Accepting request 37394 from security

Copy from security/clamav based on submit request 37394 from user rmax OBS-URL: https://build.opensuse.org/request/show/37394 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/clamav?expand=0&rev=28
2010-04-08 20:11:51 +00:00 · 2010-04-08 20:11:51 +00:00 · bf0ca320aa
commit bf0ca320aa
parent 3544b4f20f
6 changed files with 96 additions and 38 deletions
--- a/clamav-0.95.3.tar.bz2
+++ b/clamav-0.95.3.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:2c089f2ea6debb74cc6eefca1e96c77ba23f94e5f3e7ad6b7940ede3fc17e489
-size 26756338
--- a/clamav-0.96.tar.bz2
+++ b/clamav-0.96.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:81129038a9a91db2032d871f795c3eccf49f5c61b8f2dcd02967cc52a3826713
+size 38070750
--- a/clamav-conf.patch
+++ b/clamav-conf.patch
@ -1,4 +1,6 @@
--- etc/clamav-milter.conf
+Index: etc/clamav-milter.conf
+===================================================================
+--- etc/clamav-milter.conf.orig
 +++ etc/clamav-milter.conf
@@ -2,10 +2,6 @@
 ## Example config file for clamav-milter
@ -11,7 +13,7 @@
 ##
 ## Main options
 ##
-@@ -17,8 +13,7 @@
+@@ -17,8 +13,7 @@ Example
 # inet6:port@[hostname|ip-address] - to specify an ipv6 socket
 #
 # Default: no default
@ -19,9 +21,9 @@
 -#MilterSocket inet:7357
 +MilterSocket /var/lib/clamav/clamav-milter-socket
 
- # Remove stale socket after unclean shutdown.
- #
-@@ -28,7 +23,7 @@
+ # Define the group ownership for the (unix) milter socket.
+ # Default: disabled (the primary group of the user running clamd)
+@@ -36,7 +31,7 @@ Example
 # Run as another user (clamav-milter must be started by root for this option to work)
 #
 # Default: unset (don't drop privileges)
@ -30,7 +32,7 @@
 
 # Initialize supplementary group access (clamav-milter must be started by root).
 #
-@@ -56,7 +51,7 @@
+@@ -64,7 +59,7 @@ Example
 # daemon (main thread).
 #
 # Default: disabled
@ -39,7 +41,7 @@
 
 # Optional path to the global temporary directory.
 # Default: system specific (usually /tmp or /var/tmp).
-@@ -82,7 +77,7 @@
+@@ -90,7 +85,7 @@ Example
 # with the same socket: clamd servers will be selected in a round-robin fashion.
 #
 # Default: no default
@ -48,7 +50,7 @@
 
 
 ##
-@@ -193,13 +188,13 @@
+@@ -222,13 +217,13 @@ Example
 # Use system logger (can work together with LogFile).
 #
 # Default: no
@ -64,7 +66,9 @@
 
 # Enable verbose logging.
 #
--- etc/clamd.conf
+Index: etc/clamd.conf
+===================================================================
+--- etc/clamd.conf.orig
 +++ etc/clamd.conf
@@ -1,12 +1,8 @@
 ##
@ -80,7 +84,7 @@
 # Uncomment this option to enable logging.
 # LogFile must be writable for the user running daemon.
 # A full path is required.
-@@ -40,12 +36,12 @@
+@@ -40,12 +36,12 @@ Example
 
 # Use system logger (can work together with LogFile).
 # Default: no
@ -95,7 +99,7 @@
 
 # Enable verbose logging.
 # Default: no
-@@ -54,7 +50,7 @@
+@@ -54,7 +50,7 @@ Example
 # This option allows you to save a process identifier of the listening
 # daemon (main thread).
 # Default: disabled
@ -104,16 +108,16 @@
 
 # Optional path to the global temporary directory.
 # Default: system specific (usually /tmp or /var/tmp).
-@@ -69,7 +65,7 @@
+@@ -73,7 +69,7 @@ Example
 
