clamav

pool/clamav

SHA256

Fork 1

Commit Graph

Author	SHA256	Message	Date
Reinhard Max	b6dec3dc1b	Accepting request 883689 from home:adkorte - Update to 0.103.2 * CVE-2021-1386: Fix for UnRAR DLL load privilege escalation. Affects 0.103.1 and prior on Windows only. * CVE-2021-1252: Fix for Excel XLM parser infinite loop. Affects 0.103.0 and 0.103.1 only. * CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. Affects 0.103.0 and 0.103.1 only. * CVE-2021-1405: Fix for mail parser NULL-dereference crash. Affects 0.103.1 and prior. * Fix possible memory leak in PNG parser. * Fix ClamOnAcc scan on file-creation race condition so files are scanned after their contents are written. * FreshClam: Deprecate the SafeBrowsing config option. The SafeBrowsing option will no longer do anything. * For more details, see our blog post from last year about the future of the ClamAV Safe Browsing database. * FreshClam: Improved HTTP 304, 403, & 429 handling. * FreshClam: Added back the mirrors.dat file to the database directory. * FreshClam will now exit with a failure in daemon mode if an HTTP 403 (Forbidden) was received, because retrying later won't help any. The FreshClam user will have to take actions to get unblocked. * Fix the FreshClam mirror-sync issue where a downloaded database is "older than the version advertised." - Update package signing key (from https://www.clamav.net/downloads) % clamav.keyring - Package clamav-milter in a subpackage - Remove virus signatures upon uninstall - Check for database existence before starting clamd - Restart clamd when it exits OBS-URL: https://build.opensuse.org/request/show/883689 OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=219	2021-04-08 08:27:46 +00:00
Reinhard Max	50d583a507	Accepting request 871162 from home:adkorte - Don't daemonize freshclam, but use a systemd timer instead to trigger updates + timer.freshclam % service.freshclam % clamav-conf.patch - Remove obsolete patch (replaced by SOURCE_DATE_EPOCH) - clamav-disable-timestamps.patch - Cleanup spec * use pkgconfig() to resolve BuildRequires where upstream uses it * rework creating vscan user (new system-user in Tumbleweed) * remove obsolete configure option --disable-zlib-vcheck OBS-URL: https://build.opensuse.org/request/show/871162 OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=218	2021-02-22 18:54:31 +00:00

Author

SHA256

Message

Date

Reinhard Max

b6dec3dc1b

Accepting request 883689 from home:adkorte

- Update to 0.103.2
  * CVE-2021-1386: Fix for UnRAR DLL load privilege escalation.
    Affects 0.103.1 and prior on Windows only.
  * CVE-2021-1252: Fix for Excel XLM parser infinite loop. Affects
    0.103.0 and 0.103.1 only.
  * CVE-2021-1404: Fix for PDF parser buffer over-read; possible
    crash. Affects 0.103.0 and 0.103.1 only.
  * CVE-2021-1405: Fix for mail parser NULL-dereference crash.
    Affects 0.103.1 and prior.
  * Fix possible memory leak in PNG parser.
  * Fix ClamOnAcc scan on file-creation race condition so files are
    scanned after their contents are written.
  * FreshClam: Deprecate the SafeBrowsing config option. The
    SafeBrowsing option will no longer do anything.
  * For more details, see our blog post from last year about the
    future of the ClamAV Safe Browsing database.
  * FreshClam: Improved HTTP 304, 403, & 429 handling.
  * FreshClam: Added back the mirrors.dat file to the database directory.
  * FreshClam will now exit with a failure in daemon mode if an HTTP 403
    (Forbidden) was received, because retrying later won't help any. The
    FreshClam user will have to take actions to get unblocked.
  * Fix the FreshClam mirror-sync issue where a downloaded database is
    "older than the version advertised."
- Update package signing key (from https://www.clamav.net/downloads)
  % clamav.keyring

- Package clamav-milter in a subpackage
- Remove virus signatures upon uninstall
- Check for database existence before starting clamd
- Restart clamd when it exits

OBS-URL: https://build.opensuse.org/request/show/883689
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=219

2021-04-08 08:27:46 +00:00

Reinhard Max

50d583a507

Accepting request 871162 from home:adkorte

- Don't daemonize freshclam, but use a systemd timer instead to
  trigger updates
  + timer.freshclam
  % service.freshclam
  % clamav-conf.patch
- Remove obsolete patch (replaced by SOURCE_DATE_EPOCH)
  - clamav-disable-timestamps.patch
- Cleanup spec
  * use pkgconfig() to resolve BuildRequires where upstream uses it
  * rework creating vscan user (new system-user in Tumbleweed)
  * remove obsolete configure option --disable-zlib-vcheck

OBS-URL: https://build.opensuse.org/request/show/871162
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=218

2021-02-22 18:54:31 +00:00

2 Commits