95403 – [PATCH] security/clamav: update to 0.88.1

Bug 95403 - [PATCH] security/clamav: update to 0.88.1

Summary: [PATCH] security/clamav: update to 0.88.1

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Renato Botelho

URL:
Keywords:

Depends on:
Blocks:

Reported:	2006-04-06 12:20 UTC by Renato Botelho
Modified:	2006-04-06 16:20 UTC (History)
CC List:	0 users

See Also:

Attachments
clamav-0.88.1.patch (4.52 KB, patch) 2006-04-06 12:20 UTC, Renato Botelho	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Renato Botelho freebsd_committer

2006-04-06 12:20:16 UTC

- Update to 0.88.1
- Use USE_RC_SUBR=script facility

Vulnerabilities fixed:

CVE-2006-1614
    Damian Put discovered an integer overflow in the PE header parser.
    This is only exploitable if the ArchiveMaxFileSize option is disabled.

CVE-2006-1615
    Format string vulnerabilities in the logging code have been discovered,
    which might lead to the execution of arbitrary code.

CVE-2006-1630
    David Luyer discovered, that ClamAV can be tricked into an invalid
    memory access in the cli_bitset_set() function, which may lead to
    a denial of service.

Generated with FreeBSD Port Tools 0.63

Comment 1 Renato Botelho freebsd_committer

2006-04-06 12:24:30 UTC

Responsible Changed
From-To: freebsd-ports-bugs->garga

I'll take it.

Comment 2 Renato Botelho freebsd_committer

2006-04-06 12:26:54 UTC

Dear maintainer of security/clamav FreeBSD port, please, take a look at:

http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/95403

Do you approve this patch?

Best Regards
-- 
Renato Botelho <garga @ FreeBSD.org>
               <freebsd @ galle.com.br>
GnuPG Key: http://www.FreeBSD.org/~garga/pubkey.asc

Comment 3 Renato Botelho freebsd_committer

2006-04-06 12:29:14 UTC

State Changed
From-To: open->feedback

Ask for maintainer approval.

Comment 4 Renato Botelho freebsd_committer

2006-04-06 14:49:10 UTC

Hello,

Please not this new patch, just rename clamav-*.sh.in removing ".sh", since
it's not more needed. The .sh extension will be added for FreeBSD versions
that require this.

Thanks

----------------------- clamav.diff starts here ------------------------
Index: Makefile
===================================================================
RCS file: /home/pcvs/ports/security/clamav/Makefile,v
retrieving revision 1.71
diff -u -r1.71 Makefile
--- Makefile	23 Feb 2006 10:38:52 -0000	1.71
+++ Makefile	6 Apr 2006 13:43:08 -0000
@@ -6,8 +6,7 @@
 #
 
 PORTNAME=	clamav
-PORTVERSION=	0.88
-PORTREVISION=	1
+PORTVERSION=	0.88.1
 CATEGORIES=	security
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE_EXTENDED}
 MASTER_SITE_SUBDIR=	clamav
@@ -26,11 +25,10 @@
 		CURL "Support URL downloading" Off \
 		LIBUNRAR "Support for external Unrar library" Off
 
-USE_REINPLACE=	yes
 USE_AUTOTOOLS=	libtool:15
 CONFIGURE_TARGET=	--build=${MACHINE_ARCH}-portbld-freebsd${OSREL}
 INSTALLS_SHLIB=	yes
-USE_RC_SUBR=	yes
+USE_RC_SUBR=	clamav-clamd clamav-freshclam
 
 PORTDOCS=	NEWS ChangeLog html
 
@@ -66,7 +64,7 @@
 CLAMAV_CLAMD_SOCKET?=	${RUNDIR}/clamd
 CLAMAV_MILTER_SOCKET?=	${RUNDIR}/clmilter.sock
 
-SUB_FILES=	pkg-install pkg-deinstall clamav-clamd.sh clamav-freshclam.sh
+SUB_FILES=	pkg-install pkg-deinstall
 SUB_LIST=	DBDIR=${DBDIR} \
 		LOGDIR=${LOGDIR} \
 		RUNDIR=${RUNDIR} \
@@ -90,11 +88,6 @@
 PLIST_SUB+=	CLAMAVUSER=${CLAMAVUSER} \
 		CLAMAVGROUP=${CLAMAVGROUP}
 
