pool/clamav
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/clamav?expand=0&rev=1

Browse Source
This commit is contained in:
OBS User unknown 2007-01-15 23:07:16 +00:00 committed by Git OBS Bridge
commit d3fe1b720d
9 changed files with 1204 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.osc

3
clamav-0.88.7.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:084bb99e7a22a2903a23b600879fa3d529363b4e41767cd4fe08ec477a7f21dc
size 9384613

135
clamav-conf.patch Normal file
View File

@ -0,0 +1,135 @@
--- etc/clamd.conf
+++ etc/clamd.conf
@@ -3,15 +3,11 @@
## Please read the clamd.conf(5) manual before editing this file.
##
-
-# Comment or remove the line below.
-Example
-
# Uncomment this option to enable logging.
# LogFile must be writable for the user running daemon.
# A full path is required.
# Default: disabled
-#LogFile /tmp/clamd.log
+#LogFile /var/log/clamd
# By default the log file is locked for writing - the lock protects against
# running clamd multiple times (if want to run another clamd, please
@@ -40,12 +36,12 @@
# Use system logger (can work together with LogFile).
# Default: disabled
-#LogSyslog
+LogSyslog
# Specify the type of syslog messages - please refer to 'man syslog'
# for facility names.
# Default: LOG_LOCAL6
-#LogFacility LOG_MAIL
+LogFacility LOG_MAIL
# Enable verbose logging.
# Default: disabled
@@ -54,7 +50,7 @@
# This option allows you to save a process identifier of the listening
# daemon (main thread).
# Default: disabled
-#PidFile /var/run/clamd.pid
+PidFile /var/lib/clamav/clamd.pid
# Optional path to the global temporary directory.
# Default: system specific (usually /tmp or /var/tmp).
@@ -69,7 +65,7 @@
# Path to a local socket file the daemon will listen on.
# Default: disabled
-LocalSocket /tmp/clamd
+#LocalSocket /var/lib/clamav/clamd-socket
# Remove stale socket after unclean shutdown.
# Default: disabled
@@ -77,14 +73,14 @@
# TCP port address.
# Default: disabled
-#TCPSocket 3310
+TCPSocket 3310
# TCP address.
# By default we bind to INADDR_ANY, probably not wise.
# Enable the following to provide some degree of protection
# from the outside world.
# Default: disabled
-#TCPAddr 127.0.0.1
+TCPAddr 127.0.0.1
# Maximum length the queue of pending connections may grow to.
# Default: 15
@@ -141,7 +137,7 @@
# Run as a selected user (clamd must be started by root).
# Default: disabled
-#User clamav
+User vscan
# Initialize supplementary group access (clamd must be started by root).
# Default: disabled
@@ -152,7 +148,7 @@
# Don't fork into background.
# Default: disabled
-#Foreground
+Foreground
# Enable debug messages in libclamav.
# Default: disabled
--- etc/freshclam.conf
+++ etc/freshclam.conf
@@ -4,10 +4,6 @@
## This file may be optionally merged with clamd.conf.
##
-
-# Comment or remove the line below.
-Example
-
# Path to the database directory.
# WARNING: It must match clamd.conf's directive!
# Default: hardcoded (depends on installation options)
@@ -23,21 +19,21 @@
# Use system logger (can work together with UpdateLogFile).
# Default: disabled
-#LogSyslog
+LogSyslog
# Specify the type of syslog messages - please refer to 'man syslog'
# for facility names.
# Default: LOG_LOCAL6
-#LogFacility LOG_MAIL
+LogFacility LOG_MAIL
# This option allows you to save the process identifier of the daemon
# Default: disabled
-#PidFile /var/run/freshclam.pid
+PidFile /var/lib/clamav/freshclam.pid
# By default when started freshclam drops privileges and switches to the
# "clamav" user. This directive allows you to change the database owner.
# Default: clamav (may depend on installation options)
-#DatabaseOwner clamav
+DatabaseOwner vscan
# Initialize supplementary group access (freshclam must be started by root).
# Default: disabled
@@ -82,7 +78,7 @@
# Send the RELOAD command to clamd.
# Default: disabled
-#NotifyClamd
+NotifyClamd
# By default it uses the hardcoded configuration file but you can force an
# another one.
#NotifyClamd /config/file/path

233
clamav-rcclamd Normal file
View File

