Accepting request 902389 from security

OBS-URL: https://build.opensuse.org/request/show/902389
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/clamav?expand=0&rev=113

clamav-0.103.2.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d4b5d0ac666262e423a326fb54778caa7c69624d6c3f9542895feb8478271bd2
-size 13387954

clamav-0.103.2.tar.gz.sig

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIcBAABAgAGBQJgba4lAAoJEGCbAk8rPt0H5r4P/jeT1CCWK56iYedEZbCJ7QDi
-Oax1D/rynYXp4HJYksAFexCUDQ8L4Aj1UAVDtfAKDrsiE1xkR/EJso+ht3gisOen
-C/iAhemGZh/cUdrMEBMyPatym4jzeiJ7Cwx5Zf/3viyHQWGvWKqIWINJvkmRZOSu
-Whw7WqlXOzgdRFtwQ+gQKdPotguhKJdBomj2ODUMGtEn/suIihmIQYfnE6XMubao
-7N4PGnGa8DGcN/uDVpPrWtHXq2WQ78W//o/s44OxabKnZrmCMu2TZbB0IsrivYfa
-qgEuVfOEU+v0QX/KZl463t1ZLFJ7VoFf48Uf0RQ+Xsb6xEYWZenTPsq37oG+fV9T
-lz8p6woeyHPU6fZfxl4+9RUhWi1hwWjW2Nhd0Zm9YLbImgKvDU3dg2nyvOihZX8w
-vyb8iA1AvzJ0uSgqABY1wLL4bZDpgb/1vQkYahOypOvZ/PaNs+9gWiowkpcsq1l0
-VitOgr3UdkA8InsSaRwY77E4rjXl7kC7TTA7j9JtMxBGDfAYym0O2OGf2s6J7gmB
-rYxdHc0jpTeZO5w/ku6M10uCBJDqO8ILWbvxHF7i4VCuuupeWUDCKrGd9wNS4hmg
-i7pyKa9b1HAzODfDhBiBXAuTaND0NywlmwVq/GPVAWLcZJcvl2ORliqDfZBzPfiU
-lUafz0W54+2DS0ujPbK4
-=99oG
------END PGP SIGNATURE-----

clamav-0.103.3.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9f6e3d18449f3d1a3992771d696685249dfa12736fe2b2929858f2c7d8276ae9
+size 13389239

clamav-0.103.3.tar.gz.sig

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAABAgAGBQJg0JhdAAoJEGCbAk8rPt0HftoP/jPXSxEc6xwiMLeNpnUeOLv0
+MImj+riqMUaRFaKVb0j9Gsw3iW0e/2BmlAyTgPjp/+4m/q17YT6tY1gBu2V4x2eA
+thW0FW/RoAe6aqYEgKQrXMBft+tnK8qX4TeSLeVSXED00y8REHfeqGmmd9COKzkN
+AJdCE8k2Af3zbYFsTTg28T5aZk4UsTs/whJVpUX1y/dLiPRljCPXGxA+Wg/DjIZm
+p4dTwNfym5R+lzJTyp7HgNNQcCYZZeXpRF3pkmX1FZ+HjlQY6SfRkR01M/Zuljgj
+wjJq65zWzPq0UT0suOveDuu0+hgESj/J/0s4BmTKphq3gOTLrzDjdCduHpxWtCrN
+r82WcWe1eAoCX8qZXlnG1rrJJ3A69sRuZ1YOSa52xkJ6ewmL6BLyyJ3O+f76kyiK
+0X40W5Pcz7wMiNqG+UvOMc79Py8RjOVkOzKo0+ACPTl1ZsYe60xPKwF4sp3sSfrr
+V40DsS6WS/1j+qgDICagJDniep0ZvqdPZIH6DjbfNdIn1/XKBgx4RSLPDTDaNqM5
+nL16rlpCMos1r8yhlwsqCgP0BRx2duuiz0S05blrfF+gh+SNPuaev0W6DTgn+9cR
+z1Qr8T7aUoXl0pb/M2F1qWuUPJv+lIE1ol08dhzTa4VN3QaE+Qm5VG7WsLKbDVeX
+aCuquIBImOG+ERh7Fusg
+=jaU1
+-----END PGP SIGNATURE-----

clamav.changes

@@ -1,3 +1,31 @@
+-------------------------------------------------------------------
+Mon Jun 21 18:44:32 UTC 2021 - Arjen de Korte <suse+build@de-korte.org>
+
+- Update to 0.103.3
+  * Fixed a scan performance issue when ENGINE_OPTIONS_FORCE_TO_DISK is
+    enabled. This issue did not impacted most users but for those
+    affected it caused every scanned file to be copied to the temp
+    directory before the scan.
+  * Fix ClamDScan crashes when using the --fdpass --multiscan
+    command-line options in combination with the ClamD ExcludePath
+    config file options.
+  * Fixed an issue where the mirrors.dat file is owned by root when
+    starting as root (or with sudo) and using daemon-mode. File
+    ownership will be set to the DatabaseOwner just before FreshClam
+    switches to run as that user.
+  * Renamed the mirrors.dat file to freshclam.dat.
+  * Disabled the HTTPUserAgent config option if the DatabaseMirror uses
+    clamav.net. This will prevent users from being inadvertently blocked
+    and will ensure that we can keep better metrics on which ClamAV
+    versions are being used.
+  * Moved the detection for Heuristics.PNG.CVE-2010-1205 behind the
+    ClamScan --alert-broken-media option (ClamD AlertBrokenMedia yes)
+    option. This type of PNG issue appears to be common enough to be an
+    annoyance, and the CVE is old enough that no one should be
+    vulnerable at this point.
+  * Fix ClamSubmit failures after changes to Cloudflare "__cfduid"
+    cookies. See: https://blog.cloudflare.com/deprecating-cfduid-cookie/
+
 -------------------------------------------------------------------
 Fri Apr  9 10:33:04 UTC 2021 - Reinhard Max <max@suse.com>
 

clamav.spec

@@ -19,7 +19,7 @@
 %bcond_with	clammspack
 %bcond_with	valgrind
 Name:           clamav
-Version:        0.103.2
+Version:        0.103.3
 Release:        0
 Summary:        Antivirus Toolkit
 License:        GPL-2.0-only