b5b97e006a* CVE-2019-1786: An out-of-bounds heap read condition may occur when scanning malformed PDF documents as a result of improper bounds-checking. * CVE-2019-1785: A path-traversal write condition may occur as a result of improper input validation when scanning RAR archives. * CVE-2019-1798: A use-after-free condition may occur as a result of improper error handling when scanning nested RAR archives. * Add missing headers to fix build of packages against libclamav.Reinhard Max2019-03-29 12:01:14 +00:00
862d152324Accepting request 689169 from home:EGDFree:branches:securityMarcus Meissner2019-03-29 10:03:13 +00:00
72865bd263- Update to version 0.101.1: * more details will be added later - Add missing include for str.h to libclamav/others_common.c (clamav-str-h.patch)Reinhard Max2019-01-21 17:35:52 +00:00
16df387343- Update to version 0.100.2: * bsc#1110723, CVE-2018-15378: Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. * bsc#1103040, CVE-2018-14680, CVE-2018-14681, CVE-2018-14682: more fixes for embedded libmspack. * Make freshclam more robust against lagging signature mirrors. * On-Access "Extra Scanning", an opt-in minor feature of OnAccess scanning on Linux systems, has been disabled due to a known issue with resource cleanup OnAccessExtraScanning will be re-enabled in a future release when the issue is resolved. In the mean-time, users who enabled the feature in clamd.conf will see a warning informing them that the feature is not active. For details, see: https://bugzilla.clamav.net/show_bug.cgi?id=12048 - Restore exit code compatibility of freshclam with versions before 0.100.0 when the virus database is already up to date (bsc#1104457, clamav-freshclam-exit.patch).Reinhard Max2018-10-04 09:52:49 +00:00
57aad7711c- bsc#1101654: Disable YARA support for licensing reasons (clamav-disable-yara.patch). - Do not ignore errors from useradd et al.Reinhard Max2018-07-31 08:58:20 +00:00
047b23765b- Disable YARA support for licensing reasons (bsc#1101654).Reinhard Max2018-07-30 11:28:31 +00:00
fc65c3a5deAccepting request 625316 from home:pluskalm:branches:securityReinhard Max2018-07-26 09:55:19 +00:00
f1110218c2- Turn off LLVM for now, because the bundled copy is deprecated, the versions we have are too new and the performance gain over the byte code interpreter are negligable, according to upstream. - Put libclammspack0 into its own subpackage to follow the letter of the shlib packaging policy, even though it really makes no sense here.Reinhard Max2018-04-26 15:39:59 +00:00
365105a77e- Move pkgconfig stuff from main to devel package. - Re-introduce removed options as deprecated, so that clamd and freshclam don't exit on startup with an old config file (clamav-obsolete-config.patch).Reinhard Max2018-04-18 14:49:27 +00:00
c0e27f9707- On update, remove obsolete option SubmitDetectionStats from /etc/freshclam.conf otherwise freshclam refuses to start.Reinhard Max2018-04-18 08:35:09 +00:00
d2722d834a* Add interfaces to the Prelude SIEM open source package for collecting ClamAV virus events. * Support libmspack internal code or as a shared object library. The internal library is the default and includes modifications to enable parsing of CAB files that do not entirely adhere to the CAB file format. * Link with OpenSSL 1.1.0. * Deprecate of the AllowSupplementaryGroups parameter statement in clamd, clamav-milter, and freshclam. Use of supplementary is now in effect by default. * Deprecate internal LLVM code support. * Compute and check PE import table hash (a.k.a. "imphash") signatures. * Support file property collection and analysis for MHTML files. * Raw scanning of PostScript files. * Fix clamsubmit to use the new virus and false positive submission web interface. * Optionally, flag files with the virus "Heuristic.Limits.Exceeded" when size limitations are exceeded. * Improved decoders for PDF files. * Reduced number of compile time warnings. * Improved support for C++11. * Improved detection of system installed libraries. * Fixes to ClamAV's Container system and the introduction of Intermediates for more descriptive signatures. * Improvements to clamd's On-Access scanning capabilities for Linux. - Use system-wide LLVM instead of the deprecated bundled one. - Move pkgconfig stuff the main to the devel package.Reinhard Max2018-04-16 14:01:29 +00:00