@ -0,0 +1,233 @@
#! /bin/sh
# Copyright (c) 1995-2003 SuSE Linux AG, Nuernberg, Germany.
# All rights reserved.
#
# Author: Kurt Garloff
# Please send feedback to http://www.suse.de/feedback/
#
# /etc/init.d/clamd
# and its symbolic link
# /(usr/)sbin/rcclamd
#
#
# LSB compatible service control script; see http://www.linuxbase.org/spec/
#
# Note: This template uses functions rc_XXX defined in /etc/rc.status on
# UnitedLinux (UL) based Linux distributions. If you want to base your
# script on this template and ensure that it works on non UL based LSB
# compliant Linux distributions, you either have to provide the rc.status
# functions from UL or change the script to work without them.
#
### BEGIN INIT INFO
# Provides: clamd
# Required-Start: $syslog $remote_fs
# Required-Stop: $syslog $remote_fs
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: virus scanner daemon
# Description: Start the clamd virus scanner daemon
### END INIT INFO
#
# Any extensions to the keywords given above should be preceeded by
# X-VendorTag- (X-UnitedLinux- for us) according to LSB.
#
# Notes on Required-Start/X-UnitedLinux-Should-Start:
# * There are two different issues that are solved by Required-Start
# and X-UnitedLinux-Should-Start
# (a) Hard dependencies: This is used by the runlevel editor to determine
# which services absolutely need to be started to make the start of
# this service make sense. Example: nfsserver should have
# Required-Start: $portmap
# Also, required services are started before the dependent ones.
# The runlevel editor will warn about such missing hard dependencies
# and suggest enabling. During system startup, you may expect an error,
# if the dependency is not fulfilled.
# (b) Specifying the init script ordering, not real (hard) dependencies.
# This is needed by insserv to determine which service should be
# started first (and at a later stage what services can be started
# in parallel). The tag X-UnitedLinux-Should-Start: is used for this.
# It tells, that if a service is available, it should be started
# before. If not, never mind.
# * When specifying hard dependencies or ordering requirements, you can
# use names of services (contents of their Provides: section)
# or pseudo names starting with a $. The following ones are available
# according to LSB (1.1):
# $local_fs all local file systems are mounted
# (most services should need this!)
# $remote_fs all remote file systems are mounted
# (note that /usr may be remote, so
# many services should Require this!)
# $syslog system logging facility up
# $network low level networking (eth card, ...)
# $named hostname resolution available
# $netdaemons all network daemons are running
# The $netdaemons pseudo service has been removed in LSB 1.2.
# For now, we still offer it for backward compatibility.
# These are new (LSB 1.2):
# $time the system time has been set correctly
# $portmap SunRPC portmapping service available
# UnitedLinux extensions:
# $ALL indicates that a script should be inserted
# at the end
# * The services specified in the stop tags
# (Required-Stop/X-UnitedLinux-Should-Stop)
# specify which services need to be still running when this service
# is shut down. Often the entries there are just copies or a subset
# from the respective start tag.
# * X-UnitedLinux-Should-Start/Stop are not part of LSB (as of 1.3)
# but official Should-Start/Stop tags are in discussion (1.9).
# insserv does support these as well.
# * X-UnitedLinux-Default-Enabled: yes/no is used at installation time
# (%fillup_and_insserv macro in %post of many RPMs) to specify whether
# a startup script should default to be enabled after installation.
# It's not used by insserv.
#
# Note on runlevels:
# 0 - halt/poweroff 6 - reboot
# 1 - single user 2 - multiuser without network exported
# 3 - multiuser w/ network (text mode) 5 - multiuser w/ network and X11 (xdm)
#
# Note on script names:
# http://www.linuxbase.org/spec/refspecs/LSB_1.3.0/gLSB/gLSB/scrptnames.html
# A registry has been set up to manage the init script namespace.
# http://www.lanana.org/
# Please use the names already registered or register one or use a
# vendor prefix.
# Check for missing binaries (stale symlinks should not happen)
# Note: Special treatment of stop for LSB conformance
CLAMD_BIN=/usr/sbin/clamd
test -x $CLAMD_BIN || { echo "$CLAMD_BIN not installed";
if [ "$1" = "stop" ]; then exit 0;
else exit 5; fi; }
CLAMD_DB=/var/lib/clamav/main.cvd
CLAMD_PIDFILE=/var/lib/clamav/clamd.pid
# Source LSB init functions
# providing start_daemon, killproc, pidofproc,
# log_success_msg, log_failure_msg and log_warning_msg.
# This is currently not used by UnitedLinux based distributions and
# not needed for init scripts for UnitedLinux only. If it is used,
# the functions from rc.status should not be sourced or used.
#. /lib/lsb/init-functions
# Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v be verbose in local rc status and clear it afterwards
# rc_status -v -r ditto and clear both the local and overall rc status
# rc_status -s display "skipped" and exit with status 3
# rc_status -u display "unused" and exit with status 3
# rc_failed set local and overall rc status to failed
# rc_failed <num> set local and overall rc status to <num>
# rc_reset clear both the local and overall rc status
# rc_exit exit appropriate to overall rc status
# rc_active checks whether a service is activated by symlinks
# rc_splash arg sets the boot splash screen to arg (if active)
. /etc/rc.status
# Reset status of this service
rc_reset
# Return values acc. to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - user had insufficient privileges
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
# 8--199 - reserved (8--99 LSB, 100--149 distrib, 150--199 appl)
#
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signaling is not supported) are
# considered a success.
case "$1" in
start)
echo -n "Starting Clam AntiVirus daemon "
# Check if there is a virus definition file
if ! test -f $CLAMD_DB ; then
echo ""
echo " Virus definition file $CLAMD_DB is missing."
