pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/clamav
Module Name: pkgsrc
Committed By: taca
Date: Thu Sep 5 15:10:15 UTC 2024
Modified Files:
pkgsrc/security/clamav: Makefile Makefile.common distinfo
Log Message:
security/clamav: update to 0.103.12
0.103.12 (2024-09-04)
ClamAV 0.103.12 is a patch release with the following fixes:
- [CVE-2024-20506](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20506):
Changed the logging module to disable following symlinks on Linux and Unix
systems so as to prevent an attacker with existing access to the 'clamd' or
'freshclam' services from using a symlink to corrupt system files.
This issue affects all currently supported versions. It will be fixed in:
- 1.4.1
- 1.3.2
- 1.0.7
- 0.103.12
Thank you to Detlef for identifying this issue.
- [CVE-2024-20505](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20505):
Fixed a possible out-of-bounds read bug in the PDF file parser that could
cause a denial-of-service (DoS) condition.
This issue affects all currently supported versions. It will be fixed in:
- 1.4.1
- 1.3.2
- 1.0.7
- 0.103.12
Thank you to OSS-Fuzz for identifying this issue.
- ClamOnAcc: Fixed an infinite loop when a watched directory does not exist.
- [GitHub pull request](https://github.com/Cisco-Talos/clamav/pull/1198)
- Fixed a bug causing CVDs downloaded by the `DatabaseCustomURL` Freshclam
config option to be pruned and then re-downloaded with every update.
Also added the new 'valhalla' database name to the list of optional databases
in preparation for future work.
- Backport of [GitHub pull request](https://github.com/Cisco-Talos/clamav/pull/1233)
- Fixed an unaligned pointer dereference issue on select architectures.
Fix courtesy of Sebastian Andrzej Siewior.
- Backport of [GitHub pull request](https://github.com/Cisco-Talos/clamav/pull/1293)
To generate a diff of this commit:
cvs rdiff -u -r1.93 -r1.94 pkgsrc/security/clamav/Makefile
cvs rdiff -u -r1.26 -r1.27 pkgsrc/security/clamav/Makefile.common
cvs rdiff -u -r1.45 -r1.46 pkgsrc/security/clamav/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/security/clamav/Makefile
diff -u pkgsrc/security/clamav/Makefile:1.93 pkgsrc/security/clamav/Makefile:1.94
--- pkgsrc/security/clamav/Makefile:1.93 Wed May 29 16:34:13 2024
+++ pkgsrc/security/clamav/Makefile Thu Sep 5 15:10:15 2024
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.93 2024/05/29 16:34:13 adam Exp $
+# $NetBSD: Makefile,v 1.94 2024/09/05 15:10:15 taca Exp $
-PKGREVISION= 4
.include "Makefile.common"
COMMENT= Anti-virus toolkit
Index: pkgsrc/security/clamav/Makefile.common
diff -u pkgsrc/security/clamav/Makefile.common:1.26 pkgsrc/security/clamav/Makefile.common:1.27
--- pkgsrc/security/clamav/Makefile.common:1.26 Tue Aug 29 14:43:01 2023
+++ pkgsrc/security/clamav/Makefile.common Thu Sep 5 15:10:15 2024
@@ -1,11 +1,11 @@
-# $NetBSD: Makefile.common,v 1.26 2023/08/29 14:43:01 taca Exp $
+# $NetBSD: Makefile.common,v 1.27 2024/09/05 15:10:15 taca Exp $
#
# used by security/clamav/Makefile
# used by security/clamav-doc/Makefile
-DISTNAME= clamav-0.103.10
+DISTNAME= clamav-0.103.12
CATEGORIES= security
-MASTER_SITES= http://www.clamav.net/downloads/production/
+MASTER_SITES= https://www.clamav.net/downloads/production/
MAINTAINER?= pkgsrc-users%NetBSD.org@localhost
HOMEPAGE= https://www.clamav.net/
Index: pkgsrc/security/clamav/distinfo
diff -u pkgsrc/security/clamav/distinfo:1.45 pkgsrc/security/clamav/distinfo:1.46
--- pkgsrc/security/clamav/distinfo:1.45 Tue Aug 29 14:43:01 2023
+++ pkgsrc/security/clamav/distinfo Thu Sep 5 15:10:15 2024
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.45 2023/08/29 14:43:01 taca Exp $
+$NetBSD: distinfo,v 1.46 2024/09/05 15:10:15 taca Exp $
-BLAKE2s (clamav-0.103.10.tar.gz) = b3c19d4d3f55f17d10e4afd45c8f74df36abfbb9c62793fa7a10cb0a325c21c0
-SHA512 (clamav-0.103.10.tar.gz) = fceda0297f32b0741a978e365a9fb9fe1c24c0d5027ee41665516917fbff405c01621cb0894bcfa70bc0884332987e1ecaa096a344580b67c3b401f2a77bc78c
-Size (clamav-0.103.10.tar.gz) = 16538627 bytes
+BLAKE2s (clamav-0.103.12.tar.gz) = a329d1da82016fce84d87bee336cd7364f0a93b8347e81f607fba11607109b4d
+SHA512 (clamav-0.103.12.tar.gz) = 0e870a5fd035fbf090359ef7634b1b36e346ff3066b896ff17c2c6ace04f4c17e16181a21fead8b8b2f397de9ea47b928515b717a41996bac4c8efed4d16ec4e
+Size (clamav-0.103.12.tar.gz) = 16507685 bytes
SHA1 (patch-Makefile.in) = 51e0f42323f07b7ae0cb35a640469dce4e1a2041
SHA1 (patch-aa) = c07a7b6e883f384ce278964645f0658c0d986ab5
SHA1 (patch-ab) = 78793f0267ce8c820b51937186dc17dabb4a1ccf
Home |
Main Index |
Thread Index |
Old Index