506c87a397- Update to version 0.100.0 (bsc#1089502): * FIXME: Add upstream changes here before submitting to Factory. * Obsoletes clamav-fix_newer_zlib.patch - Update key ring and add signature file. - Remove the logic around building the embedded llvm as the system-wide llvm is now auto-detected and used. - Move pc files from the main to the devel package.Reinhard Max2018-04-13 15:16:49 +00:00
820d5ab130- Version 0.98.7 fixes several security issues (bsc#929192) and other bug fixes/improvements: * Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2170. * Fix infinite loop condition on crafted y0da cryptor file. Identified and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221. * Fix crash on crafted petite packed file. Reported and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2222. * Fix an infinite loop condition on a crafted "xz" archive file. This was reported by Dimitri Kirchner and Goulven Guiheux. CVE-2015-2668. * Apply upstream patch for possible heap overflow in Henry Spencer's regex library. CVE-2015-2305. * Fix false negatives on files within iso9660 containers. This issue was reported by Minzhuan Gong. * Fix a couple crashes on crafted upack packed file. Identified and patches supplied by Sebastian Andrzej Siewior. * Fix a crash during algorithmic detection on crafted PE file. Identified and patch supplied by Sebastian Andrzej Siewior. * Fix compilation error after ./configure --disable-pthreads. Reported and fix suggested by John E. Krokes. * Fix segfault scanning certain HTML files. Reported with sample by Kai Risku. * Improve detections within xar/pkg files. * Improvements to PDF processing: decryption, escape sequence handling, and file property collection. * Scanning/analysis of additional Microsoft Office 2003 XML format.Reinhard Max2015-05-05 17:04:23 +00:00
e02bbc5b40- Version 0.98.6 fixes several security issues: * bsc#916217, CVE-2015-1461: Remote attackers can have unspecified impact via Yoda's crypter or mew packer files. * bsc#916214, CVE-2015-1462: Unspecified impact via acrafted upx packer file. * bsc#916215, CVE-2015-1463: Remote attackers can cause a denial of service via a crafted petite packer file. * bsc#915512, CVE-2014-9328: heap out of bounds condition with crafted upack packer files. - Obsoletes clamav-soname.patchReinhard Max2015-02-05 11:43:54 +00:00
99c3101ce3- bnc#914505: Config file merging and temp file creation got moved to %pre by mistake. Put them back to %post. - Restore the updateclamconf script (bnc#908731). - Fix a step backwards in the soname version from 0.98.4 to 0.98.5 (https://bugzilla.clamav.net/show_bug.cgi?id=11193).Reinhard Max2015-01-23 14:07:57 +00:00
9e4f65d940Accepting request 220513 from security
Stephan Kulow
2014-02-01 07:43:18 +00:00
409168917e- Version 0.98.1: * remove copy of wxWidgets (halves the size of the tarball). * Decompression and scanning of files in "Xz" compression format. * Extraction, decompression, and scanning of files within Apple Disk Image (DMG) format. * Extraction, decompression, and scanning of files within Extensible Archive (XAR) format. XAR format is commonly used for software packaging, such as PKG and RPM, as well as general archival. * Improvements and fixes to extraction and scanning of ole formats. * Option to force all scanned data to disk. * Various improvements to ClamAV configuration, support of third party libraries, and unit tests.Reinhard Max2014-01-24 15:48:31 +00:00
Dominique Leuenberger
Reinhard Max
Marcus Meissner
Andreas Stieger
Ruediger Oertel
Stephan Kulow