From 67f2541c68ad08be7681303d6637ef855686fa389b2b9560986a474edcfb1b7f Mon Sep 17 00:00:00 2001
From: Reinhard Max <max@suse.com>
Date: Fri, 25 Jun 2021 13:36:20 +0000
Subject: [PATCH] Accepting request 901217 from home:adkorte

- Update to 0.103.3
  * Fixed a scan performance issue when ENGINE_OPTIONS_FORCE_TO_DISK is
    enabled. This issue did not impacted most users but for those
    affected it caused every scanned file to be copied to the temp
    directory before the scan.
  * Fix ClamDScan crashes when using the --fdpass --multiscan
    command-line options in combination with the ClamD ExcludePath
    config file options.
  * Fixed an issue where the mirrors.dat file is owned by root when
    starting as root (or with sudo) and using daemon-mode. File
    ownership will be set to the DatabaseOwner just before FreshClam
    switches to run as that user.
  * Renamed the mirrors.dat file to freshclam.dat.
  * Disabled the HTTPUserAgent config option if the DatabaseMirror uses
    clamav.net. This will prevent users from being inadvertently blocked
    and will ensure that we can keep better metrics on which ClamAV
    versions are being used.
  * Moved the detection for Heuristics.PNG.CVE-2010-1205 behind the
    ClamScan --alert-broken-media option (ClamD AlertBrokenMedia yes)
    option. This type of PNG issue appears to be common enough to be an
    annoyance, and the CVE is old enough that no one should be
    vulnerable at this point.
  * Fix ClamSubmit failures after changes to Cloudflare "__cfduid"
    cookies. See: https://blog.cloudflare.com/deprecating-cfduid-cookie/

OBS-URL: https://build.opensuse.org/request/show/901217
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=223
---
 clamav-0.103.2.tar.gz     |  3 ---
 clamav-0.103.2.tar.gz.sig | 16 ----------------
 clamav-0.103.3.tar.gz     |  3 +++
 clamav-0.103.3.tar.gz.sig | 16 ++++++++++++++++
 clamav.changes            | 28 ++++++++++++++++++++++++++++
 clamav.spec               |  2 +-
 6 files changed, 48 insertions(+), 20 deletions(-)
 delete mode 100644 clamav-0.103.2.tar.gz
 delete mode 100644 clamav-0.103.2.tar.gz.sig
 create mode 100644 clamav-0.103.3.tar.gz
 create mode 100644 clamav-0.103.3.tar.gz.sig

