pool/clamav
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
67f2541c68
clamav/clamav.spec
Reinhard Max 67f2541c68 Accepting request 901217 from home:adkorte 
- Update to 0.103.3
  * Fixed a scan performance issue when ENGINE_OPTIONS_FORCE_TO_DISK is
    enabled. This issue did not impacted most users but for those
    affected it caused every scanned file to be copied to the temp
    directory before the scan.
  * Fix ClamDScan crashes when using the --fdpass --multiscan
    command-line options in combination with the ClamD ExcludePath
    config file options.
  * Fixed an issue where the mirrors.dat file is owned by root when
    starting as root (or with sudo) and using daemon-mode. File
    ownership will be set to the DatabaseOwner just before FreshClam
    switches to run as that user.
  * Renamed the mirrors.dat file to freshclam.dat.
  * Disabled the HTTPUserAgent config option if the DatabaseMirror uses
    clamav.net. This will prevent users from being inadvertently blocked
    and will ensure that we can keep better metrics on which ClamAV
    versions are being used.
  * Moved the detection for Heuristics.PNG.CVE-2010-1205 behind the
    ClamScan --alert-broken-media option (ClamD AlertBrokenMedia yes)
    option. This type of PNG issue appears to be common enough to be an
    annoyance, and the CVE is old enough that no one should be
    vulnerable at this point.
  * Fix ClamSubmit failures after changes to Cloudflare "__cfduid"
    cookies. See: https://blog.cloudflare.com/deprecating-cfduid-cookie/

OBS-URL: https://build.opensuse.org/request/show/901217
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=223
2021-06-25 13:36:20 +00:00

339 lines
9.7 KiB
RPMSpec
Raw Blame History

#
# spec file for package clamav
#
# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%bcond_with clammspack
%bcond_with valgrind
Name: clamav
Version: 0.103.3
Release: 0
Summary: Antivirus Toolkit
License: GPL-2.0-only
Group: Productivity/Security
URL: http://www.clamav.net
Source0: http://www.clamav.net/downloads/production/%{name}-%{version}.tar.gz
Source1: http://www.clamav.net/downloads/production/%{name}-%{version}.tar.gz.sig
Source4: clamav-rpmlintrc
Source6: clamav-tmpfiles.conf
Source7: service.clamd
Source8: service.freshclam
Source9: service.clamav-milter
Source10: timer.freshclam
Source11: clamav.keyring
Source65: system-user-vscan.conf
Patch1: clamav-conf.patch
Patch5: clamav-obsolete-config.patch
Patch6: clamav-disable-yara.patch
Patch12: clamav-fips.patch
Patch13: clamav-ck_assert_msg.patch
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: gcc-c++
BuildRequires: libbz2-devel
BuildRequires: libcurl-devel >= 7.45
BuildRequires: libjson-c-devel
BuildRequires: libopenssl-devel >= 1.0.2
BuildRequires: libtool
BuildRequires: libxml2-devel
BuildRequires: sendmail-devel
BuildRequires: pkgconfig(check)
BuildRequires: pkgconfig(libpcre2-8) >= 10.30
BuildRequires: pkgconfig(ncurses)
BuildRequires: pkgconfig(zlib)
#
# Workaround to keep "make check" from using an existing libclamav
# instead of the just built one. This should rather be fixed
# by keeping libtool from adding libdir to rpath and LD_LIBRARY_PATH
# of the test binaries.
#
#!BuildIgnore: clamav
Obsoletes: clamav-db < 0.88.3
Provides: clamav-nodb = %{version}
Obsoletes: clamav-nodb < %{version}
%if %{without clammspack}
BuildRequires: pkgconfig(libmspack)
%endif
%if %{with valgrind}
BuildRequires: valgrind
%endif
%if 0%{?suse_version} > 1500
Requires(pre): group(vscan)
Requires(pre): user(vscan)
%else
BuildRequires: sysuser-tools
%sysusers_requires
%endif
%{?systemd_ordering}
%description
ClamAV is an antivirus engine designed for detecting trojans,
viruses, malware and other malicious threats. It is the de-facto
standard for mail gateway scanning. It provides a multi-threaded
scanning daemon, command line utilities for on-demand file scanning,
and a tool for automatic signature updates. The core ClamAV library
provides numerous file format detection mechanisms, file unpacking
support, archive support, and multiple signature languages for
detecting threats.