echo " Either install the clamav-db package or run freshclam "
echo -n " to get the virus definitions."
rc_failed 6
else
## Start daemon with startproc(8). If this fails
## the return value is set appropriately by startproc.
startproc -q -p $CLAMD_PIDFILE $CLAMD_BIN
fi
# Remember status and be verbose
rc_status -v
;;
stop)
echo -n "Shutting down Clam AntiVirus daemon "
## Stop daemon with killproc(8) and if this fails
## killproc sets the return value according to LSB.
killproc -p $CLAMD_PIDFILE -TERM $CLAMD_BIN
# Remember status and be verbose
rc_status -v
;;
try-restart | condrestart)
## Do a restart only if the service was active before.
## Note: try-restart is now part of LSB (as of 1.9).
## RH has a similar command named condrestart.
if test "$1" = "condrestart"; then
echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}"
fi
$0 status
if test $? = 0; then
$0 restart
else
rc_reset # Not running is not a failure.
fi
# Remember status and be quiet
rc_status
;;
restart)
## Stop the service and regardless of whether it was
## running or not, start it again.
$0 stop
$0 start
# Remember status and be quiet
rc_status
;;
reload | force-reload)
## Signal the daemon to reload its config.
echo -n "Reloading Clam AntiVirus daemon "
checkproc -p $CLAMD_PIDFILE $CLAMD_BIN && echo RELOAD > /dev/tcp/127.0.0.1/3310
rc_status -v
;;
status)
echo -n "Checking for Clam AntiVirus daemon "
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
# Return value is slightly different for the status command:
# 0 - service up and running
# 1 - service dead, but /var/run/ pid file exists
# 2 - service dead, but /var/lock/ lock file exists
# 3 - service not running (unused)
# 4 - service status unknown :-(
# 5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.)
# NOTE: checkproc returns LSB compliant status values.
checkproc -p $CLAMD_PIDFILE $CLAMD_BIN
# NOTE: rc_status knows that we called this init script with
# "status" option and adapts its messages accordingly.
rc_status -v
;;
*)
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}"
exit 1
;;
esac
rc_exit

227
clamav-rcfreshclam Normal file
View File

