamav/scanners.c 2018-01-26 15:07:28.000000000 +0100
-@@ -1356,8 +1356,8 @@
-
- if(!(normalized = cli_malloc(SCANBUFF + maxpatlen))) {
- cli_dbgmsg("cli_scanscript: Unable to malloc %u bytes\n", SCANBUFF);
-- free(tmpname);
-- return CL_EMEM;
-+ ret = CL_EMEM;
-+ goto out;
- }
-
- text_normalize_init(&state, normalized, SCANBUFF + maxpatlen);
-@@ -1365,14 +1365,12 @@
-
-
- if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0, troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0, CLI_DEFAULT_AC_TRACKLEN))) {
-- free(tmpname);
-- return ret;
-+ goto out;
- }
-
- if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) {
- cli_ac_freedata(&tmdata);
-- free(tmpname);
-- return ret;
-+ goto out;
- }
-
- mdata[0] = &tmdata;
-@@ -1388,9 +1386,8 @@
-
- if (write(ofd, state.out, state.out_pos) == -1) {
- cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname);
-- close(ofd);
-- free(tmpname);
-- return CL_EWRITE;
-+ ret = CL_EWRITE;
-+ goto out;
- }
- text_normalize_reset(&state);
- }
-@@ -1410,10 +1407,6 @@
- }
- *ctx->fmap = map;
-
-- /* If we aren't keeping temps, delete the normalized file after scan. */
-- if(!(ctx->engine->keeptmp))
-- if (cli_unlink(tmpname)) ret = CL_EUNLINK;
--
- } else {
- /* Since the above is moderately costly all in all,
- * do the old stuff if there's no relative offsets. */
-@@ -1423,8 +1416,7 @@
- ret = cli_ac_caloff(troot, &tmdata, &info);
- if (ret) {
- cli_ac_freedata(&tmdata);
-- free(tmpname);
-- return ret;
-+ goto out;
- }
- }
-
-@@ -1466,12 +1458,18 @@
-
- }
-
-- if(ctx->engine->keeptmp) {
-+out:
-+ if (tmpname) {
-+ if(!ctx->engine->keeptmp) {
-+ cli_unlink(tmpname);
-+ }
- free(tmpname);
-- if (ofd >= 0)
-- close(ofd);
- }
-- free(normalized);
-+ if (ofd >= 0)
-+ close(ofd);
-+
-+ if (normalized)
-+ free(normalized);
-
- if(ret != CL_VIRUS || SCAN_ALL) {
- if ((ret = cli_exp_eval(ctx, troot, &tmdata, NULL, NULL)) == CL_VIRUS)
Home |
Main Index |
Thread Index |
Old Index