From 06d9b1e3a6ba3f2255df4de3a1d90b1d2ddd39388c5ea08ac99373f4b94d6714 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Fri, 26 Jan 2018 16:21:11 +0000 Subject: [PATCH] Accepting request 569976 from home:vitezslav_cizek:branches:security - Update to security release 0.99.3 (bsc#1077732) * CVE-2017-12376 (ClamAV Buffer Overflow in handle_pdfname Vulnerability) * CVE-2017-12377 (ClamAV Mew Packet Heap Overflow Vulnerability) * CVE-2017-12379 (ClamAV Buffer Overflow in messageAddArgument Vulnerability) - these vulnerabilities could have allowed an unauthenticated, remote attacker to cause a denial of service (DoS) condition or potentially execute arbitrary code on an affected device. * CVE-2017-12374 (ClamAV use-after-free Vulnerabilities) * CVE-2017-12375 (ClamAV Buffer Overflow Vulnerability) * CVE-2017-12378 (ClamAV Buffer Over Read Vulnerability) * CVE-2017-12380 (ClamAV Null Dereference Vulnerability) - these vulnerabilities could have allowed an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. * CVE-2017-6420 (bsc#1052448) - this vulnerability allowed remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression. * CVE-2017-6419 (bsc#1052449) - ClamAV allowed remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted CHM file. * CVE-2017-11423 (bsc#1049423) - The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha allowed remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted CAB file. * CVE-2017-6418 (bsc#1052466) - ClamAV 0.99.2 allowed remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message. - drop clamav-0.99.2-openssl-1.1.patch (upstream) OBS-URL: https://build.opensuse.org/request/show/569976 OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=151 --- clamav-0.99.2-openssl-1.1.patch | 33 --------------------------------- clamav-0.99.2.tar.gz | 3 --- clamav-0.99.3.tar.gz | 3 +++ clamav-disable-timestamps.patch | 26 +++++++++++++------------- clamav.changes | 32 ++++++++++++++++++++++++++++++++ clamav.spec | 10 ++-------- 6 files changed, 50 insertions(+), 57 deletions(-) delete mode 100644 clamav-0.99.2-openssl-1.1.patch delete mode 100644 clamav-0.99.2.tar.gz create mode 100644 clamav-0.99.3.tar.gz diff --git a/clamav-0.99.2-openssl-1.1.patch b/clamav-0.99.2-openssl-1.1.patch deleted file mode 100644 index aa04063..0000000 --- a/clamav-0.99.2-openssl-1.1.patch +++ /dev/null @@ -1,33 +0,0 @@ ---- clamav-0.99.2/libclamav/crypto.c.omv~ 2016-09-18 18:11:34.723085234 +0200 -+++ clamav-0.99.2/libclamav/crypto.c 2016-09-18 18:11:48.296898159 +0200 -@@ -121,7 +121,7 @@ time_t timegm(struct tm *t) - int cl_initialize_crypto(void) - { - SSL_load_error_strings(); -- SSL_library_init(); -+ OPENSSL_init_ssl(0, NULL); - OpenSSL_add_all_digests(); - OpenSSL_add_all_algorithms(); - OpenSSL_add_all_ciphers(); ---- clamav-0.99.2/m4/reorganization/libs/openssl.m4.omv~ 2016-09-18 18:11:11.071411211 +0200 -+++ clamav-0.99.2/m4/reorganization/libs/openssl.m4 2016-09-18 18:11:22.872248566 +0200 -@@ -41,7 +41,7 @@ fi - have_ssl="no" - have_crypto="no" - --AC_CHECK_LIB([ssl], [SSL_library_init], [have_ssl="yes"], [AC_MSG_ERROR([Your OpenSSL installation is misconfigured or missing])], [-lcrypto -lz]) -+AC_CHECK_LIB([ssl], [OPENSSL_init_ssl], [have_ssl="yes"], [AC_MSG_ERROR([Your OpenSSL installation is misconfigured or