@ -0,0 +1,227 @@
#! /bin/sh
# Copyright (c) 1995-2003 SuSE Linux AG, Nuernberg, Germany.
# All rights reserved.
#
# Author: Kurt Garloff
# Please send feedback to http://www.suse.de/feedback/
#
# /etc/init.d/freshclam
# and its symbolic link
# /(usr/)sbin/rcfreshclam
#
#
# LSB compatible service control script; see http://www.linuxbase.org/spec/
#
# Note: This template uses functions rc_XXX defined in /etc/rc.status on
# UnitedLinux (UL) based Linux distributions. If you want to base your
# script on this template and ensure that it works on non UL based LSB
# compliant Linux distributions, you either have to provide the rc.status
# functions from UL or change the script to work without them.
#
### BEGIN INIT INFO
# Provides: freshclam
# Required-Start: $syslog $remote_fs
# X-UnitedLinux-Should-Start: $time ypbind sendmail
# Required-Stop: $syslog $remote_fs
# X-UnitedLinux-Should-Stop: $time ypbind sendmail
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: virus scanner daemon
# Description: Start the freshclam virus database update daemon
### END INIT INFO
#
# Any extensions to the keywords given above should be preceeded by
# X-VendorTag- (X-UnitedLinux- for us) according to LSB.
#
# Notes on Required-Start/X-UnitedLinux-Should-Start:
# * There are two different issues that are solved by Required-Start
# and X-UnitedLinux-Should-Start
# (a) Hard dependencies: This is used by the runlevel editor to determine
# which services absolutely need to be started to make the start of
# this service make sense. Example: nfsserver should have
# Required-Start: $portmap
# Also, required services are started before the dependent ones.
# The runlevel editor will warn about such missing hard dependencies
# and suggest enabling. During system startup, you may expect an error,
# if the dependency is not fulfilled.
# (b) Specifying the init script ordering, not real (hard) dependencies.
# This is needed by insserv to determine which service should be
# started first (and at a later stage what services can be started
# in parallel). The tag X-UnitedLinux-Should-Start: is used for this.
# It tells, that if a service is available, it should be started
# before. If not, never mind.
# * When specifying hard dependencies or ordering requirements, you can
# use names of services (contents of their Provides: section)
# or pseudo names starting with a $. The following ones are available
# according to LSB (1.1):
# $local_fs all local file systems are mounted
# (most services should need this!)
# $remote_fs all remote file systems are mounted
# (note that /usr may be remote, so
# many services should Require this!)
# $syslog system logging facility up
# $network low level networking (eth card, ...)
# $named hostname resolution available
# $netdaemons all network daemons are running
# The $netdaemons pseudo service has been removed in LSB 1.2.
# For now, we still offer it for backward compatibility.
# These are new (LSB 1.2):
# $time the system time has been set correctly
# $portmap SunRPC portmapping service available
# UnitedLinux extensions:
# $ALL indicates that a script should be inserted
# at the end
# * The services specified in the stop tags
# (Required-Stop/X-UnitedLinux-Should-Stop)
# specify which services need to be still running when this service
# is shut down. Often the entries there are just copies or a subset
# from the respective start tag.
# * X-UnitedLinux-Should-Start/Stop are not part of LSB (as of 1.3)
# but official Should-Start/Stop tags are in discussion (1.9).
# insserv does support these as well.
# * X-UnitedLinux-Default-Enabled: yes/no is used at installation time
# (%fillup_and_insserv macro in %post of many RPMs) to specify whether
# a startup script should default to be enabled after installation.
# It's not used by insserv.
#
# Note on runlevels:
# 0 - halt/poweroff 6 - reboot
# 1 - single user 2 - multiuser without network exported
# 3 - multiuser w/ network (text mode) 5 - multiuser w/ network and X11 (xdm)
#
# Note on script names:
# http://www.linuxbase.org/spec/refspecs/LSB_1.3.0/gLSB/gLSB/scrptnames.html
# A registry has been set up to manage the init script namespace.
# http://www.lanana.org/
# Please use the names already registered or register one or use a
# vendor prefix.
# Check for missing binaries (stale symlinks should not happen)
# Note: Special treatment of stop for LSB conformance
FRESHCLAM_BIN=/usr/bin/freshclam
test -x $FRESHCLAM_BIN || {
echo "$FRESHCLAM_BIN not installed";
if [ "$1" = "stop" ]; then exit 0;
else exit 5; fi;
}
FRESHCLAM_PIDFILE=/var/lib/clamav/freshclam.pid
# Source LSB init functions
# providing start_daemon, killproc, pidofproc,
# log_success_msg, log_failure_msg and log_warning_msg.
# This is currently not used by UnitedLinux based distributions and
# not needed for init scripts for UnitedLinux only. If it is used,
# the functions from rc.status should not be sourced or used.
#. /lib/lsb/init-functions
# Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v be verbose in local rc status and clear it afterwards
# rc_status -v -r ditto and clear both the local and overall rc status
# rc_status -s display "skipped" and exit with status 3
# rc_status -u display "unused" and exit with status 3
# rc_failed set local and overall rc status to failed
# rc_failed <num> set local and overall rc status to <num>
# rc_reset clear both the local and overall rc status
# rc_exit exit appropriate to overall rc status
# rc_active checks whether a service is activated by symlinks
# rc_splash arg sets the boot splash screen to arg (if active)
. /etc/rc.status
# Reset status of this service
rc_reset
# Return values acc. to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - user had insufficient privileges
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
# 8--199 - reserved (8--99 LSB, 100--149 distrib, 150--199 appl)
#
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signaling is not supported) are
# considered a success.
case "$1" in
start)
echo -n "Starting Clam AntiVirus database update daemon "
# Check if there is a virus definition file
startproc -p $FRESHCLAM_PIDFILE $FRESHCLAM_BIN -d
# Remember status and be verbose
rc_status -v
;;
stop)
echo -n "Shutting down Clam AntiVirus database update daemon "
## Stop daemon with killproc(8) and if this fails
## killproc sets the return value according to LSB.
killproc -p $FRESHCLAM_PIDFILE -TERM $FRESHCLAM_BIN
# Remember status and be verbose
rc_status -v
;;
try-restart | condrestart)
## Do a restart only if the service was active before.
## Note: try-restart is now part of LSB (as of 1.9).
## RH has a similar command named condrestart.
if test "$1" = "condrestart"; then
echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}"
fi
$0 status
if test $? = 0; then
$0 restart
else
rc_reset # Not running is not a failure.
fi
# Remember status and be quiet
rc_status
;;
restart)
## Stop the service and regardless of whether it was
## running or not, start it again.
$0 stop
$0 start
# Remember status and be quiet
rc_status
;;
reload | force-reload)
## Signal the daemon to reload its config.
echo -n "Reloading Clam AntiVirus database update daemon "
checkproc -p $FRESHCLAM_PIDFILE $FRESHCLAM_BIN &&
killproc -p $FRESHCLAM_PIDFILE -HUP $FRESHCLAM_BIN
rc_status -v
;;
status)
echo -n "Checking for Clam AntiVirus database update daemon "
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
# Return value is slightly different for the status command:
# 0 - service up and running
# 1 - service dead, but /var/run/ pid file exists
# 2 - service dead, but /var/lock/ lock file exists
# 3 - service not running (unused)
# 4 - service status unknown :-(
# 5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.)
# NOTE: checkproc returns LSB compliant status values.
checkproc -p $FRESHCLAM_PIDFILE $FRESHCLAM_BIN
# NOTE: rc_status knows that we called this init script with
# "status" option and adapts its messages accordingly.
rc_status -v
;;
*)
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}"
exit 1
;;
esac
rc_exit

272
clamav.changes Normal file
View File

@ -0,0 +1,272 @@
-------------------------------------------------------------------
Tue Dec 12 12:20:34 CET 2006 - max@suse.de
- Security update: 0.88.7 (#227827, CVE-2006-5874)
- handle consecutive errors in base64 decoding
- honour recursion limit when scanning email messages
- clamscan: new option --mail-max-recursion
- libclamav/untar.c: honour archive limits
-------------------------------------------------------------------
Tue Nov 7 15:58:32 CET 2006 - max@suse.de
- Add homedir of user vscan to the package (FATE300731).