-RC_DIR=		${PREFIX}/etc/rc.d
-RC_SUFX=	.sh
-SUB_LIST+=	RC_DIR=${RC_DIR} RC_SUFX=${RC_SUFX}
-PLIST_SUB+=	RC_DIR=${RC_DIR} RC_SUFX=${RC_SUFX}
-
 .include <bsd.port.pre.mk>
 
 .if ${OSVERSION} == 502010
@@ -102,7 +95,7 @@
 .endif
 
 .if defined(WITH_MILTER)
-SUB_FILES+=	clamav-milter.sh
+USE_RC_SUBR+=	clamav-milter
 .if !defined(WITHOUT_LDAP) && exists(${LOCALBASE}/lib/libldap.so)
 USE_OPENLDAP=	yes
 LDFLAGS+=	-lldap
@@ -156,19 +149,11 @@
 		${SH} ${PKGINSTALL} ${PREFIX} PRE-INSTALL
 
 post-install:
-	@${INSTALL_SCRIPT} ${WRKDIR}/clamav-clamd.sh \
-		${DESTDIR}${RC_DIR}/clamav-clamd${RC_SUFX}
-	@${INSTALL_SCRIPT} ${WRKDIR}/clamav-freshclam.sh \
-		${DESTDIR}${RC_DIR}/clamav-freshclam${RC_SUFX}
 	@${CHOWN} -R ${CLAMAVUSER}:${CLAMAVGROUP} ${DESTDIR}${DBDIR}
 .for c in clamd freshclam
 	@[ -f ${DESTDIR}${PREFIX}/etc/${c}.conf ] || \
 		${CP} ${DESTDIR}${PREFIX}/etc/${c}.conf.default ${DESTDIR}${PREFIX}/etc/${c}.conf
 .endfor
-.if defined(WITH_MILTER)
-	@${INSTALL_SCRIPT} ${WRKDIR}/clamav-milter.sh \
-		${DESTDIR}${RC_DIR}/clamav-milter${RC_SUFX}
-.endif
 .if !defined(NOPORTDOCS)
 	@${MKDIR} ${DESTDIR}${DOCSDIR}
 	@${INSTALL_DATA} ${INSTALL_WRKSRC}/NEWS ${INSTALL_WRKSRC}/ChangeLog \
Index: distinfo
===================================================================
RCS file: /home/pcvs/ports/security/clamav/distinfo,v
retrieving revision 1.27
diff -u -r1.27 distinfo
--- distinfo	11 Jan 2006 10:27:29 -0000	1.27
+++ distinfo	6 Apr 2006 13:43:08 -0000
@@ -1,3 +1,3 @@
-MD5 (clamav-0.88.tar.gz) = 5d23205673c32e2b1b6db95000e6da74
-SHA256 (clamav-0.88.tar.gz) = 7912be29d13dae676691fbad7fa5fc1518eb3b8b45f8d147097908533ca1f8db
-SIZE (clamav-0.88.tar.gz) = 4564473
+MD5 (clamav-0.88.1.tar.gz) = 9fe8c47037051e350077513dd94fb76a
+SHA256 (clamav-0.88.1.tar.gz) = 25f678d1268fa91913dd2f0b7e08338faf65a4f48618ce59d773e3c42e606cff
+SIZE (clamav-0.88.1.tar.gz) = 5348769
Index: pkg-plist
===================================================================
RCS file: /home/pcvs/ports/security/clamav/pkg-plist,v
retrieving revision 1.26
diff -u -r1.26 pkg-plist
--- pkg-plist	23 Feb 2006 10:38:52 -0000	1.26
+++ pkg-plist	6 Apr 2006 13:43:08 -0000
@@ -1,15 +1,9 @@
 @comment $FreeBSD: ports/security/clamav/pkg-plist,v 1.26 2006/02/23 10:38:52 ade Exp $
-%%CLAMAV-MILTER%%@unexec [ ! -f %%RUNDIR%%/clamav-milter.pid ] || %%RC_DIR%%/clamav-milter%%RC_SUFX%% stop || true
-@unexec [ ! -f %%RUNDIR%%/freshclam.pid ] || %%RC_DIR%%/clamav-freshclam%%RC_SUFX%% stop || true
-@unexec [ ! -f %%RUNDIR%%/clamd.pid ] || %%RC_DIR%%/clamav-clamd%%RC_SUFX%% stop || true
 bin/clamav-config
 bin/clamscan
 bin/clamdscan
 bin/freshclam
 bin/sigtool
-etc/rc.d/clamav-clamd%%RC_SUFX%%
-etc/rc.d/clamav-freshclam%%RC_SUFX%%
-%%CLAMAV-MILTER%%etc/rc.d/clamav-milter%%RC_SUFX%%
 %%CLAMAV-MILTER%%sbin/clamav-milter
