pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [pkgsrc-2021Q4] pkgsrc/security/clamav



Module Name:    pkgsrc
Committed By:   bsiegert
Date:           Fri Jan 21 15:49:19 UTC 2022

Modified Files:
        pkgsrc/security/clamav [pkgsrc-2021Q4]: Makefile Makefile.common
            distinfo

Log Message:
Pullup ticket #6571 - requested by taca
security/clamav: security fix

Revisions pulled up:
- security/clamav/Makefile                                      1.82
- security/clamav/Makefile.common                               1.22
- security/clamav/distinfo                                      1.41

---
   Module Name: pkgsrc
   Committed By:        taca
   Date:                Thu Jan 13 15:28:22 UTC 2022

   Modified Files:
        pkgsrc/security/clamav: Makefile Makefile.common distinfo

   Log Message:
   security/clamav: update to 0.103.5

   0.103.5 (2022-01-12)

   ClamAV 0.103.5 is a critical patch release with the following fixes:

   * CVE-2022-20698<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20698>:
     Fix for invalid pointer read that may cause a crash. This issue affects
     0.104.1, 0.103.4 and prior when ClamAV is compiled with libjson-c and the
     CL_SCAN_GENERAL_COLLECT_METADATA scan option (the clamscan --gen-json
     option) is enabled.

     Cisco would like to thank Laurent Delosieres of ManoMano for reporting
     this vulnerability.

   * Fixed ability to disable the file size limit with libclamav C API, like
     this:

     cl_engine_set_num(engine, CL_ENGINE_MAX_FILESIZE, 0);

     This issue didn't affect ClamD or ClamScan which also can disable the
     limit by setting it to zero using MaxFileSize 0 in clamd.conf for ClamD,
     or clamscan --max-filesize=0 for ClamScan.

     Note: Internally, the max file size is still set to 2 GiB. Disabling the
     limit for a scan will fall back on the internal 2 GiB limitation.

   * Increased the maximum line length for ClamAV config files from 512 bytes
     to 1,024 bytes to allow for longer config option strings.

   * SigTool: Fix insufficient buffer size for --list-sigs that caused a
     failure when listing a database containing one or more very long
     signatures. This fix was backported from 0.104.

   Special thanks to the following for code contributions and bug reports:

   * Laurent Delosieres


To generate a diff of this commit:
cvs rdiff -u -r1.81 -r1.81.2.1 pkgsrc/security/clamav/Makefile
cvs rdiff -u -r1.21 -r1.21.2.1 pkgsrc/security/clamav/Makefile.common
cvs rdiff -u -r1.40 -r1.40.2.1 pkgsrc/security/clamav/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/clamav/Makefile
diff -u pkgsrc/security/clamav/Makefile:1.81 pkgsrc/security/clamav/Makefile:1.81.2.1
--- pkgsrc/security/clamav/Makefile:1.81        Wed Dec  8 16:02:33 2021
+++ pkgsrc/security/clamav/Makefile     Fri Jan 21 15:49:19 2022
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.81 2021/12/08 16:02:33 adam Exp $
+# $NetBSD: Makefile,v 1.81.2.1 2022/01/21 15:49:19 bsiegert Exp $
 
-PKGREVISION= 1
 .include "Makefile.common"
 
 COMMENT=       Anti-virus toolkit

Index: pkgsrc/security/clamav/Makefile.common
diff -u pkgsrc/security/clamav/Makefile.common:1.21 pkgsrc/security/clamav/Makefile.common:1.21.2.1
--- pkgsrc/security/clamav/Makefile.common:1.21 Mon Nov  8 14:49:23 2021
+++ pkgsrc/security/clamav/Makefile.common      Fri Jan 21 15:49:19 2022
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile.common,v 1.21 2021/11/08 14:49:23 taca Exp $
+# $NetBSD: Makefile.common,v 1.21.2.1 2022/01/21 15:49:19 bsiegert Exp $
 #
 # used by security/clamav/Makefile
 # used by security/clamav-doc/Makefile
 
-DISTNAME=      clamav-0.103.4
+DISTNAME=      clamav-0.103.5
 CATEGORIES=    security
 MASTER_SITES=  http://www.clamav.net/downloads/production/
 

Index: pkgsrc/security/clamav/distinfo
diff -u pkgsrc/security/clamav/distinfo:1.40 pkgsrc/security/clamav/distinfo:1.40.2.1
--- pkgsrc/security/clamav/distinfo:1.40        Mon Nov  8 14:49:23 2021
+++ pkgsrc/security/clamav/distinfo     Fri Jan 21 15:49:19 2022
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.40 2021/11/08 14:49:23 taca Exp $
+$NetBSD: distinfo,v 1.40.2.1 2022/01/21 15:49:19 bsiegert Exp $
 
-BLAKE2s (clamav-0.103.4.tar.gz) = 0a64b0534d4b8919c787fbd7152ff87eb875b702215bccf0b586b8d9e854d69f
-SHA512 (clamav-0.103.4.tar.gz) = 422a8cb98d355be098b0a0c575e4f08cf964e992d10ee02e7600eb9db6dfa943efbd988489f268e81e4d2ef29cfe582b236688ea209d6d2e46467f3c08eb475e
-Size (clamav-0.103.4.tar.gz) = 16425023 bytes
+BLAKE2s (clamav-0.103.5.tar.gz) = 045c523bcbd02439cc05095cc19d102eee7af6db5cda340e19ed47fb885a3ae9
+SHA512 (clamav-0.103.5.tar.gz) = 242423b507eacbbd31dbae6dd0325dff87da25bb8072f2cee7a5e7cab4b8eb5ee6196c759570c1d75986a2777f0f79f92cfbd6250a30ae5b53390c75b238c29a
+Size (clamav-0.103.5.tar.gz) = 16434316 bytes
 SHA1 (patch-Makefile.in) = 51e0f42323f07b7ae0cb35a640469dce4e1a2041
 SHA1 (patch-aa) = c07a7b6e883f384ce278964645f0658c0d986ab5
 SHA1 (patch-ab) = 78793f0267ce8c820b51937186dc17dabb4a1ccf



Home | Main Index | Thread Index | Old Index