From 97d6c6c99937cea31d9e4d32f5f2a9e4c5424e5bca2db63da30847f358bd967d Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Thu, 4 Nov 2021 15:42:16 +0000 Subject: [PATCH] Updating link to change in openSUSE:Factory/clamav revision 114.0 OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=622f6dcc0b0fb91c9834df4062134792 --- clamav.changes | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/clamav.changes b/clamav.changes index 2ea1101..32dbf00 100644 --- a/clamav.changes +++ b/clamav.changes @@ -68,6 +68,69 @@ Wed Nov 3 20:52:19 UTC 2021 - Arjen de Korte to uppercase if a UTF-8 unicode single-byte grapheme becomes a multi-byte grapheme. Patch courtesy of Andrea De Pasquale. +------------------------------------------------------------------- +Wed Nov 3 20:52:19 UTC 2021 - Arjen de Korte + +- Update to 0.103.4 + * FreshClam: + - Add a 24-hour cool-down for FreshClam clients that have received + an HTTP 403 (Forbidden) response from the CDN. This is to reduce + the volume of 403-response data served to blocked FreshClam + clients that are configured with a tight update-loop. + - Fixed a bug where FreshClam treats an empty CDIFF as an + incremental update failure instead of as an intentional request + to download the whole CVD. + * ClamDScan: Fix a scan error when broken symlinks are encountered on + macOS with "FollowDirectorySymlinks" and "FollowFileSymlinks" + options disabled. + * Overhauled the scan recursion / nested archive extraction logic and + added new limits on embedded file-type recognition performed during + the "raw" scan of each file. This limits embedded file-type + misidentification and prevents detecting embedded file content that + is found/extracted and scanned at other layers in the scanning + process. + * Fix an issue with the FMap module that failed to read from some + nested files. + * Fixed an issue where failing to load some rules from a Yara file + containing multiple rules may cause a crash. + * Fixed assorted compiler warnings. + * Fixed assorted Coverity static code analysis issues. + * Scan limits: + - Added virus-name suffixes to the alerts that trigger when a scan + limit has been exceeded. Rather than simply + Heuristics.Limits.Exceeded, you may now see limit-specific + virus-names, to include: + + Heuristics.Limits.Exceeded.MaxFileSize + + Heuristics.Limits.Exceeded.MaxScanSize + + Heuristics.Limits.Exceeded.MaxFiles + + Heuristics.Limits.Exceeded.MaxRecursion + + Heuristics.Limits.Exceeded.MaxScanTime + - Renamed the Heuristics.Email.ExceedsMax.* alerts to align with + the other limit alerts names. These alerts include: + + Heuristics.Limits.Exceeded.EmailLineFoldcnt + + Heuristics.Limits.Exceeded.EmailHeaderBytes + + Heuristics.Limits.Exceeded.EmailHeaders + + Heuristics.Limits.Exceeded.EmailMIMEPartsPerMessage + + Heuristics.Limits.Exceeded.EmailMIMEArguments + - Fixed an issue where the Email-related scan limits would alert + even when the "AlertExceedsMax" (--alert-exceeds-max) scan option + is not enabled. + - Fixes an issue in the Zip parser where exceeding the "MaxFiles" + limit or the "MaxFileSize" limit would abort the scan but would + fail to alert. The Zip scan limit issues were independently + identified and reported by Aaron Leliaert and Max Allan. + * Fixed a leak in the Email parser when using the --gen-json scan + option. + * Fixed an issue where a failure to record metadata in the Email + parser when using the --gen-json scan option could cause the Email + parser to abort the scan early and fail to extract and scan + additional content. + * Fixed a file name memory leak in the Zip parser. + * Fixed an issue where certain signature patterns may cause a crash or + cause unintended matches on some systems when converting characters + to uppercase if a UTF-8 unicode single-byte grapheme becomes a + multi-byte grapheme. Patch courtesy of Andrea De Pasquale. + ------------------------------------------------------------------- Mon Jun 21 18:44:32 UTC 2021 - Arjen de Korte