missing])], [-lcrypto -lz]) - - AC_CHECK_LIB([crypto], [EVP_EncryptInit], [have_crypto="yes"], [AC_MSG_ERROR([Your OpenSSL installation is misconfigured or missing])], [-lcrypto -lz]) - ---- clamav-0.99.2/libclamav/crypto.c.omv~ 2016-09-18 18:15:48.514588018 +0200 -+++ clamav-0.99.2/libclamav/crypto.c 2016-09-18 18:18:26.332413758 +0200 -@@ -1110,7 +1110,7 @@ X509_CRL *cl_load_crl(const char *file) - fclose(fp); - - if ((x)) { -- tm = cl_ASN1_GetTimeT(x->crl->nextUpdate); -+ tm = cl_ASN1_GetTimeT(X509_CRL_get0_nextUpdate(x)); - if (!(tm)) { - X509_CRL_free(x); - return NULL; diff --git a/clamav-0.99.2.tar.gz b/clamav-0.99.2.tar.gz deleted file mode 100644 index a22b196..0000000 --- a/clamav-0.99.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:167bd6a13e05ece326b968fdb539b05c2ffcfef6018a274a10aeda85c2c0027a -size 16067497 diff --git a/clamav-0.99.3.tar.gz b/clamav-0.99.3.tar.gz new file mode 100644 index 0000000..651622f --- /dev/null +++ b/clamav-0.99.3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:00fa5292a6e00a3a4035b826267748965d5d2c4943d8ff417d740238263e8e84 +size 16082645 diff --git a/clamav-disable-timestamps.patch b/clamav-disable-timestamps.patch index 1210b39..6758a0a 100644 --- a/clamav-disable-timestamps.patch +++ b/clamav-disable-timestamps.patch @@ -1,7 +1,7 @@ -Index: clamav-0.99.2/libclamav/tomsfastmath/misc/fp_ident.c +Index: clamav-0.99.3/libclamav/tomsfastmath/misc/fp_ident.c =================================================================== ---- clamav-0.99.2.orig/libclamav/tomsfastmath/misc/fp_ident.c -+++ clamav-0.99.2/libclamav/tomsfastmath/misc/fp_ident.c +--- clamav-0.99.3.orig/libclamav/tomsfastmath/misc/fp_ident.c 2018-01-26 16:31:35.516009696 +0100 ++++ clamav-0.99.3/libclamav/tomsfastmath/misc/fp_ident.c 2018-01-26 16:31:36.912029598 +0100 @@ -15,7 +15,11 @@ const char *fp_ident(void) memset(buf, 0, sizeof(buf)); @@ -27,10 +27,10 @@ Index: clamav-0.99.2/libclamav/tomsfastmath/misc/fp_ident.c if (sizeof(fp_digit) == sizeof(fp_word)) { strncat(buf, "WARNING: sizeof(fp_digit) == sizeof(fp_word), this build is likely to not work properly.\n", -Index: clamav-0.99.2/configure +Index: clamav-0.99.3/configure =================================================================== ---- clamav-0.99.2.orig/configure -+++ clamav-0.99.2/configure +--- clamav-0.99.3.orig/configure 2018-01-26 16:31:35.532009924 +0100 ++++ clamav-0.99.3/configure 2018-01-26 16:32:20.112645407 +0100 @@ -783,6 +783,7 @@ FGREP SED LIBTOOL @@ -47,16 +47,16 @@ Index: clamav-0.99.2/configure enable_static enable_shared with_pic -@@ -1592,6 +1594,8 @@ Optional Features: - do not reject slow dependency extractors - --disable-dependency-tracking - speeds up one-time build +@@ -1591,6 +1593,8 @@ Optional Features: + --disable-dependency-tracking speeds up one-time build + --enable-dependency-tracking do not reject slow dependency extractors + --enable-static[=PKGS] build static libraries [default=no] + --enable-timestamps Enable embedding timestamp information in build + (default is YES) - --enable-static[=PKGS] build static libraries [default=no] --enable-shared[=PKGS] build shared libraries [default=yes] --enable-fast-install[=PKGS] -@@ -5163,6 +5167,26 @@ $as_echo "$ac_cv_safe_to_define___extens + optimize for fast installation [default=yes] +@@ -4967,6 +4971,26 @@ $as_echo "$ac_cv_safe_to_define___extens $as_echo "#define _TANDEM_SOURCE 1" >>confdefs.h @@ -82,4 +82,4 @@ Index: clamav-0.99.2/configure +_ACEOF - VERSION="0.99.2" + VERSION="0.99.3" diff --git a/clamav.changes b/clamav.changes index 8ef1c60..4262536 100644 --- a/clamav.changes +++ b/clamav.changes @@ -1,3 +1,35 @@ +------------------------------------------------------------------- +Fri Jan 26 15:19:33 UTC 2018 - vcizek@suse.com + +- Update to security release 0.99.3 (bsc#1077732) + * CVE-2017-12376 (ClamAV Buffer Overflow in handle_pdfname Vulnerability) + * CVE-2017-12377 (ClamAV Mew Packet Heap Overflow Vulnerability) + * CVE-2017-12379 (ClamAV Buffer Overflow in messageAddArgument Vulnerability) + - these vulnerabilities could have allowed an unauthenticated, + remote attacker to cause a denial of service (DoS) condition + or potentially execute arbitrary code on an affected device. + * CVE-2017-12374 (ClamAV use-after-free Vulnerabilities) + * CVE-2017-12375 (ClamAV Buffer Overflow Vulnerability) + * CVE-2017-12378 (ClamAV Buffer Over Read Vulnerability) + * CVE-2017-12380 (ClamAV Null Dereference Vulnerability) + - these vulnerabilities could have allowed an unauthenticated, + remote attacker to cause a denial of service (DoS) condition on an affected device. + * CVE-2017-6420 (bsc#1052448) + - this vulnerability allowed remote attackers to cause a denial of service + (use-after-free) via a crafted PE file with WWPack compression. + * CVE-2017-6419 (bsc#1052449) + - ClamAV allowed remote attackers to cause a denial of service + (heap-based buffer overflow and application crash) or possibly + have unspecified other impact via a crafted CHM file. + * CVE-2017-11423 (bsc#1049423) + - The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha + allowed remote attackers to cause a denial of service + (stack-based buffer over-read and application crash) via a crafted CAB file. + * CVE-2017-6418 (bsc#1052466) + - ClamAV 0.99.2 allowed remote attackers to cause a denial + of service (out-of-bounds read) via a crafted e-mail message. +- drop clamav-0.99.2-openssl-1.1.patch (upstream) + ------------------------------------------------------------------- Tue Nov 28 08:30:04 UTC 2017 - meissner@suse.com diff --git a/clamav.spec b/clamav.spec index c10f169..30ff650 100644 --- a/clamav.spec +++ b/clamav.spec @@ -1,7 +1,7 @@ # # spec file for package clamav # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -43,7 +43,7 @@ BuildRequires: python-devel Summary: Antivirus Toolkit License: GPL-2.0 Group: Productivity/Security -Version: 0.99.2 +Version: 0.99.3 Release: 0 Url: http://www.clamav.net Obsoletes: clamav-db < 0.88.3 @@ -62,8 +62,6 @@ Patch1: clamav-conf.patch Patch3: clamav-gcc47.patch Patch4: clamav-disable-timestamps.patch Patch5: clamav-fix_newer_zlib.patch -# https://raw.githubusercontent.com/patch-exchange/openssl-1.1-transition/master/clamav/clamav-0.99.2-openssl-1.1.patch -Patch6: clamav-0.99.2-openssl-1.1.patch BuildRequires: systemd BuildRequires: systemd-rpm-macros %systemd_requires @@ -104,10 +102,6 @@ that want to make use of libclamav. %patch3 -p1 %patch4 -p1 %patch5 -p1 -if pkg-config --atleast-version=1.1.0 libssl; then -%patch6 -p1 -autoreconf -i -f -fi %build CFLAGS="-fstack-protector"