- Update to version 0.99.2 (bsc#978459)
* 7z: fix for FolderStartPackStreamIndex array index heck
* print all CDBNAME entries for a zip file when using the -z
flag.
* try to minimize the err cleanup path
* clamunrar: notice if unpacking comment failed
* signature manual update.
* use temp var for realloc to prevent pointer loss.
* fix debug VI hex truncation
* freshclam: avoid random data in mirrors.dat.
* libclamav: print raw certificate metadata
* freshclam manager check return code of strdup.
* additional suppress IP notification when using proxy
* fix download and verification of *.cld through PrivateMirrors
* suppress IP notification when using proxy
* remove redundant mempool assignment
* divide out dumpcerts output for better readability
* fix dconf and option handling for nocert and dumpcert
* patch by Jim Morris to increase clamd's soft file descriptor to
its potential maximum on 64-bit systems
* Move libfreshclam config to m4/reorganization.
* adding libfreshclam
* Add 'cdb' datafile to sigtools list of datafile types.
* NULL pointer check.
* malloc() NULL pointer check.
* clamscan 'block-macros' option.
* initialize cpio name buffer
* initialize mspack decompression buffers
* prevent memory allocations on used pointers (folder objects)
* prevent memory allocations on used pointers (boolvectors)
OBS-URL: https://build.opensuse.org/request/show/404154
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/clamav?expand=0&rev=83
- Version 0.98.7 fixes several security issues (bsc#929192) and
other bug fixes/improvements:
* Fix crash in upx decoder with crafted file. Discovered and
patch supplied by Sebastian Andrzej Siewior. CVE-2015-2170.
* Fix infinite loop condition on crafted y0da cryptor
file. Identified and patch suggested by Sebastian Andrzej
Siewior. CVE-2015-2221.
* Fix crash on crafted petite packed file. Reported and patch
supplied by Sebastian Andrzej Siewior. CVE-2015-2222.
* Fix an infinite loop condition on a crafted "xz" archive file.
This was reported by Dimitri Kirchner and Goulven Guiheux.
CVE-2015-2668.
* Apply upstream patch for possible heap overflow in Henry
Spencer's regex library. CVE-2015-2305.
* Fix false negatives on files within iso9660 containers. This
issue was reported by Minzhuan Gong.
* Fix a couple crashes on crafted upack packed file. Identified
and patches supplied by Sebastian Andrzej Siewior.
* Fix a crash during algorithmic detection on crafted PE file.
Identified and patch supplied by Sebastian Andrzej Siewior.
* Fix compilation error after ./configure --disable-pthreads.
Reported and fix suggested by John E. Krokes.
* Fix segfault scanning certain HTML files. Reported with sample
by Kai Risku.
* Improve detections within xar/pkg files.
* Improvements to PDF processing: decryption, escape sequence
handling, and file property collection.
* Scanning/analysis of additional Microsoft Office 2003 XML
format.
OBS-URL: https://build.opensuse.org/request/show/305579
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/clamav?expand=0&rev=76
other bug fixes/improvements:
* Fix crash in upx decoder with crafted file. Discovered and
patch supplied by Sebastian Andrzej Siewior. CVE-2015-2170.
* Fix infinite loop condition on crafted y0da cryptor
file. Identified and patch suggested by Sebastian Andrzej
Siewior. CVE-2015-2221.
* Fix crash on crafted petite packed file. Reported and patch
supplied by Sebastian Andrzej Siewior. CVE-2015-2222.
* Fix an infinite loop condition on a crafted "xz" archive file.
This was reported by Dimitri Kirchner and Goulven Guiheux.
CVE-2015-2668.
* Apply upstream patch for possible heap overflow in Henry
Spencer's regex library. CVE-2015-2305.
* Fix false negatives on files within iso9660 containers. This
issue was reported by Minzhuan Gong.
* Fix a couple crashes on crafted upack packed file. Identified
and patches supplied by Sebastian Andrzej Siewior.
* Fix a crash during algorithmic detection on crafted PE file.
Identified and patch supplied by Sebastian Andrzej Siewior.
* Fix compilation error after ./configure --disable-pthreads.
Reported and fix suggested by John E. Krokes.
* Fix segfault scanning certain HTML files. Reported with sample
by Kai Risku.
* Improve detections within xar/pkg files.
* Improvements to PDF processing: decryption, escape sequence
handling, and file property collection.
* Scanning/analysis of additional Microsoft Office 2003 XML
format.
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=117
- Version 0.98.6 fixes several security issues:
* bsc#916217, CVE-2015-1461: Remote attackers can have
unspecified impact via Yoda's crypter or mew packer files.
* bsc#916214, CVE-2015-1462: Unspecified impact via acrafted upx
packer file.
* bsc#916215, CVE-2015-1463: Remote attackers can cause a denial
of service via a crafted petite packer file.
* bsc#915512, CVE-2014-9328: heap out of bounds condition with
crafted upack packer files.
- Obsoletes clamav-soname.patch
OBS-URL: https://build.opensuse.org/request/show/284469
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/clamav?expand=0&rev=75
* bsc#916217, CVE-2015-1461: Remote attackers can have
unspecified impact via Yoda's crypter or mew packer files.
* bsc#916214, CVE-2015-1462: Unspecified impact via acrafted upx
packer file.
* bsc#916215, CVE-2015-1463: Remote attackers can cause a denial
of service via a crafted petite packer file.
* bsc#915512, CVE-2014-9328: heap out of bounds condition with
crafted upack packer files.
- Obsoletes clamav-soname.patch
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=115
* remove copy of wxWidgets (halves the size of the tarball).
* Decompression and scanning of files in "Xz" compression
format.
* Extraction, decompression, and scanning of files within Apple
Disk Image (DMG) format.
* Extraction, decompression, and scanning of files within
Extensible Archive (XAR) format. XAR format is commonly used
for software packaging, such as PKG and RPM, as well as
general archival.
* Improvements and fixes to extraction and scanning of ole
formats.
* Option to force all scanned data to disk.
* Various improvements to ClamAV configuration, support of third
party libraries, and unit tests.
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=87