 # Path to a local socket file the daemon will listen on.
 # Default: disabled (must be specified by a user)
-LocalSocket /tmp/clamd.socket
+-#LocalSocket /tmp/clamd.socket
 +LocalSocket /var/lib/clamav/clamd-socket
 
- # Remove stale socket after unclean shutdown.
- # Default: yes
-@@ -77,14 +73,14 @@
+ # Sets the group ownership on the unix socket.
+ # Default: disabled (the primary group of the user running clamd)
+@@ -89,14 +85,14 @@ Example
 
 # TCP port address.
 # Default: no
@ -130,7 +134,7 @@
 
 # Maximum length the queue of pending connections may grow to.
 # Default: 15
-@@ -147,7 +143,7 @@
+@@ -183,7 +179,7 @@ Example
 
 # Run as another user (clamd must be started by root for this option to work)
 # Default: don't drop privileges
@ -139,10 +143,10 @@
 
 # Initialize supplementary group access (clamd must be started by root).
 # Default: no
-@@ -395,6 +391,10 @@
- ##
- 
- # Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running.
+@@ -420,6 +416,10 @@ Example
+ # Enable Clamuko. Dazuko must be configured and running. Clamuko supports
+ # both Dazuko (/dev/dazuko) and DazukoFS (/dev/dazukofs.ctrl). DazukoFS
+ # is the preferred option. For more information please visit www.dazuko.org
 +#
 +# When enabling this, you most probably have to set "User root" above,
 +# so that clamav can access the files to be scanned.
@ -150,7 +154,9 @@
 # Default: no
 #ClamukoScanOnAccess yes
 
--- etc/freshclam.conf
+Index: etc/freshclam.conf
+===================================================================
+--- etc/freshclam.conf.orig
 +++ etc/freshclam.conf
@@ -1,12 +1,8 @@
 ##
@ -166,7 +172,7 @@
 # Path to the database directory.
 # WARNING: It must match clamd.conf's directive!
 # Default: hardcoded (depends on installation options)
-@@ -34,21 +30,21 @@
+@@ -34,21 +30,21 @@ Example
 
 # Use system logger (can work together with UpdateLogFile).
 # Default: no
@ -192,7 +198,7 @@
 
 # Initialize supplementary group access (freshclam must be started by root).
 # Default: no
-@@ -111,7 +107,7 @@
+@@ -111,7 +107,7 @@ DatabaseMirror database.clamav.net
 
 # Send the RELOAD command to clamd.
 # Default: no
@ -201,7 +207,7 @@
 
 # Run command after successful database update.
 # Default: disabled
-@@ -148,7 +144,7 @@
+@@ -148,7 +144,7 @@ DatabaseMirror database.clamav.net
 # detected in the field and in what geographic area they are.
 # This feature requires LogTime and LogFile to be enabled in clamd.conf.
 # Default: no
--- a/clamav-sles9.patch
+++ b/clamav-sles9.patch
@ -1,6 +1,8 @@
--- clamav-milter/clamfi.c
+Index: clamav-milter/clamfi.c
+===================================================================
+--- clamav-milter/clamfi.c.orig
 +++ clamav-milter/clamfi.c
-@@ -89,16 +89,11 @@
+@@ -90,16 +90,11 @@ static void add_x_header(SMFICTX *ctx, c
 	while(status)
 	    if(smfi_chgheader(ctx, (char *)"X-Virus-Status", status--, NULL) != MI_SUCCESS)
 		logg("^Failed to remove existing X-Virus-Status header\n");
--- a/clamav.changes
+++ b/clamav.changes
@ -1,3 +1,47 @@
+-------------------------------------------------------------------
+Wed Apr  7 19:17:05 CEST 2010 - max@suse.de
+
+- ClamAV 0.96 introduces new malware detection mechanisms and
+  other significant improvements to the scan engine.
+  The key features are:
+
+  * The Bytecode Interpreter: the interpreter built into LibClamAV
+    allows the signature writers to create and distribute very
+    complex detection routines and remotely enhance the scanner’s
+    functionality.
+
+  * Heuristic improvements: improve the PE heuristics detection
+    engine by adding support of bogus icons and fake PE header
+    information. In a nutshell, ClamAV can now detect malware that
+    tries to disguise itself as a harmless application by using
+    the most common Windows program icons.
+
+  * Signature Improvements: logical signature improvements to
+    allow more detailed matching and referencing groups of
+    signatures. Additionally, improvements to wildcard matching on
+    word boundaries and newlines.
+
+  * Support for new archives: 7zip, InstallShield and CPIO.
+    LibClamAV can now transparently unpack and inspect their
+    contents.
+
+  * Support for new executable file formats: 64-bit ELF files and
+    OS X Universal Binaries with Mach-O files. Additionally, the
+    PE module can now decompress and inspect executables packed
+    with UPX 3.0.
+
+  * Support for DazukoFS in clamd
+
+  * Performance improvements: overall performance improvements and
+    memory optimizations for a better overall resource utilization
+    experience.
+
+-------------------------------------------------------------------
+Thu Mar 11 16:21:19 CET 2010 - max@suse.de
+
+- New version: 0.96rc1
+- Added gcc-c++ to BuildRequires to enable the JIT compiler.
+
 -------------------------------------------------------------------
 Tue Feb  9 14:29:29 CET 2010 - prusnak@suse.cz

