From b6dec3dc1b21d9c434a1508e17462148237abeca04daa377fa1d6e2a023cb099 Mon Sep 17 00:00:00 2001 From: Reinhard Max Date: Thu, 8 Apr 2021 08:27:46 +0000 Subject: [PATCH] Accepting request 883689 from home:adkorte - Update to 0.103.2 * CVE-2021-1386: Fix for UnRAR DLL load privilege escalation. Affects 0.103.1 and prior on Windows only. * CVE-2021-1252: Fix for Excel XLM parser infinite loop. Affects 0.103.0 and 0.103.1 only. * CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. Affects 0.103.0 and 0.103.1 only. * CVE-2021-1405: Fix for mail parser NULL-dereference crash. Affects 0.103.1 and prior. * Fix possible memory leak in PNG parser. * Fix ClamOnAcc scan on file-creation race condition so files are scanned after their contents are written. * FreshClam: Deprecate the SafeBrowsing config option. The SafeBrowsing option will no longer do anything. * For more details, see our blog post from last year about the future of the ClamAV Safe Browsing database. * FreshClam: Improved HTTP 304, 403, & 429 handling. * FreshClam: Added back the mirrors.dat file to the database directory. * FreshClam will now exit with a failure in daemon mode if an HTTP 403 (Forbidden) was received, because retrying later won't help any. The FreshClam user will have to take actions to get unblocked. * Fix the FreshClam mirror-sync issue where a downloaded database is "older than the version advertised." - Update package signing key (from https://www.clamav.net/downloads) % clamav.keyring - Package clamav-milter in a subpackage - Remove virus signatures upon uninstall - Check for database existence before starting clamd - Restart clamd when it exits OBS-URL: https://build.opensuse.org/request/show/883689 OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=219 --- clamav-0.103.1.tar.gz | 3 -- clamav-0.103.1.tar.gz.sig | 16 ------ clamav-0.103.2.tar.gz | 3 ++ clamav-0.103.2.tar.gz.sig | 16 ++++++ clamav-conf.patch | 2 +- clamav.changes | 39 ++++++++++++++ clamav.keyring | 106 +++++++++++++++++++++----------------- clamav.spec | 82 +++++++++++++++++++++++++---- service.clamd | 10 ++-- service.freshclam | 5 +- timer.freshclam | 1 + 11 files changed, 200 insertions(+), 83 deletions(-) delete mode 100644 clamav-0.103.1.tar.gz delete mode 100644 clamav-0.103.1.tar.gz.sig create mode 100644 clamav-0.103.2.tar.gz create mode 100644 clamav-0.103.2.tar.gz.sig diff --git a/clamav-0.103.1.tar.gz b/clamav-0.103.1.tar.gz deleted file mode 100644 index d85cfbe..0000000 --- a/clamav-0.103.