Accepting request 929179 from security

OBS-URL: https://build.opensuse.org/request/show/929179
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/clamav?expand=0&rev=114

clamav-0.103.3.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9f6e3d18449f3d1a3992771d696685249dfa12736fe2b2929858f2c7d8276ae9
-size 13389239

clamav-0.103.3.tar.gz.sig

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIcBAABAgAGBQJg0JhdAAoJEGCbAk8rPt0HftoP/jPXSxEc6xwiMLeNpnUeOLv0
-MImj+riqMUaRFaKVb0j9Gsw3iW0e/2BmlAyTgPjp/+4m/q17YT6tY1gBu2V4x2eA
-thW0FW/RoAe6aqYEgKQrXMBft+tnK8qX4TeSLeVSXED00y8REHfeqGmmd9COKzkN
-AJdCE8k2Af3zbYFsTTg28T5aZk4UsTs/whJVpUX1y/dLiPRljCPXGxA+Wg/DjIZm
-p4dTwNfym5R+lzJTyp7HgNNQcCYZZeXpRF3pkmX1FZ+HjlQY6SfRkR01M/Zuljgj
-wjJq65zWzPq0UT0suOveDuu0+hgESj/J/0s4BmTKphq3gOTLrzDjdCduHpxWtCrN
-r82WcWe1eAoCX8qZXlnG1rrJJ3A69sRuZ1YOSa52xkJ6ewmL6BLyyJ3O+f76kyiK
-0X40W5Pcz7wMiNqG+UvOMc79Py8RjOVkOzKo0+ACPTl1ZsYe60xPKwF4sp3sSfrr
-V40DsS6WS/1j+qgDICagJDniep0ZvqdPZIH6DjbfNdIn1/XKBgx4RSLPDTDaNqM5
-nL16rlpCMos1r8yhlwsqCgP0BRx2duuiz0S05blrfF+gh+SNPuaev0W6DTgn+9cR
-z1Qr8T7aUoXl0pb/M2F1qWuUPJv+lIE1ol08dhzTa4VN3QaE+Qm5VG7WsLKbDVeX
-aCuquIBImOG+ERh7Fusg
-=jaU1
------END PGP SIGNATURE-----

clamav-0.103.4.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:def0ad15500fa6aff81d8e68b9f83aa75ee5b607a01335c1d26dbcc959932f85
+size 16425023

clamav-0.103.4.tar.gz.sig

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAABAgAGBQJhgZyJAAoJEGCbAk8rPt0H7AMQAJ7wxx96nMvhTGkxSAen/BZa
+fHFrF0eof2x5DZc7e7fXV7OoHAQ78dftGIey2pqu0qPtONxPo1ZyBClHP4sWFdV2
+NlVExiKSzB2wOw1nGJN2CYnNI1uFRm3jzxZP2fhfcUnpL1spuWKAAKUZqyKxIRIa
+j4jBc+Gu9F+svBwIyZZk9ga+W4U04oNafsgTtZJoZ7Rf3uWujws6Zy98hMeuO71I
+cI6UF1nb4TBSYj2OgXYY+bl8qvhswzcjYCT+OHDXLXqCgcNxSEcK6vcgyRcCfBJQ
+YPYQc0uziG+BzaOLxjHZMpIzbCo2SBRtyluH16Fddy2DJmMrgpuOPNeaeAHFW5uM
+OK0dEUleYuBKpbQxHVDQC6Qw5xSqtVXdfAyYQJ/p7k9fCFbsLxx8HGVSEoqE6jEH
+dwe7mCNfKrlQSxQSJaRZKaAsqDAd+2zxkUYuT6IP0dXFzeoihwvuppPmBvEwErDV
+4OgnZC2Aw6LHIYqjvQWTyxd1euL7UUoeNel3nLZwZ0EmnhJ3C5RIp97MUHM+vOWY
+EIyxx93GKHZWM18WOxXPV87Lt7YCIo1QOUQVbhapmKRGOYFq8bu/75LFlpKwebnw
+MOljABOb1td7qqsYy30awp7bGiqni2dXXRA5eHwl5q+11776BP4yERIUDNJbG++M
+kuhICU7B1d21gl5MwFuw
+=CJWI
+-----END PGP SIGNATURE-----

