- New Version: 1.3.1:

* CVE-2024-20380: Fixed a possible crash in the HTML file parser
    that could cause a denial-of-service (DoS) condition.
  * Updated select Rust dependencies to the latest versions.
  * Fixed a bug causing some text to be truncated when converting
    from UTF-16.
  * Fixed assorted complaints identified by Coverity static
    analysis.
  * Fixed a bug causing CVDs downloaded by the DatabaseCustomURL
    Freshclam config option to be pruned and then re-downloaded
    with every update.
  * Added the new 'valhalla' database name to the list of optional
    databases in preparation for future work.
- Drop clamav-disable-yara.patch as yara cannot be disabled anymore

OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=254

clamav-1.3.1.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:12a3035bf26f55f71e3106a51a5fa8d7b744572df98a63920a9cff876a7dcce4
+size 54554712

clamav-1.3.1.tar.gz.sig

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAABAgAGBQJmH9VrAAoJEMzg39Iewam/XfwP/ic9ZUe5KxhdFroBzjm4arRp
++/oMZ68d5sa5TVyDvCDOa1b+ttcV7KtUw6/h3itPKAJ4DHt9gq1qtFK9C5GSjIgI
+jGCzwOzD0tPM56hPQQ5fo6md9fb5np1UQAG+tKmd02v1Yq80eQTimdpQr6TuHcI7
+PBg7ku7c3lfqmXgGbb+AsBQr/x+MJTN8QH2VUP3L6iUkl96iSaYN9FTr0VkjeU13
+Ir77fXd4jfcgpBdSJtLjBuCBpjyCSvw2x0Vp3TIjKi4FRGp5x0YkAdoQ/UDMh4+Y
+u1gICsROL967/9gEr4d7zwBv5UNPDWO4HNUC5+uBurUfF1WCoF0WAqtuzNpdAYGE
+2sMQc7HnRJKo6KchtU5kLZeAqgqL+k70VBTBjgqdi4YzvsX62SatJPHdRvkaf00H
+LojUD7f0CpPFtkfftZ16SPAb65x3mtdFfYSXaIVKhWsTJoCFy/HnuXNWnW4W/HwX
+RSQTFE3rUad/MEhJzfo8debwVWPAHf4RrNmkOkQ/co/NswUB+3rsZLpcj3ULEcqL
+WDx8/lPDZsyvaosB4JIZLJaECq8TTUZswHsV/K7vdO/S994Ndc+QhXPF75lg33hu
+eCIUF/6ZxMfKyeJre3KWeUmBKRMZZ4WJ6MEmSomL2BSYLSeRkvHY21v9InOK0w1f
+VUaK04HxPJTun12AFAZk
+=9gDC
+-----END PGP SIGNATURE-----

clamav.changes

@@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Mon Apr 22 15:30:18 UTC 2024 - Reinhard Max <max@suse.com>
+
+- New Version: 1.3.1:
+  * CVE-2024-20380: Fixed a possible crash in the HTML file parser
+    that could cause a denial-of-service (DoS) condition.
+  * Updated select Rust dependencies to the latest versions.
+  * Fixed a bug causing some text to be truncated when converting
+    from UTF-16.
+  * Fixed assorted complaints identified by Coverity static
+    analysis.
+  * Fixed a bug causing CVDs downloaded by the DatabaseCustomURL
+    Freshclam config option to be pruned and then re-downloaded
+    with every update.
+  * Added the new 'valhalla' database name to the list of optional
+    databases in preparation for future work.
+
 -------------------------------------------------------------------
 Fri Mar 15 13:52:57 UTC 2024 - Reinhard Max <max@suse.com>
 
@@ -75,7 +92,7 @@ Fri Mar 15 13:52:57 UTC 2024 - Reinhard Max <max@suse.com>
 - Fix format strings on 32bit platforms (clamav-format.patch).
 - Add missing endianness conversions (clamav-ec32.patch).
 - Don't build on armv7l for now due to some test failures.
-- Drop clamav-disable-yara.patch as yara cannot be disabled anymore.
+- Drop clamav-disable-yara.patch as yara cannot be disabled anymore
 
 -------------------------------------------------------------------
 Mon Feb 26 10:47:55 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>

clamav.spec

@@ -32,7 +32,7 @@
 %global confdir %_prefix%_sysconfdir
 
 Name:           clamav
-Version:        1.3.0
+Version:        1.3.1
 Release:        0
 Summary:        Antivirus Toolkit
 License:        GPL-2.0-only