-------------------------------------------------------------------
Mon Nov 6 12:17:53 CET 2006 - max@suse.de
- Bugfix release: 0.88.6 (#218313)
- freshclam: apply timeout patch from Everton da Silva Marques
(new options: ConnectTimeout and ReceiveTimeout)
- clamd: change stack size at the right place (closes bug#103)
- libclamav/petite.c: sanity check the number of rebuilt sections
(speeds up handling of malformed files)
-------------------------------------------------------------------
Tue Oct 17 15:26:12 CEST 2006 - max@suse.de
- Bugfix release 0.88.5 fixes two serious security issues.
#212898, CVE-2006-4182, CVE-2006-5295
-------------------------------------------------------------------
Tue Aug 8 11:02:28 CEST 2006 - lnussel@suse.de
- New version 0.88.4 fixes heap overflow in UPX decoder
-------------------------------------------------------------------
Thu Jul 6 16:02:15 CEST 2006 - max@suse.de
- Bugfix release 0.88.3:
- fix possible false matches of alternatives
- Large binhex files were not being handled gracefully.
- fix zero allocation warning
- Added bc and pkgconfig to BuildRequires to fix curl version
detection.
- Prevent a file conflict on the database files when main and db
packages of different versions are installed.
- Renamed clamav.conf to clamd.conf for SLES9.
- Added the db subpackage to SLES9.
- Bugzilla: 190647
-------------------------------------------------------------------
Tue May 2 11:31:54 CEST 2006 - max@suse.de
- New version: 0.88.2
- Fixes a buffer overflow in freshclam's get_database function
(CVE-2006-1989, Bug #171496).
-------------------------------------------------------------------
Mon Apr 10 10:26:49 CEST 2006 - meissner@suse.de
- Fixed several implicit warnings which lead to failures
on 64bit platforms.
-------------------------------------------------------------------
Tue Apr 5 14:50:00 CEST 2006 - max@suse.de
- New version: 0.88.1, fixes several security issues:
CVE-2006-1614, CVE-2006-1615, CVE-2006-1630, bug #164039.
-------------------------------------------------------------------
Thu Feb 9 15:30:43 CET 2006 - max@suse.de
- Removed unneeded dependencies from the init script to break a
dependency loop.
-------------------------------------------------------------------
Wed Jan 25 21:35:02 CET 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
-------------------------------------------------------------------
Sat Jan 14 13:08:57 CET 2006 - kukuk@suse.de
- Add gmp-devel to nfb
-------------------------------------------------------------------
Thu Jan 12 16:53:26 CET 2006 - max@suse.de
- Added gcc-4.1 stack protection (-fstack-protector).
-------------------------------------------------------------------
Mon Jan 9 19:41:07 CET 2006 - max@suse.de
- New version: 0.88 (Bug #142298).
-------------------------------------------------------------------
Mon Nov 7 17:44:21 CET 2005 - lnussel@suse.de
- Security update: version 0.87.1 (#132305, CVE-2005-3239,
CVE-2005-3303)
-------------------------------------------------------------------
Mon Sep 19 12:18:45 CEST 2005 - max@suse.de
- New version: 0.87 (bug #117648).
-------------------------------------------------------------------
Mon Jul 25 12:22:09 CEST 2005 - max@suse.de
- New version: 0.86.2
-------------------------------------------------------------------
Thu Jul 14 17:37:09 CEST 2005 - max@suse.de
- New version: 0.86.1
-------------------------------------------------------------------
Tue Jun 21 15:33:53 CEST 2005 - max@suse.de
- New version: 0.86
-------------------------------------------------------------------
Tue May 17 11:21:27 CEST 2005 - max@suse.de
- New version: 0.85.1 (Bug #81264).
-------------------------------------------------------------------
Wed May 11 18:28:03 CEST 2005 - max@suse.de
- New version: 0.85 (Bug #81264).
-------------------------------------------------------------------
Tue May 3 11:33:01 CEST 2005 - max@suse.de
- New version: 0.84 (Bug #81264).
- Added and special-cased the patch that is needed for 9.1/SLES9.
-------------------------------------------------------------------
Fri Mar 11 16:34:24 CET 2005 - max@suse.de
- Fixed %doc file list (wildcards matched too much).
