Accepting request 52039 from security

Accepted submit request 52039 from user rmax

OBS-URL: https://build.opensuse.org/request/show/52039
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/clamav?expand=0&rev=35

clamav-0.96.2.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:8f5e759086e6f7d0be06597310d515c47c5eef9dc071bc34c7d01890f842cfa4
-size 55445748

clamav-0.96.4.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:28ac9d387798cc541126187c8791f95907be36c7b8c9080575f429d369f3998f
+size 41093971

clamav.changes

@@ -1,3 +1,54 @@
+-------------------------------------------------------------------
+Thu Oct 28 16:34:29 CEST 2010 - max@suse.de
+
+- New version: 0.96.4 (bnc#649631):
+  * sigtool/sigtool.c: don't use of sizeof() for malloc'ed buffer
+    (bb#2283)
+  * shared/cdiff.c, sigtool/sigtool.c: fix error path double frees
+    (bb#2280, bb#2281)
+  * See /usr/share/doc/packages/clamav/ChangeLog for the full list
+    of changes.
+
+-------------------------------------------------------------------
+Wed Sep 22 15:32:10 UTC 2010 - max@novell.com
+
+- New version: 0.96.3 (bnc#640812):
+  * libclamav/nsis/bzlib.cld sys: port upstream fixes for
+    CVE-2010-0405, check for buggy bzip2 (bb#2230, bb#2231).
+  * libclamav/pdf.c: Add missing boundscheck to pdf code
+    (bb #2226).
+  * libclamav/c++/bytecode2llvm.cpp: workaround crash due to gcc
+    stack alignment requirements (bb #2270).
+  * libclamav/pdf.c, pe.c, bytecode*: Fix bytecode virusname
+    reporting (bb #2255).
+  * clamav-milter/netcode.c: fix error path fd leak when
+    connection succeeds but ping fails (bb#2259).
+  * libclamav/bytecode.c: properly skip bytecodes with long lines.
+  * unit_tests: add VI unit tests
+  * libclamav: versioninfo hashset was not properly cached
+    (bb#2065).
+  * libclamav/pe.c: add BC_PE_ALL hook (bb #2237).
+  * libclamav/c++/{bytecode2llvm,ClamBCRTChecks}.cpp: avoid false
+    'Verification error' messages (bb #2239).
+  * freshclam/freshclam.c: fix handling of relative paths with
+    --datadir (bb#2240).
+  * clamd/clamd.c: limit RLIMIT_DATA to 2GB on 32-bit processes
+    (bb #1941).
+  * libclamav/regex/regexec.c: fix regex when
+    sizeof(void*) != sizeof(long) (bb #2232).
+  * libclamav/pdf.c: improve handling of pdf objects (bb #2216).
+  * libclamav/pe_icons.c: support special case where icon is
+    encoded as 32bpp but it really carries alpha as a mask... well
+    go figure. (bb#2221)
+  * libclamav/mpool.c: permanently disable debug mode (bb#2222).
+  * libclamav: allow logical sigs to be used as file type sigs
+    (bb#2228).
+  * libclamav/c++/detect.cpp: don't warn on x86_64 vs i386
+    mismatches (bb #2214).
+  * sigtool/sigtool.c: fix EOL matching in --find-sigs (bb#2164).
+  * libclamav/bytecode_detect.c: prevent fclose(NULL) on SELinux
+    (bb #2200).
+
 -------------------------------------------------------------------
 Wed Sep 15 16:27:51 CEST 2010 - max@suse.de
 

clamav.spec

@@ -18,7 +18,7 @@
 
 
 Name:           clamav
-BuildRequires:  libbz2-devel ncurses-devel sed sendmail sendmail-devel
+BuildRequires:  ncurses-devel sed sendmail sendmail-devel
 %define llvm --disable-llvm
 %if 0%{?suse_version} >= 1010
 BuildRequires:  bc pkgconfig zlib-devel
@@ -29,13 +29,14 @@ BuildRequires:  gcc-c++
 %endif
 %endif
 %if 0%{?suse_version} >= 1030
-BuildRequires:  check-devel pwdutils python-devel
+BuildRequires:  check-devel pwdutils python-devel libbz2-devel
 %define clamav_check --enable-check
 %else
+BuildRequires:  bzip2
 %define clamav_check --disable-check
 %endif
 Summary:        Antivirus Toolkit
-Version:        0.96.2
+Version:        0.96.4
 Release:        1
 License:        GPLv2
 Group:          Productivity/Security