Accepting request 125380 from home:AndreasStieger:branches:security

- update to 0.95.5 [bnc#767574]
- addresses possible evasion cases in some archive formats
- CVE-2012-1457: allows to bypass malware detection via a TAR archive
  entry with a length field that exceeds the total TAR file size
- CVE-2012-1458: allows to bypass malware detection via a crafted
  reset interval in the LZXC header of a CHM file
- CVE-2012-1459: allows to bypass malware detection via a TAR archive
  entry with a length field corresponding to that entire entry, plus
  part of the header of the next entry
- also addresses stability issues in portions of the bytecode engine
- update clamav-conf.patch for moved lines
- add a definitions snapshot as {main,daily}.cvd no longer in tarball
- fix file-contains-date-and-time rpmlint warning

OBS-URL: https://build.opensuse.org/request/show/125380
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=62

clamav.changes

@@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Tue Jun 19 00:31:03 UTC 2012 - andreas.stieger@gmx.de
+
+- update to 0.95.5 [bnc#767574]
+- addresses possible evasion cases in some archive formats
+- CVE-2012-1457: allows to bypass malware detection via a TAR archive
+  entry with a length field that exceeds the total TAR file size
+- CVE-2012-1458: allows to bypass malware detection via a crafted
+  reset interval in the LZXC header of a CHM file
+- CVE-2012-1459: allows to bypass malware detection via a TAR archive
+  entry with a length field corresponding to that entire entry, plus
+  part of the header of the next entry
+- also addresses stability issues in portions of the bytecode engine
+- update clamav-conf.patch for moved lines
+- add a definitions snapshot as {main,daily}.cvd no longer in tarball
+- fix file-contains-date-and-time rpmlint warning
+
 -------------------------------------------------------------------
 Sat Mar 17 19:36:17 UTC 2012 - dimstar@opensuse.org