--- a/clamav.spec
+++ b/clamav.spec
@ -1,5 +1,5 @@
 #
-# spec file for package clamav (Version 0.95.3)
+# spec file for package clamav (Version 0.96)
 #
 # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@ -15,7 +15,6 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #

-# norootforbuild


 Name:           clamav
@ -24,14 +23,16 @@ BuildRequires:  ncurses-devel sed sendmail sendmail-devel
 BuildRequires:  bc pkgconfig zlib-devel
 %endif
 %if 0%{?suse_version} >= 1030
-BuildRequires:  check-devel pwdutils
+BuildRequires:  check-devel pwdutils python
 %define clamav_check --enable-check
 %else
 %define clamav_check --disable-check
 %endif
+# Needed for the JIT bytecode compiler
+BuildRequires:  gcc-c++
 Summary:        Antivirus Toolkit
-Version:        0.95.3
-Release:        2
+Version:        0.96
+Release:        1
 License:        GPLv2
 Group:          Productivity/Security
 Url:            http://www.clamav.net
@ -100,7 +101,7 @@ License:        BSD3c(or similar) ; GPLv2+ ; LGPLv2.1+ ; Public Domain, Freeware
 Group:          Productivity/Security
 Summary:        Virus Database for ClamAV
 PreReq:         clamav sed /bin/cp /usr/bin/awk /bin/rm
-%if 0%{?suse_version} >= 1120
+%if 0%{?suse_version} > 1120
 BuildArch:      noarch
 %endif

@ -127,8 +128,10 @@ Authors:
 %build
 %if 0%{?suse_version} >= 1010
 CFLAGS="-fstack-protector"
+CXXFLAGS="-fstack-protector"
 %endif
-export CFLAGS="%optflags -fno-strict-aliasing $CFLAGS"
+export CFLAGS="%optflags $CFLAGS"
+export CXXFLAGS="%optflags $CXXFLAGS"
 %if 0%{?suse_version} == 0910
 # SLES9 needs this macro to enable the quarantine feature in libmilter
 CFLAGS="$CFLAGS -D_FFR_QUARANTINE -D_FFR_SMFI_OPENSOCKET"
@ -145,7 +148,10 @@ CFLAGS="$CFLAGS -D_FFR_QUARANTINE -D_FFR_SMFI_OPENSOCKET"
 	--with-group=vscan \
 	--enable-milter \
 	%clamav_check \
-	--disable-zlib-vcheck
+	--disable-zlib-vcheck \
+	--enable-llvm \
+	--enable-clamdtop
+
 make %{?jobs:-j%jobs}

 %check