-------------------------------------------------------------------
Mon Feb 28 14:31:56 CET 2005 - max@suse.de
- New version: 0.83
-------------------------------------------------------------------
Mon Feb 7 16:45:47 CET 2005 - max@suse.de
- New version: 0.82
-------------------------------------------------------------------
Thu Jan 27 12:22:11 CET 2005 - max@suse.de
- New version: 0.81
-------------------------------------------------------------------
Thu Nov 11 14:56:06 CET 2004 - max@suse.de
- pkgconfig files go to libdir rather than /usr/lib.
-------------------------------------------------------------------
Thu Nov 11 11:02:01 CET 2004 - coolo@suse.de
- fixing file list for debug packages
-------------------------------------------------------------------
Wed Nov 3 15:38:26 CET 2004 - max@suse.de
- Fixed path to freshclam in init script, and rcfreshclam link.
-------------------------------------------------------------------
Mon Oct 18 17:36:31 CEST 2004 - max@suse.de
- Updated to the final 0.80 release.
- Added a runlevel script for freshclam.
-------------------------------------------------------------------
Mon Oct 11 18:39:37 CEST 2004 - max@suse.de
- Updated to 0.80rc4.
-------------------------------------------------------------------
Wed Sep 29 15:04:36 CEST 2004 - max@suse.de
- Updated to 0.80rc3. The README says:
"This release candidate eliminates possible false positive alerts
in UPX/FSG compressed files and clarifies behaviour of default
actions in clamd and freshclam."
- This also eliminates the need to patch configure.in in order to
recognize resolv.
-------------------------------------------------------------------
Thu Sep 23 15:54:11 CEST 2004 - max@suse.de
- Updated to 0.80rc2 which fixes a critical bug in the handling of
empty lines in text/plain emails.
- Build with curl support.
- Fixed building of shared libraries instead of static.
- Removed unneeded %run_ldconfig calls.
- Fixed file lists.
- Check for main.cvd instead of daily.cvd on daemon startup.
-------------------------------------------------------------------
Mon Sep 20 17:44:02 CEST 2004 - max@suse.de
- Updated to version 0.80rc which adds support for more file
formats, and HTML parsing. See the README file for details.
- Added a warning to the init script if no virus database is
installed.
-------------------------------------------------------------------
Thu Aug 5 10:38:15 CEST 2004 - max@suse.de
- New version: 0.75.1
- Moved the virus database files into a subpackage, as they are
large and not needed if the database is kept up to date with
freshclam.
-------------------------------------------------------------------
Fri Jul 23 15:37:13 CEST 2004 - max@suse.de
- New version: 0.75
-------------------------------------------------------------------
Thu Jul 8 19:31:41 CEST 2004 - max@suse.de
- Added -fno-strict-aliasing to CFLAGS.
-------------------------------------------------------------------
Mon Jul 5 17:12:50 CEST 2004 - max@suse.de
- New version: 0.74
-------------------------------------------------------------------
Tue Jun 15 17:06:58 CEST 2004 - max@suse.de
- New version: 0.73
-------------------------------------------------------------------
Mon Apr 26 18:17:35 CEST 2004 - max@suse.de
- New version: 0.70
- Changes the format of the virus definition file.
-------------------------------------------------------------------
Mon Feb 16 16:01:01 CET 2004 - max@suse.de
- New version: 0.67
- Added support for tcpd (/etc/hosts.{allow,deny}).
- Obsoletes clamav-manager.patch.
-------------------------------------------------------------------
Fri Feb 13 18:26:01 CET 2004 - max@suse.de
- New version: 0.66
- Fixes a remote DoS vulnerability (Bug #34412).
-------------------------------------------------------------------
Tue Jan 27 12:19:51 CET 2004 - max@suse.de
- New package: ClamAV Anti-Virus Toolkit

310
clamav.spec Normal file
View File

@ -0,0 +1,310 @@
#
# spec file for package clamav (Version 0.88.7)
#
# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
# package are under the same license as the package itself.
#
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
Name: clamav
%if 0%{?suse_version} >= 1010 || 0%{!?suse_version:1}
BuildRequires: bc curl-devel gmp-devel pkgconfig tcpd-devel
%endif
Summary: Antivirus Toolkit
Version: 0.88.7
Release: 1
License: GNU General Public License (GPL)
Group: Productivity/Security
URL: http://www.clamav.net
Requires: latex2html-pngicons
Obsoletes: clamav-db < 0.88.3
Prereq: /usr/sbin/groupadd /usr/sbin/useradd
Source0: %{name}-%{version}.tar.bz2
Source1: clamav-rcclamd
Source2: clamav-rcfreshclam
Patch1: %name-conf.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
Clam AntiVirus is an antivirus toolkit for UNIX. The main purpose of
this software is the integration with mail servers (attachment
scanning). The package provides a flexible and scalable multithreaded
daemon, a command line scanner, and a tool for automatic updating via
the Internet. It can be used in conjunction with AMaViSD-new and
Postfix to provide a combined e-mail filter for spam and viruses.
Authors:
--------
Tomasz Kojm
Nigel Horne
%package db
Group: Productivity/Security
Summary: Virus Database for ClamAV
Prereq: clamav sed
%description db
This package contains a snapshot of the virus description database for
ClamAV. It is not needed if you use freshclam to keep your virus
database up to date.