diff --git a/clamav-0.103.2.tar.gz b/clamav-0.103.2.tar.gz
deleted file mode 100644
index f799883..0000000
--- a/clamav-0.103.2.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d4b5d0ac666262e423a326fb54778caa7c69624d6c3f9542895feb8478271bd2
-size 13387954
diff --git a/clamav-0.103.2.tar.gz.sig b/clamav-0.103.2.tar.gz.sig
deleted file mode 100644
index af7dc62..0000000
--- a/clamav-0.103.2.tar.gz.sig
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIcBAABAgAGBQJgba4lAAoJEGCbAk8rPt0H5r4P/jeT1CCWK56iYedEZbCJ7QDi
-Oax1D/rynYXp4HJYksAFexCUDQ8L4Aj1UAVDtfAKDrsiE1xkR/EJso+ht3gisOen
-C/iAhemGZh/cUdrMEBMyPatym4jzeiJ7Cwx5Zf/3viyHQWGvWKqIWINJvkmRZOSu
-Whw7WqlXOzgdRFtwQ+gQKdPotguhKJdBomj2ODUMGtEn/suIihmIQYfnE6XMubao
-7N4PGnGa8DGcN/uDVpPrWtHXq2WQ78W//o/s44OxabKnZrmCMu2TZbB0IsrivYfa
-qgEuVfOEU+v0QX/KZl463t1ZLFJ7VoFf48Uf0RQ+Xsb6xEYWZenTPsq37oG+fV9T
-lz8p6woeyHPU6fZfxl4+9RUhWi1hwWjW2Nhd0Zm9YLbImgKvDU3dg2nyvOihZX8w
-vyb8iA1AvzJ0uSgqABY1wLL4bZDpgb/1vQkYahOypOvZ/PaNs+9gWiowkpcsq1l0
-VitOgr3UdkA8InsSaRwY77E4rjXl7kC7TTA7j9JtMxBGDfAYym0O2OGf2s6J7gmB
-rYxdHc0jpTeZO5w/ku6M10uCBJDqO8ILWbvxHF7i4VCuuupeWUDCKrGd9wNS4hmg
-i7pyKa9b1HAzODfDhBiBXAuTaND0NywlmwVq/GPVAWLcZJcvl2ORliqDfZBzPfiU
-lUafz0W54+2DS0ujPbK4
-=99oG
------END PGP SIGNATURE-----
diff --git a/clamav-0.103.3.tar.gz b/clamav-0.103.3.tar.gz
new file mode 100644
index 0000000..022f978
--- /dev/null
+++ b/clamav-0.103.3.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9f6e3d18449f3d1a3992771d696685249dfa12736fe2b2929858f2c7d8276ae9
+size 13389239
diff --git a/clamav-0.103.3.tar.gz.sig b/clamav-0.103.3.tar.gz.sig
new file mode 100644
index 0000000..0f3dc6a
--- /dev/null
+++ b/clamav-0.103.3.tar.gz.sig
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAABAgAGBQJg0JhdAAoJEGCbAk8rPt0HftoP/jPXSxEc6xwiMLeNpnUeOLv0
+MImj+riqMUaRFaKVb0j9Gsw3iW0e/2BmlAyTgPjp/+4m/q17YT6tY1gBu2V4x2eA
+thW0FW/RoAe6aqYEgKQrXMBft+tnK8qX4TeSLeVSXED00y8REHfeqGmmd9COKzkN
+AJdCE8k2Af3zbYFsTTg28T5aZk4UsTs/whJVpUX1y/dLiPRljCPXGxA+Wg/DjIZm
+p4dTwNfym5R+lzJTyp7HgNNQcCYZZeXpRF3pkmX1FZ+HjlQY6SfRkR01M/Zuljgj
+wjJq65zWzPq0UT0suOveDuu0+hgESj/J/0s4BmTKphq3gOTLrzDjdCduHpxWtCrN
+r82WcWe1eAoCX8qZXlnG1rrJJ3A69sRuZ1YOSa52xkJ6ewmL6BLyyJ3O+f76kyiK
+0X40W5Pcz7wMiNqG+UvOMc79Py8RjOVkOzKo0+ACPTl1ZsYe60xPKwF4sp3sSfrr
+V40DsS6WS/1j+qgDICagJDniep0ZvqdPZIH6DjbfNdIn1/XKBgx4RSLPDTDaNqM5
+nL16rlpCMos1r8yhlwsqCgP0BRx2duuiz0S05blrfF+gh+SNPuaev0W6DTgn+9cR
+z1Qr8T7aUoXl0pb/M2F1qWuUPJv+lIE1ol08dhzTa4VN3QaE+Qm5VG7WsLKbDVeX
+aCuquIBImOG+ERh7Fusg
+=jaU1
+-----END PGP SIGNATURE-----
diff --git a/clamav.changes b/clamav.changes
index 2827d7b..bda0808 100644
--- a/clamav.changes
+++ b/clamav.changes
@@ -1,3 +1,31 @@
+-------------------------------------------------------------------
+Mon Jun 21 18:44:32 UTC 2021 - Arjen de Korte <suse+build@de-korte.org>
+
+- Update to 0.103.3
+  * Fixed a scan performance issue when ENGINE_OPTIONS_FORCE_TO_DISK is
+    enabled. This issue did not impacted most users but for those
+    affected it caused every scanned file to be copied to the temp
+    directory before the scan.
+  * Fix ClamDScan crashes when using the --fdpass --multiscan
+    command-line options in combination with the ClamD ExcludePath
+    config file options.
+  * Fixed an issue where the mirrors.dat file is owned by root when
+    starting as root (or with sudo) and using daemon-mode. File
+    ownership will be set to the DatabaseOwner just before FreshClam
+    switches to run as that user.
+  * Renamed the mirrors.dat file to freshclam.dat.
+  * Disabled the HTTPUserAgent config option if the DatabaseMirror uses
+    clamav.net. This will prevent users from being inadvertently blocked
+    and will ensure that we can keep better metrics on which ClamAV
+    versions are being used.
+  * Moved the detection for Heuristics.PNG.CVE-2010-1205 behind the
+    ClamScan --alert-broken-media option (ClamD AlertBrokenMedia yes)
+    option. This type of PNG issue appears to be common enough to be an
+    annoyance, and the CVE is old enough that no one should be
+    vulnerable at this point.
+  * Fix ClamSubmit failures after changes to Cloudflare "__cfduid"
+    cookies. See: https://blog.cloudflare.com/deprecating-cfduid-cookie/
+
 -------------------------------------------------------------------
 Fri Apr  9 10:33:04 UTC 2021 - Reinhard Max <max@suse.com>
 
diff --git a/clamav.spec b/clamav.spec
index cd6e0f6..0c27409 100644
--- a/clamav.spec
+++ b/clamav.spec
@@ -19,7 +19,7 @@
 %bcond_with	clammspack
 %bcond_with	valgrind
 Name:           clamav
-Version:        0.103.2
+Version:        0.103.3
 Release:        0
 Summary:        Antivirus Toolkit
 License:        GPL-2.0-only