%package milter
Summary: ClamAV Milter compatible mail scanner
Group: Productivity/Security
Requires: %{name} = %{version}
Provides: %{name}:/usr/sbin/clamav-milter
%description milter
ClamAV-milter is a filter for sendmail(1) mail server. It uses a
mail scanning engine built into clamd(8). ClamAV-milter can use
load balancing and fault tolerant techniques to connect to more
than one clamd(8) server and seamlessly hot-swap to even the load
between different machines and to keep scanning for viruses even
when a server goes down.
%package -n libclamav9
Summary: ClamAV antivirus engine runtime
Group: System/Libraries
%description -n libclamav9
ClamAV is an antivirus engine designed for detecting trojans,
viruses, malware and other malicious threats.
%package -n libfreshclam2
Summary: ClamAV updater library
Group: System/Libraries
%description -n libfreshclam2
ClamAV is an antivirus engine designed for detecting trojans,
viruses, malware and other malicious threats.
%package -n libclammspack0
Summary: ClamAV antivirus engine runtime
Group: System/Libraries
%description -n libclammspack0
ClamAV is an antivirus engine designed for detecting trojans,
viruses, malware and other malicious threats.
%package devel
Summary: Development files for libclamav, an antivirus engine
Group: Development/Libraries/C and C++
Requires: libclamav9 = %{version}
Requires: libfreshclam2 = %{version}
%description devel
ClamAV is an antivirus engine designed for detecting trojans,
viruses, malware and other malicious threats.
This subpackage contains header files for developing applications
that want to make use of libclamav.
%prep
%setup -q
%patch1
%patch5
%patch6
%patch12
%patch13 -p1
%build
%if 0%{?suse_version} <= 1500
# Create vscan user
%sysusers_generate_pre %{SOURCE65} vscan
%endif
CFLAGS="-fstack-protector"
CXXFLAGS="-fstack-protector"
export CFLAGS="%optflags $CFLAGS -fPIE -fno-strict-aliasing"
export CXXFLAGS="%optflags $CXXFLAGS -fPIE -fno-strict-aliasing -std=gnu++98"
export LDFLAGS="-pie"
%if "%{_lib}" == "lib64"
# tomsfastmath needs this for correct operation on 64-bit platforms
CFLAGS="$CFLAGS -DFP_64BIT"