Authors:
--------
Tomasz Kojm
Nigel Horne
%prep
%setup -q
%patch1
%build
%if %suse_version >= 1010
SP="-fstack-protector"
%endif
export CFLAGS="%optflags -fno-strict-aliasing $SP"
./configure \
--prefix=%_prefix \
--libdir=%_libdir \
--mandir=%_mandir \
--sysconfdir=%_sysconfdir \
--disable-clamav \
--disable-static \
--with-dbdir=/var/lib/clamav \
--with-user=vscan \
--with-group=vscan \
--with-tcpwrappers \
--with-libcurl \
--disable-zlib-vcheck
make %{?jobs:-j%jobs}
make check
%install
rm -rf %buildroot
%makeinstall
mkdir -p %buildroot/etc/init.d
install -m755 %{SOURCE1} %buildroot/etc/init.d/clamd
ln -s /etc/init.d/clamd %buildroot/usr/sbin/rcclamd
install -m755 %{SOURCE2} %buildroot/etc/init.d/freshclam
ln -s /etc/init.d/freshclam %buildroot/usr/sbin/rcfreshclam
touch %buildroot/var/lib/clamav/{clamd,freshclam}.pid
for f in %buildroot/var/lib/clamav/*.cvd; do
mv $f $f.dist
touch $f
done
mkdir -p %buildroot/var/spool/amavis
%clean
rm -rf %buildroot
%files
%defattr(-,root,root,-)
%config(noreplace) %_sysconfdir/*.conf
%config %attr(744,root,root)/etc/init.d/*
%doc AUTHORS BUGS ChangeLog COPYING FAQ INSTALL NEWS README TODO UPGRADE
%doc docs/*.pdf docs/html
%doc %_mandir/*/*
%_bindir/*
%_sbindir/*
%_includedir/*
%_libdir/lib*
%_libdir/pkgconfig/libclamav.pc
%defattr(-,vscan,vscan)
%dir %attr(700,vscan,root) /var/spool/amavis
%dir /var/lib/clamav
%ghost /var/lib/clamav/*.pid
%ghost /var/lib/clamav/*.cvd
%files db
%defattr(-,vscan,vscan)
%dir /var/lib/clamav
/var/lib/clamav/*.cvd.dist
%pre
/usr/sbin/groupadd -r vscan 2> /dev/null || :
/usr/sbin/useradd -r -o -g vscan -u 65 -s /bin/false -c "Vscan account" -d /var/spool/amavis vscan 2> /dev/null || :
/usr/sbin/usermod vscan -g vscan 2> /dev/null || :
%triggerpostun -- %name < 0.88.3
# Move clamav.conf to clamd.conf when updating from an old version
# and inform the admin about the rename.
cd /etc
if test -e clamav.conf.rpmsave -a ! -e clamd.conf.rpmnew; then
mv clamd.conf clamd.conf.rpmnew
mv clamav.conf.rpmsave clamd.conf
cat > clamav.conf <<-EOF
# clamd.conf has been renamed to clamav.conf.
# This file can be removed.
EOF
%restart_on_update clamd
fi
%preun
%stop_on_removal clamd freshclam
%postun
%restart_on_update clamd freshclam
%insserv_cleanup
%post db
# determine the version number of a given database file
getversion() {
if test -f "$1"; then
/usr/bin/sigtool -i "$1" | sed -n '/^Version: /s///gp'
else
# a non-existing file is assumed to have version 0
echo 0
fi
}
cd /var/lib/clamav
for distfile in {main,daily}.cvd.dist; do
datafile=${distfile%.dist}
if test $(getversion $distfile) -gt $(getversion $datafile); then
cp -a $distfile $datafile
fi
done
%changelog -n clamav
* Tue Dec 12 2006 - max@suse.de
- Security update: 0.88.7 (#227827, CVE-2006-5874)
- handle consecutive errors in base64 decoding
- honour recursion limit when scanning email messages
- clamscan: new option --mail-max-recursion
- libclamav/untar.c: honour archive limits
* Tue Nov 07 2006 - max@suse.de
- Add homedir of user vscan to the package (FATE300731).
* Mon Nov 06 2006 - max@suse.de
- Bugfix release: 0.88.6 (#218313)
- freshclam: apply timeout patch from Everton da Silva Marques
(new options: ConnectTimeout and ReceiveTimeout)
- clamd: change stack size at the right place (closes bug#103)
- libclamav/petite.c: sanity check the number of rebuilt sections
(speeds up handling of malformed files)
* Tue Oct 17 2006 - max@suse.de
- Bugfix release 0.88.5 fixes two serious security issues.
[#212898], CVE-2006-4182, CVE-2006-5295
* Tue Aug 08 2006 - lnussel@suse.de
- New version 0.88.4 fixes heap overflow in UPX decoder
* Thu Jul 06 2006 - max@suse.de
- Bugfix release 0.88.3:
- fix possible false matches of alternatives
- Large binhex files were not being handled gracefully.
