clamav/clamav-disable-timestamps.patch

--- libclamav/tomsfastmath/misc/fp_ident.c.orig
+++ libclamav/tomsfastmath/misc/fp_ident.c
@@ -15,7 +15,11 @@ const char *fp_ident(void)
 
    memset(buf, 0, sizeof(buf));
    snprintf(buf, sizeof(buf)-1,
-"TomsFastMath (%s)\n"
+#if (ENABLE_TIMESTAMPS == 1)
+	"TomsFastMath (%s)\n"
+#else
+	"TomsFastMath\n"
+#endif
 "\n"
 "Sizeofs\n"
 "\tfp_digit = %llu\n"
@@ -70,7 +74,11 @@ const char *fp_ident(void)
 #ifdef TFM_HUGE
 " TFM_HUGE "
 #endif
+#if (ENABLE_TIMESTAMPS == 1)
             "\n", __DATE__, (long long unsigned)sizeof(fp_digit), (long long unsigned)sizeof(fp_word), FP_MAX_SIZE);
+#else
+            "\n", (long long unsigned)sizeof(fp_digit), (long long unsigned)sizeof(fp_word), FP_MAX_SIZE);
+#endif
 
    if (sizeof(fp_digit) == sizeof(fp_word)) {
       strncat(buf, "WARNING: sizeof(fp_digit) == sizeof(fp_word), this build is likely to not work properly.\n", 
--- configure.orig
+++ configure
@@ -800,6 +800,7 @@ FGREP
 SED
 LIBTOOL
 LIBCLAMAV_VERSION
+ENABLE_TIMESTAMPS
 EGREP
 GREP
 CPP
@@ -902,6 +903,7 @@ ac_user_opts='
 enable_option_checking
 enable_silent_rules
 enable_dependency_tracking
+enable_timestamps
 enable_static
 enable_shared
 with_pic
@@ -1616,6 +1618,8 @@ Optional Features:
   --disable-dependency-tracking
                           speeds up one-time build
   --enable-static[=PKGS]  build static libraries [default=no]
+  --enable-timestamps     Enable embedding timestamp information in build
+                          (default is YES)
   --enable-shared[=PKGS]  build shared libraries [default=yes]
   --enable-fast-install[=PKGS]
                           optimize for fast installation [default=yes]
@@ -5211,6 +5215,26 @@ $as_echo "$ac_cv_safe_to_define___extens
 
   $as_echo "#define _TANDEM_SOURCE 1" >>confdefs.h
 
+# Check whether --enable-timestamps was given.
+if test "${enable_timestamps+set}" = set; then :
+  enableval=$enable_timestamps;
+else
+  enableval=default
+fi
+
+case "$enableval" in
+  yes) ENABLE_TIMESTAMPS=1
+ ;;
+  no)  ENABLE_TIMESTAMPS=0
+ ;;
+  default) ENABLE_TIMESTAMPS=1
+ ;;
+  *) as_fn_error $? "Invalid setting for --enable-timestamps. Use \"yes\" or \"no\"" "$LINENO" 5 ;;
+esac
+
+cat >>confdefs.h <<_ACEOF
+#define ENABLE_TIMESTAMPS $ENABLE_TIMESTAMPS
+_ACEOF
 
 
 VERSION="0.100.0"
- Update to security release 0.99.4 (bsc#1083915): * CVE-2012-6706 * CVE-2017-6419 * CVE-2017-11423 * CVE-2018-1000085 (bsc#1082858) * CVE-2018-0202 - Obsolete patches: * clamav-CVE-2012-6706.patch * clamav-gcc47.patch OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=159 2018-03-07 14:46:42 +01:00			`--- libclamav/tomsfastmath/misc/fp_ident.c.orig`
			`+++ libclamav/tomsfastmath/misc/fp_ident.c`
Accepting request 439481 from home:faweiss:branches:security OBS-URL: https://build.opensuse.org/request/show/439481 OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=140 2016-11-10 23:34:49 +01:00			`@@ -15,7 +15,11 @@ const char *fp_ident(void)`