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7308c47b89b268af3b9f36140528927a49ff3e633a9c9c0aac2712d81056e257 -size 13369791 diff --git a/clamav-0.103.1.tar.gz.sig b/clamav-0.103.1.tar.gz.sig deleted file mode 100644 index 0f3947a..0000000 --- a/clamav-0.103.1.tar.gz.sig +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIcBAABAgAGBQJgGVyXAAoJEPE/nha8pb+tmvIP/2eluegyIzQ88Q0LJv/WTPpF -t02op8hnzbM/79gglU1bCdfuXLS9/OkT1QBM71xjndn/qN4/9gp7E3nd4dX+6MJB -YnfUx5atx6faxFs10hfVYrZBD/AYwtXlAAJpuEwB6iyJtDEUgBapQNGkeULuw2iO -gvuxDc7U8Tu+BjyDgPESxRtd6p5/3tMoXGhKTnYaOILEwveLgKvSJLv47d/Ew4EW -NU6m9erw4jumCm2qvkIyziZcjMSORiCGoyI9fXBWDADbXVTIYsOqSknshP3Om6He -lqNdrkok7pk6AsSY1PAepsPt6BT6n3MuZJKFU3/iHZLqqyL97Y/IaqzvSJj5q0++ -sy0ljsU88YIdV7bhJnN7khkpkq3DYsrZVg+nCyIoQ9iErNdwBWXGsgcclBSrwzDy -5UUz3MJvliqG9FKC5Va3BiHvK35d41Q99jZG0X9huSs+Atj0t1FkrOScnj+ZZd1E -OJKUYn7Pnb7asacJLOeCqCVuJaOsNSjidv1jtdwAEcOMbnwatHU0WVYlzqaxMpBh -WXXy0tR2Bpv7SjejV4F4LMNOux0v1gTogQ0iKRIk2FUtRpeLAXvnm3UrqB/bJyc+ -nx1s4+kUJo2PLhJN8XzbPpMEm5fymnPnuVQH5qjmJ6/WPxws+tKi0b4DuWOnlzxQ -r8r7QDor+YJ3F7BTPPay -=5QiJ ------END PGP SIGNATURE----- diff --git a/clamav-0.103.2.tar.gz b/clamav-0.103.2.tar.gz new file mode 100644 index 0000000..f799883 --- /dev/null +++ b/clamav-0.103.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d4b5d0ac666262e423a326fb54778caa7c69624d6c3f9542895feb8478271bd2 +size 13387954 diff --git a/clamav-0.103.2.tar.gz.sig b/clamav-0.103.2.tar.gz.sig new file mode 100644 index 0000000..af7dc62 --- /dev/null +++ b/clamav-0.103.2.tar.gz.sig @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIcBAABAgAGBQJgba4lAAoJEGCbAk8rPt0H5r4P/jeT1CCWK56iYedEZbCJ7QDi +Oax1D/rynYXp4HJYksAFexCUDQ8L4Aj1UAVDtfAKDrsiE1xkR/EJso+ht3gisOen +C/iAhemGZh/cUdrMEBMyPatym4jzeiJ7Cwx5Zf/3viyHQWGvWKqIWINJvkmRZOSu +Whw7WqlXOzgdRFtwQ+gQKdPotguhKJdBomj2ODUMGtEn/suIihmIQYfnE6XMubao +7N4PGnGa8DGcN/uDVpPrWtHXq2WQ78W//o/s44OxabKnZrmCMu2TZbB0IsrivYfa +qgEuVfOEU+v0QX/KZl463t1ZLFJ7VoFf48Uf0RQ+Xsb6xEYWZenTPsq37oG+fV9T +lz8p6woeyHPU6fZfxl4+9RUhWi1hwWjW2Nhd0Zm9YLbImgKvDU3dg2nyvOihZX8w +vyb8iA1AvzJ0uSgqABY1wLL4bZDpgb/1vQkYahOypOvZ/PaNs+9gWiowkpcsq1l0 +VitOgr3UdkA8InsSaRwY77E4rjXl7kC7TTA7j9JtMxBGDfAYym0O2OGf2s6J7gmB +rYxdHc0jpTeZO5w/ku6M10uCBJDqO8ILWbvxHF7i4VCuuupeWUDCKrGd9wNS4hmg +i7pyKa9b1HAzODfDhBiBXAuTaND0NywlmwVq/GPVAWLcZJcvl2ORliqDfZBzPfiU +lUafz0W54+2DS0ujPbK4 +=99oG +-----END PGP SIGNATURE----- diff --git a/clamav-conf.patch b/clamav-conf.patch index 9b131ca..ddcc254 100644 --- a/clamav-conf.patch +++ b/clamav-conf.patch @@ -151,7 +151,7 @@ -#DatabaseOwner clamav +DatabaseOwner vscan - # Use DNS to verify virus database version. Freshclam uses DNS TXT records + # Use DNS to verify virus database version. FreshClam uses DNS TXT records # to verify database and software versions. With this directive you can change @@ -127,7 +123,7 @@ DatabaseMirror database.clamav.net diff --git a/clamav.changes b/clamav.changes index 1b33905..95d3269 100644 --- a/clamav.changes +++ b/clamav.changes @@ -1,3 +1,40 @@ +------------------------------------------------------------------- +Wed Apr 7 20:05:49 UTC 2021 - Arjen de Korte + +- Update to 0.103.2 + * CVE-2021-1386: Fix for UnRAR DLL load privilege escalation. + Affects 0.103.1 and prior on Windows only. + * CVE-2021-1252: Fix for Excel XLM parser infinite loop. Affects + 0.103.0 and 0.103.1 only. + * CVE-2021-1404: Fix for PDF parser buffer over-read; possible + crash. Affects 0.103.0 and 0.103.1 only. + * CVE-2021-1405: Fix for mail parser NULL-dereference crash. + Affects 0.103.1 and prior. + * Fix possible memory leak in PNG parser. + * Fix ClamOnAcc scan on file-creation race condition so files are + scanned after their contents are written. + * FreshClam: Deprecate the SafeBrowsing config option. The + SafeBrowsing option will no longer do anything. + * For more details, see our blog post from last year about the + future of the ClamAV Safe Browsing database. + * FreshClam: Improved HTTP 304, 403, & 429 handling. + * FreshClam: Added back the mirrors.dat file to the database directory. + * FreshClam will now exit with a failure in daemon mode if an HTTP 403 + (Forbidden) was received, because retrying later won't help any. The + FreshClam user will have to take actions to get unblocked. + * Fix the FreshClam mirror-sync issue where a downloaded database is + "older than the version advertised." +- Update package signing key (from https://www.clamav.net/downloads) + % clamav.keyring + +------------------------------------------------------------------- +Thu Feb 25 13:48:51 UTC 2021 - Arjen de Korte + +- Package clamav-milter in a subpackage +- Remove virus signatures upon uninstall +- Check for database existence before starting clamd +- Restart clamd when it exits + ------------------------------------------------------------------- Tue Feb 9 16:00:25 UTC 2021 - Arjen de Korte @@ -8,6 +45,8 @@ Tue Feb 9 16:00:25 UTC 2021 - Arjen de Korte % clamav-conf.patch - Remove obsolete patch (replaced by SOURCE_DATE_EPOCH) - clamav-disable-timestamps.patch +- Fix unit test + + clamav-ck_assert_msg.patch - Cleanup spec * use pkgconfig() to resolve BuildRequires where upstream uses it * rework creating vscan user (new system-user in Tumbleweed) diff --git a/clamav.keyring b/clamav.keyring index a30b968..98b4a93 100644 --- a/clamav.keyring +++ b/clamav.keyring @@ -1,52 +1,64 @@ -----BEGIN PGP PUBLIC KEY BLOCK----- -mQINBFj3nAABEADRS+B5sv1AnRBvf8dLFd9zuXjFc7e+laeTKcGUKhM4AV8G2qJU -wfQFu35J8D5PkTit/qCYCpnrcE9gR1tTvhSDy0ekWfNlqzukfLRvL5VuMq08+ebz -3QaQP2lvBzhw5afInLSfu1xjMHdd6048kGUOCGQjBZpNd0tOt0QNfoqTUzAN0Jaq -lWnbjGm2kIxD6gyugG031TCcRE+ck9dxg67KEEXlGNmpUF6GWrozB+tRKt9VP/hc -db/Qyri3DIEI1RJlSJhBrbasSBbSkBaH0mDOQ3NAxfq95/2rY/K0kg1o8YsxVKvz -p1FLE/3Cwxbs81JLtvrrapfmFZFOSahBLyMFDLet7y+m7r8fUMjj7bSeWwIsGcPa -Jh+mYEZOibJkgQcgcFE3vP+Px9mXa99VmD0iVj8wIt4sVGxjKnRr4oWpD4/A3E4+ -KjxKapnrE45WciSjakxtBMl3ltbT3F+D4Tpnq2ijL7pwMlNreeguIeVDFGd+jvYY -m5dGfjmFQhZ29Fp+VDHjhkbDx0JILJF2YRofcml4Z+B3Hwqr1JQetGYiDVOZCEUZ -V4dVmhUBsEfbznXT7+SsV+u34F3IOVs7m0bQb2ty3unlUGmEoP2LVPzWZWHQN4vu -X41e0t+3dZCurMvCLdU2V4XIGCwACAF5WFhx9xPmZdmSAYjIjRKu3KSy1QARAQAB +mQINBGBjkiwBEADgJTEabt5zCareK9pJJswGU62smrq3uOaaDhtgztj3bxRY/UGT +jypxMee1S/fGWQZQy52lFOXLud5gFC5QU8Yk+7EAsh2ZJSKtWUw8/iMxZ4vsrKVV +QQRLTqMUY16R6/8UzdIT/hD6CbgWgiXF4NH5AGleNqjkF4TXrGof0AK0veekZYJV +WWStqJR/cIiG0nxDQ87RWfeZgrULZmA8uii22po7rGGzxT0byb83dKK+7IoJ/6B/ +ZlI0PmzuJ9/Xp6Mmm//sdPEqRwedt2aGrvtdF79xYJ1tDhOVMpID0aPdURBwlliq +fyKGaIUEa1ke+Dy7sQF8i3zY7ce6PZOtbsts9xsJLvF98VhRsFy0vProPv1mVbiU +PoxxPTnyLeGUm27amIMl4NfX4a8Hdu+ExzKprqWo3Ir08HQzNt6QoFghDIpi9nm4 +k327CJzJv/g2dq5kY/KU6wFHbdH3zP7u+p9DDqKJYFebPCvwM1hMxPdLqemTsfob +kJ4iXcAXjpMqwXX9m0lyQcRHdIdc99yyCUMdPNfapLgY7rOahsS16795/5KSrCuF +h2RcoAWUjh6sGjgGIY4Hy1qQwp3t6X/L6TOhDkBDWId5bTKFR9NqrVprOVsUutbs +0TOqLyH4GXCpE9vzg8DX7FTdRiCTpbyQ7VuSxRN/vAyVRP4chrABNfvh/QARAQAB tDtUYWxvcyAoVGFsb3MsIENpc2NvIFN5c3RlbXMgSW5jLikgPHJlc2VhcmNoQHNv -dXJjZWZpcmUuY29tPokCPQQTAQoAJwUCWPecAAIbAwUJB4YfgAULCQgHAwUVCgkI -CwUWAgMBAAIeAQIXgAAKCRDxP54WvKW/rQZnD/9xWiC/y9JEsbHnsNrzGosGQxsp -QSxgDcHUM0hjuhfpxDyaT/bm/qJcHWDLh7c/WiL0B1b9bGaj/soSn5ZSKaSAyThF -S48uG0q1rFlr2E/vP4ExZacLLndRHD4oaR/glp+NLsB60skz2b70IazSfm4uvKE0 -Wb7EgXm3exyJxS2vht51xLvPxj+VY7rVVJ7oQKMgv+Z9wMUj9kwbb7V/ytoYUVgG -N0aJ7tzuyOk2DeZ/0Mh4swEQ5QQE9X2KREOAfcrfpnyV8vIrTnwSian6KstuoAN9 -Ux+tqXS9SmexTaILqwXi0C1k7Loy5GDIKxwQHYI5xJ4eQbJNTGWTbGzQDd8VLRN4 -9yy0DYrayfTenWvsnBhS27X/dKitZVT90vKlqEaEMYRXV2d6Bu9Hq/USv1+AAFBB -MMi/9UBf3NHI3egNp//OkUReiusUImiq7TEBYSXmpVJ5L8SbDiahZ+YUzJHkd5u+ -j6BLNybj9kGilGRf3IsRqcu1BNvO8pqE/GkwDpDXXQWgfOykTflCROK32Nz4+asr -0y5Q73MiifkqTD0f/bDsryHtzGM+EIg81FcUCrtAHf/K9JDephwXstrhXue9Uupp -Arg/iHXXOcxR0ThrrRN+Fx10/5e2ALrVely5ZNZVhuvxg6EKzwJdnyw6IivJB/27 -IvlaaeLwpFaVgHgXIbkCDQRY95wAARAAqH5sChZORId5RJv3PQWmFZwLAIWaj0Zy -7QQnUvJecAi0doQe2w4fGTZOSfOX4LxPVgHkc59omPnDs30sVp8YiGt4luSLvQ49 -OhKUtPW6Z5B3UxTdbZCF1zs8t3tkHkGjxwfbhoZKdyrJvVQ7tz2l7lxiSI6x65I7 -v/+auTUc+ihskSSCvm6XeX3ekKOWJ96pnLItC1Pvh2bd4BOW4swSlXZ2k1/p1c2G -5vC7bFwUJbb67Y9wPJl0nCCBzZCfAtgMmKieq51rvtJ/83CNf8P7dMmZbRwUp4fN -xLPrvocDAJn3drfoKV3eX3st5M7SODKIF2gglXIQwYb1h/IJSRap9tgktOQVBBuy -tI6n1zo2Ga5kRK06tX/NBVRQI8we8WR8ePVkg0bZYIo1EKNa89xjTwQXqrbmvs7F -VSpsV2zMtMu6zDtJBcAGW+1feo7m1kL5ZGR4Dl3rbdImq2AdAt2TRfisZYmYAQyw -hIa7eNted2Bxs4KWrgwHgkk1ljjn/wF3InyKXnySPIpW2LT+kRWS0KujIDeiZTp5 -tAQP2qfL2mFcStyeBSqDW6s725a2oYv74yCycbbYSD3nxjruWrYVjF01/MKoSx5o -BFRkN7/n4hIpvcSlIzmmFPocbZCRTP9+4Miewq7e9ASnx+vxFpelBZTM1Oe+DZdB -zEvTjbqK698AEQEAAYkCJQQYAQoADwUCWPecAAIbDAUJB4YfgAAKCRDxP54WvKW/ -rQELEACGWflvcVbhmeSAbJqZNRcUGHQ0o2YMEHptErs0f6KVhBlI6Ouc37VHJgH0 -Vu75o5C/aagNghMPdAKCGf4DbYcBd8FzM7EHZspMcG5/rrE9zX9zYlcdD8KAN5Nm -ZZQz6+htMzD6ROdJWjkdnIpZvAb/6weSpj9ZI1hAhMr+2+kU13fUk70x2cWGMVsT -LpTjOo4ad0Qec5/s4MZ7enGz34DJLLCIzcA3K2S6AxO4cucord6onIkgikDq0LvX -RfMp18n+0vlEk6msuhSYAi04iPAS/mbYCpsuNMQefF6LJmICMpn2Vm4TOW6GMIa9 -lilC0oodVYYCKvhdXWB1MRoO5axnxSrNNLm8s7pxR5NzRvLxBiBxVqAJuw4rvFxN -4BZ5M1JSZWu2Rcz+xeh/szXRmWUbLScr4hwQRBSi2efiqPYjkWmxk8MJ5pHvwNK1 -DO33H3btRriWK7RZYRYq2Bjpuo8iGevgZ5pyiJkX1p72UehkC6ogGgW2ULgolIUa -LkZivq7Z2vICdouOKAhA2/QaQG0mA7O7RdOLWPX7EH720e4yqUPH9Hxv95EAeYkr -4Zg38cdiIevqjwUOwjMpxtIAj3ol+OvBFbiqJW5PICm7vi5HMIXuwQ6aIgSVDfic -Tjaszr4bkQdr3OpqhR4+ZN5/BAKY4IIzMmvF6v1X8s9DtzjFFg== -=rmWe +dXJjZWZpcmUuY29tPokCPgQTAQIAKAUCYGOSLAIbAwUJA8JnAAYLCQgHAwIGFQgC +CQoLBBYCAwECHgECF4AACgkQYJsCTys+3QfbLg//eZ0yCLr957FtztVlLIHYLpJn +LIl8m+hu3KeUTIwvMoCLiw48cWqFZaJS9PTmrraSj5SKMDnAYFl4O0fhHfQiWDjb +sZ32hQni1PcqxoXqSnkXD7mXjcPH2WuNnQM5WZoAD2VmksqRT57I/K2omW/sjaVe +Nbq3GSOy8WThibswxzioDHtTPFa0/Ah2qq8OkcVJuTwCS1xkLijJc3jx/pOBHWFA +BA4VX5pwcSou/woJ+ySsgBGEo5hOsd0r7h3a0O8EiuGulHTqQt87rVWGv0JKhnub +FULr/ld8+d1zGvJL3OzFG6udjWjw3QqsLDZa94G1ksZWgqr/RgexlSYuxPW+lKUC +QkgotLaEKQC4cpBLRcJEjWyrf4IjoJvkFrUtPsVH9VStICUQATyXARNVWbnJHq3Y +qynCXSB4NZvdo9BF6Tx3FA+ZUjK4/X/UsjL/Hmv99huBctQsWL7gQCoSw9YOt4qs +/As6fgPaNpYb9woJqNMEQNmrhfnnX9PGaM5dM769/E5vF67mkhBNqVJ0+4gyrpTU +T7Pmavrc3T4aSSde8eG6zSlmW8wM5xELfK5TeTexBKGAaDV8c2BkfenRO8OvBSvr +Gz+Xp/YzO9uGUPnbMsTVtxClmzmEj/MVpvtRdEo+dbVOSy8nk3XCu7jMjpojggPv +YQ+4CZYxYpW1T2hSFxGJAhwEEAECAAYFAmBjkn0ACgkQ8T+eFrylv628FA/7BEZI +mkl9Poxf1Omdzq+AGa5/1mnJ39jobc+wMBBww2baJX0YnYcZX0xfm5db/SaWbK7y +EGWRnMAG0qt32zE3lwrLAlMcJ4a5RuSIIob1FDHXZ0YE0196FBJqsnMoheV6s9FL +W5wj0Yhsbjo88MyhQrbHwnaZZ86EIdXlx3lcjSNStdMtzikBNFDQGb80OFMDU3Ab +c0epVagX7tYI4vTHS1IK6SJ+E+UdXPN3Ci5HHvA9dMp6GRwTYgbvMwkjH7bPD47b +/gOvAUj5+34p4dN7Lvy8VTvRiTGsk7EpY1zUibmjjpZbonH+wZu/hp7mPbUExtzC +2tZ6TES7lAq+vDlrg0rJuMDAJTemICBwd3waeEdPtNIBycfTf1qKevarrQPByeM9 +Cghw0PIh9Z5woNOoeTdvoyLm4kRSUqqPpAHiqgnC3nVVZc//NdeuoDDcstgYqsoK +bSqW/1xfFjAE5f+a5uuu3I+6oVF83e+fLCuoVr0l1jdGx8jEo0F0TiP7qJ4HE9zs +HsfQ8A7rlQFDU/DXQibrwVioVsVbX4D3cYTAQ3hwZHFZ4yF79fnyQuVis8dVjw0b +w42rD0enmlxJ8MdZ6Xuq9pu74fQhH9vPhX5sUFU9uXmvYdeHm3IaP3U59y7Azapt ++Rf7YvmXTCsfH9Rlw1MZKHfOFoMozqJs7sqDfGi5Ag0EYGOSLAEQAM5kdheiwStz +nKiaIWaO+0PBA8bAv2xG7qW/Di85xdcH9miHZM9+lx/iZoOBC9wZC9eatV4Hcukf +f700a/LGZSYVDvHvdEWbTv6ZwvHzbxuc1Kv8cLYopRUfOAwMYOmXriMLxVmd3fcf +PNsfPRqfkaZRdkm7qTbPDeKpSL157HbUG64Eej3cOViq49Hy9L6jtfjtZVxX7Oav +jnEpyezG6qSIAkvD6O7JYg3yfkr4sa44qohq9lDfjWpoXMebu0WsIyW11hm+7KMr +BMHjlNgXppu0+ryeKfQiFjPDBd9aflnHy2e8aHef9S5349thNGzjV3TNMV6A6oAN +2XQ7pgj5DTwMZtHFCjdEHIyfGCAgQQL0/MaFzKwuw/l/m31smZgItAZXYY1xoC2g +h7LTPZ/3t2VVVof4TNXDc+pUNgY6bwPBksuhsX8qsldDr5q3jdHZsjlycpL38Z4E +ZNg3BqxJlVseB395ZOQ6FCtHGh6rpsYQZDj1QWcUyev8NHSbSNRMS2/Nn5bT3KgE +WEWrmOxp3iMmunBqmnt2/xJ83PKRTbSKgcG+Y/+DtnleHpRueRUPC/5XX0DNznSj +F10vAh4XtBKGBNaHU9VvnMXlYeJ9kCMdSs7cM4FfLFMtPkFwpDYhvQRAEwt11RV6 +bGo5ZCgGrHGIBlNk6ZSO1hP15hUtkWU7ABEBAAGJAiUEGAECAA8FAmBjkiwCGwwF +CQPCZwAACgkQYJsCTys+3QfI7Q//Sb2yotfcsG5Q2FkHRBE85su01c6pewImV9bo +fNhATSQ37yVHUDrchm+kY6Pq5Tdgg+eAMcYz2yv9JhFxJyzgI0viQrkjD7oXeRTG +Z0CvzxHhTakAOADXAnYtwmJglEBTCCbUZ968kQkdBxEaUjVWPCMyIceRr8kUfiCj +X51+DLESy8b5lOBhprO6vDukk/rmDruIpJPhJ3f89gsp2Ry7gk7a5ENIuVEElLK6 +OPBZhC3dDZwsvm5CYb62+U/b1xtmElpgGbNJCjxvAZiJ0WN2zfBXan+SJ4I9NFUw +9jvSURvDV24s4YPhkbZuOIqQEEYF8QMZ1VJlsr7BoWIXrdKDNJbmEVyx3UiYXKD1 +BVXCQADPu8G8EPuo4yAfWymJAOJbAqNF2Op6+sC7/v8Xcgc3PGGyu23cZwikfCAg +V+beywTPI5+eVV5F/rpxXOlvNxT0NOg3UOeQ9GvCbD5ZcuDzmhqso0eMABeq5K5X +B12xlWNaTZsIt8Dim4uKaKMGeB+6iygkHITbay0sMUo0dX6nT27bjX5dTBo/vnVA +PYuCS6rh8ojalR1fYFKA1zdeSaJ2EW5KmgC9yedylSbHdQ+LjSY3t/Ut4RYaekID +eGmVoQkJkL7gIAs8NOYwG3ayr0AtmeMagAMy94NH5ufVgFk+QPmXpzS7rMLQ3Is1 +ZOuWNrQ= +=NP/0 -----END PGP PUBLIC KEY BLOCK----- diff --git a/clamav.spec b/clamav.spec index 13e20e9..e3f1071 100644 --- a/clamav.spec +++ b/clamav.spec @@ -19,7 +19,7 @@ %bcond_with clammspack %bcond_with valgrind Name: clamav -Version: 0.103.1 +Version: 0.103.2 Release: 0 Summary: Antivirus Toolkit License: GPL-2.0-only @@ -54,6 +54,7 @@ BuildRequires: pkgconfig(check) BuildRequires: pkgconfig(libpcre2-8) >= 10.30 BuildRequires: pkgconfig(ncurses) BuildRequires: pkgconfig(zlib) +Recommends: %{name}-milter = %{version} # # Workaround to keep "make check" from using an existing libclamav # instead of the just built one. This should rather be fixed @@ -89,6 +90,19 @@ provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats. +%package milter +Summary: ClamAV Milter compatible mail scanner +Group: Productivity/Security +Requires: %{name} = %{version} + +%description milter +ClamAV-milter is a filter for sendmail(1) mail server. It uses a +mail scanning engine built into clamd(8). ClamAV-milter can use +load balancing and fault tolerant techniques to connect to more +than one clamd(8) server and seamlessly hot-swap to even the load +between different machines and to keep scanning for viruses even +when a server goes down. + %package -n libclamav9 Summary: ClamAV antivirus engine runtime Group: System/Libraries @@ -207,19 +221,36 @@ make check VG=1 %if 0%{?suse_version} > 1500 %pre %else + %pre -f vscan.pre %endif -%service_add_pre clamd.service clamav-milter.service +%service_add_pre clamd.service %post %tmpfiles_create %{_tmpfilesdir}/clamav.conf -%service_add_post clamd.service clamav-milter.service +%service_add_post clamd.service %preun -%service_del_preun clamd.service clamav-milter.service +if [ $1 -eq 0 ]; then + # package will be uninstalled + rm -f %{_localstatedir}/lib/clamav/* +fi +%service_del_preun clamd.service %postun -%service_del_postun clamd.service clamav-milter.service +%service_del_postun clamd.service + +%pre milter +%service_add_pre clamav-milter.service + +%post milter +%service_add_post clamav-milter.service + +%preun milter +%service_del_preun clamav-milter.service + +%postun milter +%service_del_postun clamav-milter.service %if 0%{?suse_version} > 1500 %ldconfig_scriptlets -n libclamav9 @@ -241,16 +272,37 @@ make check VG=1 %files %license COPYING* %doc docs/html/* -%config(noreplace) %{_sysconfdir}/*.conf -#systemd... -%{_bindir}/* -%{_sbindir}/* -%{_mandir}/man?