From 7c0f4d5fedf05410317999814edd621c565caea9cbf121a3fed69e4388f71e48 Mon Sep 17 00:00:00 2001 From: Reinhard Max Date: Thu, 4 Nov 2021 13:53:57 +0000 Subject: [PATCH] - clamav-document-maxsize.patch: in the "clamscan" and "clamdscan" manpages, document that files over a certain size by default will silently not be scanned and how this can be adjusted (bsc#1187509) -------------------------------------------------------------------- - bsc#1192346: Update to 0.103.4 - bsc#1188284: Update to 0.103.3 * obsoletes clamav-disable-timestamps.patch OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=225 --- clamav-document-maxsize.patch | 45 +++++++++++++++++++++++++++++++++++ clamav.changes | 12 ++++++++-- clamav.spec | 3 +++ 3 files changed, 58 insertions(+), 2 deletions(-) create mode 100644 clamav-document-maxsize.patch diff --git a/clamav-document-maxsize.patch b/clamav-document-maxsize.patch new file mode 100644 index 0000000..64fd2e3 --- /dev/null +++ b/clamav-document-maxsize.patch @@ -0,0 +1,45 @@ +Index: clamav-0.103.2/docs/man/clamscan.1.in +=================================================================== +--- clamav-0.103.2.orig/docs/man/clamscan.1.in ++++ clamav-0.103.2/docs/man/clamscan.1.in +@@ -8,6 +8,18 @@ clamscan [options] [file/directory/\-] + .SH "DESCRIPTION" + .LP + clamscan is a command line anti\-virus scanner. ++.SH "NOTE" ++.LP ++If a file or an archive is larger than the default or configured size (see \-\-max\-filesize and \-\-max-scansize options) scanning will abort at the limit, and the file will be marked as "OK". ++.TP ++The archive scan limits are currently set to 25MB or 100MB respectively. ++.TP ++There are more options that limit scanning, please check all the \-\-max\-something options. ++.TP ++To report files that are exceeding these limits, you need to specify \-\-alert\-exceeds\-max=yes option. This will then report a "Heuristics.Limits.Exceeded FOUND" for such files. ++ ++.TP ++Please note that such a FOUND message does not imply infection, and your tooling should be able to handle this. + .SH "OPTIONS" + .LP + Most of the options are simple switches which enable or disable some features. Options marked with [=yes/no(*)] can be optionally followed by =yes/=no; if they get called without the boolean argument the scanner will assume 'yes'. The asterisk marks the default internal setting for a given option. +Index: clamav-0.103.2/docs/man/clamdscan.1.in +=================================================================== +--- clamav-0.103.2.orig/docs/man/clamdscan.1.in ++++ clamav-0.103.2/docs/man/clamdscan.1.in +@@ -8,6 +8,17 @@ clamdscan [options] [file/directory] + .SH "DESCRIPTION" + .LP + clamdscan is a clamd client which may be used as a clamscan replacement. It accepts all the options implemented in clamscan but most of them will be ignored because its scanning abilities only depend on clamd. ++.SH "NOTE" ++.LP ++If a file or an archive is larger than the default or configured size (see MaxFileSize and MaxScanSize options in clamd.conf) scanning will abort at the limit, and the file will be marked as "OK". ++.TP ++The archive scan limits are currently set to 25MB or 100MB respectively. ++.TP ++There are more options that limit scanning, please check all the MaxSomething options in clamd.conf. ++.TP ++To report files that are exceeding these limits, you need to specify AlertExceedsMax TRUE in clamd.conf. This will then report a "Heuristics.Limits.Exceeded FOUND" for such files. ++.TP ++Please note that such a FOUND message does not imply infection, and your tooling should be able to handle this. + .SH "OPTIONS" + .LP + diff --git a/clamav.changes b/clamav.changes index e405851..2ea1101 100644 --- a/clamav.changes +++ b/clamav.changes @@ -1,7 +1,14 @@ ------------------------------------------------------------------- +Thu Nov 4 13:15:45 UTC 2021 - Reinhard Max + +- clamav-document-maxsize.patch: in the "clamscan" and "clamdscan" manpages, + document that files over a certain size by default will silently not be + scanned and how this can be adjusted (bsc#1187509) + +-------------------------------------------------------------------- Wed Nov 3 20:52:19 UTC 2021 - Arjen de Korte -- Update to 0.103.4 +- bsc#1192346: Update to 0.103.4 * FreshClam: - Add a 24-hour cool-down for FreshClam clients that have received an HTTP 403 (Forbidden) response from the CDN. This is to reduce @@ -64,7 +71,7 @@ Wed Nov 3 20:52:19 UTC 2021 - Arjen de Korte ------------------------------------------------------------------- Mon Jun 21 18:44:32 UTC 2021 - Arjen de Korte -- Update to 0.103.3 +- bsc#1188284: Update to 0.103.3 * Fixed a scan performance issue when ENGINE_OPTIONS_FORCE_TO_DISK is enabled. This issue did not impacted most users but for those affected it caused every scanned file to be copied to the temp @@ -119,6 +126,7 @@ Wed Apr 7 20:05:49 UTC 2021 - Arjen de Korte * Fix the FreshClam mirror-sync issue where a downloaded database is "older than the version advertised." * bsc#1181256: Fix errors when scanning files > 4G + * obsoletes clamav-disable-timestamps.patch - Update package signing key (from https://www.clamav.net/downloads) % clamav.keyring diff --git a/clamav.spec b/clamav.spec index 8e78764..7218561 100644 --- a/clamav.spec +++ b/clamav.spec @@ -40,6 +40,8 @@ Patch5: clamav-obsolete-config.patch Patch6: clamav-disable-yara.patch Patch12: clamav-fips.patch Patch13: clamav-ck_assert_msg.patch +Patch14: clamav-document-maxsize.patch + BuildRequires: autoconf BuildRequires: automake BuildRequires: gcc-c++ @@ -147,6 +149,7 @@ that want to make use of libclamav. %patch6 %patch12 %patch13 -p1 +%patch14 -p1 %build %if 0%{?suse_version} <= 1500