pool/clamav
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7c9dfc0617
clamav/clamav-document-maxsize.patch
Reinhard Max 896f44d06a Accepting request 1198813 from home:adkorte:branches:security 
- New version 1.3.2:
  * CVE-2024-20506: Changed the logging module to disable following
    symlinks on Linux and Unix systems so as to prevent an attacker
    with existing access to the 'clamd' or 'freshclam' services from
    using a symlink to corrupt system files.
  * CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF
    file parser that could cause a denial-of-service condition.
  * Removed unused Python modules from freshclam tests including
    deprecated 'cgi' module that is expected to cause test failures in
    Python 3.13.
  * Fix unit test caused by expiring signing certificate.
  * Fixed a build issue on Windows with newer versions of Rust. Also
    upgraded GitHub Actions imports to fix CI failures.
  * Fixed an unaligned pointer dereference issue on select architectures.
  * Fixes to Jenkins CI pipeline.
- Remove upstreamed 1305.patch

OBS-URL: https://build.opensuse.org/request/show/1198813
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=263
2024-09-09 12:39:53 +00:00

42 lines
2.2 KiB
Diff
Raw Blame History

--- docs/man/clamscan.1.in.orig
+++ docs/man/clamscan.1.in
@@ -8,6 +8,18 @@ clamscan [options] [file/directory/\-]
.SH "DESCRIPTION"
.LP
clamscan is a command line anti\-virus scanner.
+.SH "NOTE"
+.LP
+If a file or an archive is larger than the default or configured size (see \-\-max\-filesize and \-\-max-scansize options) scanning will abort at the limit, and the file will be marked as "OK".
+.TP
+The archive scan limits are currently set to 25MB or 100MB respectively.
+.TP
+There are more options that limit scanning, please check all the \-\-max\-something options.
+.TP
+To report files that are exceeding these limits, you need to specify \-\-alert\-exceeds\-max=yes option. This will then report a "Heuristics.Limits.Exceeded FOUND" for such files.
+
+.TP
+Please note that such a FOUND message does not imply infection, and your tooling should be able to handle this.
.SH "OPTIONS"
.LP
Most of the options are simple switches which enable or disable some features. Options marked with [=yes/no(*)] can be optionally followed by =yes/=no; if they get called without the boolean argument the scanner will assume 'yes'. The asterisk marks the default internal setting for a given option.
--- docs/man/clamdscan.1.in.orig
+++ docs/man/clamdscan.1.in
@@ -8,6 +8,17 @@ clamdscan [options] [file/directory]
.SH "DESCRIPTION"
.LP
clamdscan is a clamd client which may be used as a clamscan replacement. It accepts all the options implemented in clamscan but most of them will be ignored because its scanning abilities only depend on clamd.
+.SH "NOTE"
+.LP
+If a file or an archive is larger than the default or configured size (see MaxFileSize and MaxScanSize options in clamd.conf) scanning will abort at the limit, and the file will be marked as "OK".
+.TP
+The archive scan limits are currently set to 25MB or 100MB respectively.
+.TP
+There are more options that limit scanning, please check all the MaxSomething options in clamd.conf.
+.TP
+To report files that are exceeding these limits, you need to specify AlertExceedsMax TRUE in clamd.conf. This will then report a "Heuristics.Limits.Exceeded FOUND" for such files.
+.TP
+Please note that such a FOUND message does not imply infection, and your tooling should be able to handle this.
.SH "OPTIONS"
.LP
Reference in New Issue View Git Blame Copy Permalink