clamav.changes

@@ -1,3 +1,66 @@
+-------------------------------------------------------------------
+Wed Nov  3 20:52:19 UTC 2021 - Arjen de Korte <suse+build@de-korte.org>
+
+- Update to 0.103.4
+  * FreshClam:
+    - Add a 24-hour cool-down for FreshClam clients that have received
+      an HTTP 403 (Forbidden) response from the CDN. This is to reduce
+      the volume of 403-response data served to blocked FreshClam
+      clients that are configured with a tight update-loop.
+    - Fixed a bug where FreshClam treats an empty CDIFF as an
+      incremental update failure instead of as an intentional request
+      to download the whole CVD.
+  * ClamDScan: Fix a scan error when broken symlinks are encountered on
+    macOS with "FollowDirectorySymlinks" and "FollowFileSymlinks"
+    options disabled.
+  * Overhauled the scan recursion / nested archive extraction logic and
+    added new limits on embedded file-type recognition performed during
+    the "raw" scan of each file. This limits embedded file-type
+    misidentification and prevents detecting embedded file content that
+    is found/extracted and scanned at other layers in the scanning
+    process.
+  * Fix an issue with the FMap module that failed to read from some
+    nested files.
+  * Fixed an issue where failing to load some rules from a Yara file
+    containing multiple rules may cause a crash.
+  * Fixed assorted compiler warnings.
+  * Fixed assorted Coverity static code analysis issues.
+  * Scan limits:
+    - Added virus-name suffixes to the alerts that trigger when a scan
+      limit has been exceeded. Rather than simply
+      Heuristics.Limits.Exceeded, you may now see limit-specific
+      virus-names, to include:
+      + Heuristics.Limits.Exceeded.MaxFileSize
+      + Heuristics.Limits.Exceeded.MaxScanSize
+      + Heuristics.Limits.Exceeded.MaxFiles
+      + Heuristics.Limits.Exceeded.MaxRecursion
+      + Heuristics.Limits.Exceeded.MaxScanTime
+    - Renamed the Heuristics.Email.ExceedsMax.* alerts to align with
+      the other limit alerts names. These alerts include:
+      + Heuristics.Limits.Exceeded.EmailLineFoldcnt
+      + Heuristics.Limits.Exceeded.EmailHeaderBytes
+      + Heuristics.Limits.Exceeded.EmailHeaders
+      + Heuristics.Limits.Exceeded.EmailMIMEPartsPerMessage
+      + Heuristics.Limits.Exceeded.EmailMIMEArguments
+    - Fixed an issue where the Email-related scan limits would alert
+      even when the "AlertExceedsMax" (--alert-exceeds-max) scan option
+      is not enabled.
+    - Fixes an issue in the Zip parser where exceeding the "MaxFiles"
+      limit or the "MaxFileSize" limit would abort the scan but would
+      fail to alert. The Zip scan limit issues were independently
+      identified and reported by Aaron Leliaert and Max Allan.
+  * Fixed a leak in the Email parser when using the --gen-json scan
+    option.
+  * Fixed an issue where a failure to record metadata in the Email
+    parser when using the --gen-json scan option could cause the Email
+    parser to abort the scan early and fail to extract and scan
+    additional content.
+  * Fixed a file name memory leak in the Zip parser.
+  * Fixed an issue where certain signature patterns may cause a crash or
+    cause unintended matches on some systems when converting characters
+    to uppercase if a UTF-8 unicode single-byte grapheme becomes a
+    multi-byte grapheme. Patch courtesy of Andrea De Pasquale.
+
 -------------------------------------------------------------------
 Mon Jun 21 18:44:32 UTC 2021 - Arjen de Korte <suse+build@de-korte.org>
 

clamav.spec

@@ -19,7 +19,7 @@
 %bcond_with	clammspack
 %bcond_with	valgrind
 Name:           clamav
-Version:        0.103.3
+Version:        0.103.4
 Release:        0
 Summary:        Antivirus Toolkit
 License:        GPL-2.0-only