			`memset(buf, 0, sizeof(buf));`
			`snprintf(buf, sizeof(buf)-1,`
			`-"TomsFastMath (%s)\n"`
			`+#if (ENABLE_TIMESTAMPS == 1)`
			`+ "TomsFastMath (%s)\n"`
			`+#else`
			`+ "TomsFastMath\n"`
			`+#endif`
			`"\n"`
			`"Sizeofs\n"`
			`"\tfp_digit = %llu\n"`
			`@@ -70,7 +74,11 @@ const char *fp_ident(void)`
			`#ifdef TFM_HUGE`
			`" TFM_HUGE "`
			`#endif`
			`+#if (ENABLE_TIMESTAMPS == 1)`
			`"\n", __DATE__, (long long unsigned)sizeof(fp_digit), (long long unsigned)sizeof(fp_word), FP_MAX_SIZE);`
			`+#else`
			`+ "\n", (long long unsigned)sizeof(fp_digit), (long long unsigned)sizeof(fp_word), FP_MAX_SIZE);`
			`+#endif`

			`if (sizeof(fp_digit) == sizeof(fp_word)) {`
			`strncat(buf, "WARNING: sizeof(fp_digit) == sizeof(fp_word), this build is likely to not work properly.\n",`
- Update to security release 0.99.4 (bsc#1083915): * CVE-2012-6706 * CVE-2017-6419 * CVE-2017-11423 * CVE-2018-1000085 (bsc#1082858) * CVE-2018-0202 - Obsolete patches: * clamav-CVE-2012-6706.patch * clamav-gcc47.patch OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=159 2018-03-07 14:46:42 +01:00			`--- configure.orig`
			`+++ configure`
- Update to version 0.100.0 (bsc#1089502): * FIXME: Add upstream changes here before submitting to Factory. * Obsoletes clamav-fix_newer_zlib.patch - Update key ring and add signature file. - Remove the logic around building the embedded llvm as the system-wide llvm is now auto-detected and used. - Move pc files from the main to the devel package. OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=161 2018-04-13 17:16:49 +02:00			`@@ -800,6 +800,7 @@ FGREP`
Accepting request 439481 from home:faweiss:branches:security OBS-URL: https://build.opensuse.org/request/show/439481 OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=140 2016-11-10 23:34:49 +01:00			`SED`
			`LIBTOOL`
			`LIBCLAMAV_VERSION`
			`+ENABLE_TIMESTAMPS`
			`EGREP`
			`GREP`
			`CPP`
- Update to version 0.100.0 (bsc#1089502): * FIXME: Add upstream changes here before submitting to Factory. * Obsoletes clamav-fix_newer_zlib.patch - Update key ring and add signature file. - Remove the logic around building the embedded llvm as the system-wide llvm is now auto-detected and used. - Move pc files from the main to the devel package. OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=161 2018-04-13 17:16:49 +02:00			`@@ -902,6 +903,7 @@ ac_user_opts='`
Accepting request 439481 from home:faweiss:branches:security OBS-URL: https://build.opensuse.org/request/show/439481 OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=140 2016-11-10 23:34:49 +01:00			`enable_option_checking`
			`enable_silent_rules`
			`enable_dependency_tracking`
			`+enable_timestamps`
			`enable_static`
			`enable_shared`
			`with_pic`
- Update to version 0.100.0 (bsc#1089502): * FIXME: Add upstream changes here before submitting to Factory. * Obsoletes clamav-fix_newer_zlib.patch - Update key ring and add signature file. - Remove the logic around building the embedded llvm as the system-wide llvm is now auto-detected and used. - Move pc files from the main to the devel package. OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=161 2018-04-13 17:16:49 +02:00			`@@ -1616,6 +1618,8 @@ Optional Features:`
			`--disable-dependency-tracking`
			`speeds up one-time build`
Accepting request 569976 from home:vitezslav_cizek:branches:security - Update to security release 0.99.3 (bsc#1077732) * CVE-2017-12376 (ClamAV Buffer Overflow in handle_pdfname Vulnerability) * CVE-2017-12377 (ClamAV Mew Packet Heap Overflow Vulnerability) * CVE-2017-12379 (ClamAV Buffer Overflow in messageAddArgument Vulnerability) - these vulnerabilities could have allowed an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. * CVE-2017-12374 (ClamAV use-after-free Vulnerabilities) * CVE-2017-12375 (ClamAV Buffer Overflow Vulnerability) * CVE-2017-12378 (ClamAV Buffer Over Read Vulnerability) * CVE-2017-12380 (ClamAV Null Dereference Vulnerability) - these vulnerabilities could have allowed an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. * CVE-2017-6420 (bsc#1052448) - this vulnerability allowed remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression. * CVE-2017-6419 (bsc#1052449) - ClamAV allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file. * CVE-2017-11423 (bsc#1049423) - The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha allowed remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file. * CVE-2017-6418 (bsc#1052466) - ClamAV 0.99.2 allowed remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message. - drop clamav-0.99.2-openssl-1.1.patch (upstream) OBS-URL: https://build.opensuse.org/request/show/569976 OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=151 2018-01-26 17:21:11 +01:00			`--enable-static[=PKGS] build static libraries [default=no]`
Accepting request 439481 from home:faweiss:branches:security OBS-URL: https://build.opensuse.org/request/show/439481 OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=140 2016-11-10 23:34:49 +01:00			`+ --enable-timestamps Enable embedding timestamp information in build`
			`+ (default is YES)`
			`--enable-shared[=PKGS] build shared libraries [default=yes]`
			`--enable-fast-install[=PKGS]`
Accepting request 569976 from home:vitezslav_cizek:branches:security - Update to security release 0.99.3 (bsc#1077732) * CVE-2017-12376 (ClamAV Buffer Overflow in handle_pdfname Vulnerability) * CVE-2017-12377 (ClamAV Mew Packet Heap Overflow Vulnerability) * CVE-2017-12379 (ClamAV Buffer Overflow in messageAddArgument Vulnerability) - these vulnerabilities could have allowed an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. * CVE-2017-12374 (ClamAV use-after-free Vulnerabilities) * CVE-2017-12375 (ClamAV Buffer Overflow Vulnerability) * CVE-2017-12378 (ClamAV Buffer Over Read Vulnerability) * CVE-2017-12380 (ClamAV Null Dereference Vulnerability) - these vulnerabilities could have allowed an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. * CVE-2017-6420 (bsc#1052448) - this vulnerability allowed remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression. * CVE-2017-6419 (bsc#1052449) - ClamAV allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file. * CVE-2017-11423 (bsc#1049423) - The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha allowed remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file. * CVE-2017-6418 (bsc#1052466) - ClamAV 0.99.2 allowed remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message. - drop clamav-0.99.2-openssl-1.1.patch (upstream) OBS-URL: https://build.opensuse.org/request/show/569976 OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=151 2018-01-26 17:21:11 +01:00			`optimize for fast installation [default=yes]`
- Update to version 0.100.0 (bsc#1089502): * FIXME: Add upstream changes here before submitting to Factory. * Obsoletes clamav-fix_newer_zlib.patch - Update key ring and add signature file. - Remove the logic around building the embedded llvm as the system-wide llvm is now auto-detected and used. - Move pc files from the main to the devel package. OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=161 2018-04-13 17:16:49 +02:00			`@@ -5211,6 +5215,26 @@ $as_echo "$ac_cv_safe_to_define___extens`
Accepting request 439481 from home:faweiss:branches:security OBS-URL: https://build.opensuse.org/request/show/439481 OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=140 2016-11-10 23:34:49 +01:00
			`$as_echo "#define _TANDEM_SOURCE 1" >>confdefs.h`