%endif
%configure \
--disable-clamav \
--disable-static \
--with-dbdir=%{_localstatedir}/lib/clamav \
--with-user=vscan \
--with-group=vscan \
--enable-milter \
--enable-check \
--enable-clamdtop \
--disable-yara \
%if %{without clammspack}
--with-system-libmspack
%endif
%make_build
%install
%make_install
install -d -m755 %{buildroot}%{_localstatedir}/lib/clamav
install -d -m755 %{buildroot}%{_tmpfilesdir}
install -m644 %SOURCE6 %{buildroot}%{_tmpfilesdir}/clamav.conf
%if 0%{?suse_version} <= 1500
mkdir -p %{buildroot}%{_localstatedir}/spool/amavis
%endif
mkdir -p -m 0755 %{buildroot}/run/clamav
find %{buildroot} -type f -name "*.la" -delete -print
# libclammspack is not meant to be linked against by anything but
# libclamav
rm -f %{buildroot}%{_libdir}/pkgconfig/libclammspack.pc
rm -f %{buildroot}%{_libdir}/libclammspack.so
# fix the new config file names
mv %{buildroot}%{_sysconfdir}/clamd.conf{.sample,}
mv %{buildroot}%{_sysconfdir}/clamav-milter.conf{.sample,}
mv %{buildroot}%{_sysconfdir}/freshclam.conf{.sample,}
# Systemd...
install -d -m 0755 %{buildroot}%{_unitdir}
rm -f %{buildroot}%{_unitdir}/clamav-*
install -m 0644 %SOURCE7 %{buildroot}%{_unitdir}/clamd.service
install -m 0644 %SOURCE8 %{buildroot}%{_unitdir}/freshclam.service
install -m 0644 %SOURCE9 %{buildroot}%{_unitdir}/clamav-milter.service
install -m 0644 %SOURCE10 %{buildroot}%{_unitdir}/freshclam.timer
# this is broken if system does not have systemd so don't
# use it at all on systems without mandatory systemd
for srvname in clamd freshclam clamav-milter; do
(export PATH=%_prefix/sbin:/sbin:$PATH ;ln -sf $(which service) %{buildroot}/%{_sbindir}/rc${srvname})
done
%check
# regression tests
%if !0%{?qemu_user_space_build:1}
make check VG=1
%endif
%if 0%{?suse_version} > 1500
%pre
%else
%pre -f vscan.pre
%endif
%service_add_pre clamd.service
%post
%tmpfiles_create %{_tmpfilesdir}/clamav.conf
%service_add_post clamd.service
%preun
if [ $1 -eq 0 ]; then
# package will be uninstalled
rm -f %{_localstatedir}/lib/clamav/*
fi
%service_del_preun clamd.service
%postun
%service_del_postun clamd.service
%pre milter
%service_add_pre clamav-milter.service
%post milter
%service_add_post clamav-milter.service
%preun milter
%service_del_preun clamav-milter.service
%postun milter
%service_del_postun clamav-milter.service
%if 0%{?suse_version} > 1500
%ldconfig_scriptlets -n libclamav9
%ldconfig_scriptlets -n libfreshclam2
%if %{with clammspack}
%ldconfig_scriptlets -n libclammspack0
%endif
%else
%post -n libclamav9 -p /sbin/ldconfig
%postun -n libclamav9 -p /sbin/ldconfig
%post -n libfreshclam2 -p /sbin/ldconfig
%postun -n libfreshclam2 -p /sbin/ldconfig
%if %{with clammspack}
%post -n libclammspack0 -p /sbin/ldconfig
%postun -n libclammspack0 -p /sbin/ldconfig
%endif
%endif
%files
%license COPYING*
%doc docs/html/*
%config(noreplace) %{_sysconfdir}/clamd.conf
%config(noreplace) %{_sysconfdir}/freshclam.conf
%{_bindir}/clamav-config
%{_bindir}/clambc
%{_bindir}/clamconf
%{_bindir}/clamdscan
%{_bindir}/clamdtop
%{_bindir}/clamscan
%{_bindir}/clamsubmit
%{_bindir}/freshclam
%{_bindir}/sigtool
%{_sbindir}/clamd
%{_sbindir}/clamonacc
%{_sbindir}/rcclamd
%{_sbindir}/rcfreshclam
%{_mandir}/man1/clambc.1%{?ext_man}
%{_mandir}/man1/clamconf.1%{?ext_man}
%{_mandir}/man1/clamdscan.1%{?ext_man}
%{_mandir}/man1/clamdtop.1%{?ext_man}
%{_mandir}/man1/clamscan.1%{?ext_man}
%{_mandir}/man1/clamsubmit.1%{?ext_man}
%{_mandir}/man1/freshclam.1%{?ext_man}
%{_mandir}/man1/sigtool.1%{?ext_man}
%{_mandir}/man5/clamd.conf.5%{?ext_man}
%{_mandir}/man5/freshclam.conf.5%{?ext_man}
%{_mandir}/man8/clamd.8%{?ext_man}
%{_mandir}/man8/clamonacc.8%{?ext_man}
%{_tmpfilesdir}/*
%{_unitdir}/clamd.service
%{_unitdir}/freshclam.service
%{_unitdir}/freshclam.timer
%defattr(-,vscan,vscan)
%dir %{_localstatedir}/lib/clamav
%if 0%{?suse_version} <= 1500
%dir %attr(750,vscan,vscan) %{_localstatedir}/spool/amavis
%endif
%ghost %attr(755,vscan,vscan) /run/clamav
%files milter
%config(noreplace) %{_sysconfdir}/clamav-milter.conf
%{_unitdir}/clamav-milter.service
%{_sbindir}/clamav-milter
%{_sbindir}/rcclamav-milter
%{_mandir}/man5/clamav-milter.conf.5%{?ext_man}
%{_mandir}/man8/clamav-milter.8%{?ext_man}
%files -n libclamav9
%{_libdir}/libclam*.so.9*
%files -n libfreshclam2
%{_libdir}/libfreshclam.so.2*
%if %{with clammspack}
%files -n libclammspack0
%{_libdir}/libclammspack.so.0*
%endif
%files devel
%{_includedir}/*
%{_libdir}/pkgconfig/*
%{_libdir}/libclam*.so
%{_libdir}/libfreshclam*.so
%changelog
Reference in New Issue View Git Blame Copy Permalink