/* +%config(noreplace) %{_sysconfdir}/clamd.conf +%config(noreplace) %{_sysconfdir}/freshclam.conf +%{_bindir}/clamav-config +%{_bindir}/clambc +%{_bindir}/clamconf +%{_bindir}/clamdscan +%{_bindir}/clamdtop +%{_bindir}/clamscan +%{_bindir}/clamsubmit +%{_bindir}/freshclam +%{_bindir}/sigtool +%{_sbindir}/clamd +%{_sbindir}/clamonacc +%{_sbindir}/rcclamd +%{_sbindir}/rcfreshclam +%{_mandir}/man1/clambc.1%{?ext_man} +%{_mandir}/man1/clamconf.1%{?ext_man} +%{_mandir}/man1/clamdscan.1%{?ext_man} +%{_mandir}/man1/clamdtop.1%{?ext_man} +%{_mandir}/man1/clamscan.1%{?ext_man} +%{_mandir}/man1/clamsubmit.1%{?ext_man} +%{_mandir}/man1/freshclam.1%{?ext_man} +%{_mandir}/man1/sigtool.1%{?ext_man} +%{_mandir}/man5/clamd.conf.5%{?ext_man} +%{_mandir}/man5/freshclam.conf.5%{?ext_man} +%{_mandir}/man8/clamd.8%{?ext_man} +%{_mandir}/man8/clamonacc.8%{?ext_man} %{_tmpfilesdir}/* %{_unitdir}/clamd.service %{_unitdir}/freshclam.service %{_unitdir}/freshclam.timer -%{_unitdir}/clamav-milter.service %defattr(-,vscan,vscan) %dir %{_localstatedir}/lib/clamav %if 0%{?suse_version} <= 1500 @@ -258,6 +310,14 @@ make check VG=1 %endif %ghost %attr(755,vscan,vscan) /run/clamav +%files milter +%config(noreplace) %{_sysconfdir}/clamav-milter.conf +%{_unitdir}/clamav-milter.service +%{_sbindir}/clamav-milter +%{_sbindir}/rcclamav-milter +%{_mandir}/man5/clamav-milter.conf.5%{?ext_man} +%{_mandir}/man8/clamav-milter.8%{?ext_man} + %files -n libclamav9 %{_libdir}/libclam*.so.9* diff --git a/service.clamd b/service.clamd index 17b222d..e0035bd 100644 --- a/service.clamd +++ b/service.clamd @@ -1,12 +1,16 @@ [Unit] -Description=Clamav antivirus Deamon -After=network.target freshclam.service -Requires=freshclam.service +Description=Clam AntiVirus userspace daemon +Documentation=man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/ +After=network.target +# Check for database existence +ConditionPathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc} +ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc} [Service] Type=forking ExecStart=/usr/sbin/clamd TimeoutStartSec=5min +Restart=always ExecReload=/bin/kill -USR2 $MAINPID ;User=vscan ;Group=vscan diff --git a/service.freshclam b/service.freshclam index 6cd2625..32df4de 100644 --- a/service.freshclam +++ b/service.freshclam @@ -1,6 +1,7 @@ [Unit] -Description=Freshclam virus definitions downloader -After=network-online.target +Description=Clam AntiVirus database updater +Documentation=man:freshclam(1) man:freshclam.conf(5) https://www.clamav.net/documents/ +After=network-online.target nss-lookup.target Wants=network-online.target [Service] diff --git a/timer.freshclam b/timer.freshclam index ad3c904..cc884d7 100644 --- a/timer.freshclam +++ b/timer.freshclam @@ -2,6 +2,7 @@ Description=Timer for freshclam virus definitions downloader [Timer] +OnBootSec=5m OnUnitActiveSec=2h Persistent=true