Bug 113174 - Security update: security/clamav .90.2 to .90.3
Summary: Security update: security/clamav .90.2 to .90.3
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Renato Botelho
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-05-31 01:40 UTC by Michael Scheidell
Modified: 2007-06-01 18:10 UTC (History)
1 user (show)

See Also:

Attachments
file.diff (108 bytes, patch)
2007-05-31 01:40 UTC, Michael Scheidell 		no flags Details | Diff
file.diff (507 bytes, patch)
2007-05-31 01:40 UTC, Michael Scheidell 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Scheidell 2007-05-31 01:40:04 UTC 
Update clamav from .90.2 to .90.3
Includes support for FBSD7 in ../configure

This release fixes some security bugs in libclamav and improves 
stability under Solaris. Please see ChangeLog for complete list of 
changes.

If your system is suffering from long clamscan startup times, please
consider installing 0.91rc1 which is due to be released shortly
after 0.90.3.


Security updates in this release include:
#1: patch-libclamav__matcher-ac.c already patched (remove this file)
#2: I removed dependency on unzoo (it is not maintained and has DOS 
attacks against it) MAYBE, reenable support for ZOO if you apply 
security patch at:
http://www.guay-leroux.com/projects/zoo-infinite-advisory.txt
and enable that patch minimum dependency. MAYBE

- libclamav/unrar/unrar.c: improve handling of corrupted/handcrafted
      headers (bb#511, patch from Trog)
- libclamav/unsp.c: fix end of buffer calculation (bb#464, patch from 
      aCaB)
- libclamav/ole2_extract.c: detect block list loop (bb#466), patch from 
      Trog

(others, see README)

Fix: this patch (also, please remove files/patch-libclamav__matcher-ac.c
seems to run fine clamd, clamdscan, clamscan, freshclam on FBSD 5.5

PORTNAME=      clamav
-PORTVERSION=   0.90.2
-PORTREVISION=  1
+PORTVERSION=   0.90.3
 CATEGORIES=    security
 MASTER_SITES=  SF

@@ -17,7 +16,6 @@
 LIB_DEPENDS=   gmp.7:${PORTSDIR}/math/libgmp4
 RUN_DEPENDS=   lha:${PORTSDIR}/archivers/lha \
                arj:${PORTSDIR}/archivers/arj \
-               unzoo:${PORTSDIR}/archivers/unzoo \
                arc:${PORTSDIR}/archivers/arc

 OPTIONS=       MILTER "Compile the milter interface" Off \
How-To-Repeat: make
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2007-05-31 02:04:25 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->garga

Over to maintainer
Comment 2 dfilter service freebsd_committer freebsd_triage 2007-06-01 18:09:15 UTC 
garga       2007-06-01 17:09:09 UTC

  FreeBSD ports repository

  Modified files:
    security/clamav      Makefile distinfo 
  Removed files:
    security/clamav/files patch-libclamav__matcher-ac.c 
  Log:
  - Update to 0.90.3
  - Remove unzoo support (clam doesn't support it anymore)
  
  PR:             ports/113174
  Submitted by:   Michael Scheidell <scheidell@secnap.net>
  
  Revision  Changes    Path
  1.100     +1 -6      ports/security/clamav/Makefile
  1.40      +3 -3      ports/security/clamav/distinfo
  1.2       +0 -65     ports/security/clamav/files/patch-libclamav__matcher-ac.c (dead)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 3 Renato Botelho freebsd_committer freebsd_triage 2007-06-01 18:09:44 UTC 
State Changed
From-To: open->closed

Committed, with changes. Thanks!