			`+# Check whether --enable-timestamps was given.`
			`+if test "${enable_timestamps+set}" = set; then :`
			`+ enableval=$enable_timestamps;`
			`+else`
			`+ enableval=default`
			`+fi`
			`+`
			`+case "$enableval" in`
			`+ yes) ENABLE_TIMESTAMPS=1`
			`+ ;;`
			`+ no) ENABLE_TIMESTAMPS=0`
			`+ ;;`
			`+ default) ENABLE_TIMESTAMPS=1`
			`+ ;;`
			`+ *) as_fn_error $? "Invalid setting for --enable-timestamps. Use \"yes\" or \"no\"" "$LINENO" 5 ;;`
			`+esac`
			`+`
			`+cat >>confdefs.h <<_ACEOF`
			`+#define ENABLE_TIMESTAMPS $ENABLE_TIMESTAMPS`
			`+_ACEOF`


- Update to version 0.100.0 (bsc#1089502): * FIXME: Add upstream changes here before submitting to Factory. * Obsoletes clamav-fix_newer_zlib.patch - Update key ring and add signature file. - Remove the logic around building the embedded llvm as the system-wide llvm is now auto-detected and used. - Move pc files from the main to the devel package. OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=161 2018-04-13 17:16:49 +02:00			`VERSION="0.100.0"`