- fix zero allocation warning
- Added bc and pkgconfig to BuildRequires to fix curl version
detection.
- Prevent a file conflict on the database files when main and db
packages of different versions are installed.
- Renamed clamav.conf to clamd.conf for SLES9.
- Added the db subpackage to SLES9.
- Bugzilla: 190647
* Tue May 02 2006 - max@suse.de
- New version: 0.88.2
- Fixes a buffer overflow in freshclam's get_database function
(CVE-2006-1989, Bug #171496).
* Mon Apr 10 2006 - meissner@suse.de
- Fixed several implicit warnings which lead to failures
on 64bit platforms.
* Wed Apr 05 2006 - max@suse.de
- New version: 0.88.1, fixes several security issues:
CVE-2006-1614, CVE-2006-1615, CVE-2006-1630, bug #164039.
* Thu Feb 09 2006 - max@suse.de
- Removed unneeded dependencies from the init script to break a
dependency loop.
* Wed Jan 25 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
* Sat Jan 14 2006 - kukuk@suse.de
- Add gmp-devel to nfb
* Thu Jan 12 2006 - max@suse.de
- Added gcc-4.1 stack protection (-fstack-protector).
* Mon Jan 09 2006 - max@suse.de
- New version: 0.88 (Bug #142298).
* Mon Nov 07 2005 - lnussel@suse.de
- Security update: version 0.87.1 (#132305, CVE-2005-3239,
CVE-2005-3303)
* Mon Sep 19 2005 - max@suse.de
- New version: 0.87 (bug #117648).
* Mon Jul 25 2005 - max@suse.de
- New version: 0.86.2
* Thu Jul 14 2005 - max@suse.de
- New version: 0.86.1
* Tue Jun 21 2005 - max@suse.de
- New version: 0.86
* Tue May 17 2005 - max@suse.de
- New version: 0.85.1 (Bug #81264).
* Wed May 11 2005 - max@suse.de
- New version: 0.85 (Bug #81264).
* Tue May 03 2005 - max@suse.de
- New version: 0.84 (Bug #81264).
- Added and special-cased the patch that is needed for 9.1/SLES9.
* Fri Mar 11 2005 - max@suse.de
- Fixed %%doc file list (wildcards matched too much).
* Mon Feb 28 2005 - max@suse.de
- New version: 0.83
* Mon Feb 07 2005 - max@suse.de
- New version: 0.82
* Thu Jan 27 2005 - max@suse.de
- New version: 0.81
* Thu Nov 11 2004 - max@suse.de
- pkgconfig files go to libdir rather than /usr/lib.
* Thu Nov 11 2004 - coolo@suse.de
- fixing file list for debug packages
* Wed Nov 03 2004 - max@suse.de
- Fixed path to freshclam in init script, and rcfreshclam link.
* Mon Oct 18 2004 - max@suse.de
- Updated to the final 0.80 release.
- Added a runlevel script for freshclam.
* Mon Oct 11 2004 - max@suse.de
- Updated to 0.80rc4.
* Wed Sep 29 2004 - max@suse.de
- Updated to 0.80rc3. The README says:
"This release candidate eliminates possible false positive alerts
in UPX/FSG compressed files and clarifies behaviour of default
actions in clamd and freshclam."
- This also eliminates the need to patch configure.in in order to
recognize resolv.
* Thu Sep 23 2004 - max@suse.de
- Updated to 0.80rc2 which fixes a critical bug in the handling of
empty lines in text/plain emails.
- Build with curl support.
- Fixed building of shared libraries instead of static.
- Removed unneeded %%run_ldconfig calls.
- Fixed file lists.
- Check for main.cvd instead of daily.cvd on daemon startup.
* Mon Sep 20 2004 - max@suse.de
- Updated to version 0.80rc which adds support for more file
formats, and HTML parsing. See the README file for details.
- Added a warning to the init script if no virus database is
installed.
* Thu Aug 05 2004 - max@suse.de
- New version: 0.75.1
- Moved the virus database files into a subpackage, as they are
large and not needed if the database is kept up to date with
freshclam.
* Fri Jul 23 2004 - max@suse.de
- New version: 0.75
* Thu Jul 08 2004 - max@suse.de
- Added -fno-strict-aliasing to CFLAGS.
* Mon Jul 05 2004 - max@suse.de
- New version: 0.74
* Tue Jun 15 2004 - max@suse.de
- New version: 0.73
* Mon Apr 26 2004 - max@suse.de
- New version: 0.70
- Changes the format of the virus definition file.
* Mon Feb 16 2004 - max@suse.de
- New version: 0.67
- Added support for tcpd (/etc/hosts.{allow,deny}).
- Obsoletes clamav-manager.patch.
* Fri Feb 13 2004 - max@suse.de
- New version: 0.66
- Fixes a remote DoS vulnerability (Bug #34412).
* Tue Jan 27 2004 - max@suse.de
- New package: ClamAV Anti-Virus Toolkit

0
ready Normal file
View File