 sbin/clamd
 include/clamav.h
Index: files/clamav-clamd.in
===================================================================
RCS file: files/clamav-clamd.in
diff -N files/clamav-clamd.in
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ files/clamav-clamd.in	6 Apr 2006 13:43:08 -0000
@@ -0,0 +1,35 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: clamd
+# REQUIRE: LOGIN
+# BEFORE: mail
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable clamd:
+#
+#clamav_clamd_enable="YES"
+#
+# See clamd(8) for flags
+#
+
+. %%RC_SUBR%%
+
+name=clamav_clamd
+rcvar=`set_rcvar`
+
+command=%%PREFIX%%/sbin/clamd
+pidfile=%%RUNDIR%%/clamd.pid
+required_dirs=%%DBDIR%%
+required_files=%%PREFIX%%/etc/clamd.conf
+
+# read settings, set default values
+load_rc_config "$name"
+: ${clamav_clamd_enable="NO"}
+: ${clamav_clamd_flags=""}
+: ${clamav_clamd_socket="%%CLAMAV_CLAMD_SOCKET%%"}
+
+run_rc_command "$1"
Index: files/clamav-clamd.sh.in
===================================================================
RCS file: files/clamav-clamd.sh.in
diff -N files/clamav-clamd.sh.in
--- files/clamav-clamd.sh.in	20 Feb 2006 20:47:37 -0000	1.2
+++ /dev/null	1 Jan 1970 00:00:00 -0000
@@ -1,35 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD: ports/security/clamav/files/clamav-clamd.sh.in,v 1.2 2006/02/20 20:47:37 dougb Exp $
-#
-
-# PROVIDE: clamd
-# REQUIRE: LOGIN
-# BEFORE: mail
-# KEYWORD: shutdown
-
-#
-# Add the following lines to /etc/rc.conf to enable clamd:
-#
-#clamav_clamd_enable="YES"
-#
-# See clamd(8) for flags
-#
-
-. %%RC_SUBR%%
-
-name=clamav_clamd
-rcvar=`set_rcvar`
-
-command=%%PREFIX%%/sbin/clamd
-pidfile=%%RUNDIR%%/clamd.pid
-required_dirs=%%DBDIR%%
-required_files=%%PREFIX%%/etc/clamd.conf
-
-# read settings, set default values
-load_rc_config "$name"
-: ${clamav_clamd_enable="NO"}
-: ${clamav_clamd_flags=""}
-: ${clamav_clamd_socket="%%CLAMAV_CLAMD_SOCKET%%"}
-
-run_rc_command "$1"
Index: files/clamav-freshclam.in
===================================================================
RCS file: files/clamav-freshclam.in
diff -N files/clamav-freshclam.in
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ files/clamav-freshclam.in	6 Apr 2006 13:43:08 -0000
@@ -0,0 +1,35 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: freshclam
+# REQUIRE: LOGIN clamd
+# BEFORE: mail
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable the freshclam daemon:
+#
+#clamav_freshclam_enable="YES"
+#
+# See freshclam(1) for flags
+#
+
+. %%RC_SUBR%%
+
+name=clamav_freshclam
+rcvar=`set_rcvar`
+
+command=%%PREFIX%%/bin/freshclam
+pidfile=%%RUNDIR%%/freshclam.pid
+command_args="--daemon -p ${pidfile}"
+required_dirs=%%DBDIR%%
+required_files=%%PREFIX%%/etc/freshclam.conf
+
+# read settings, set default values
+load_rc_config "$name"
+: ${clamav_freshclam_enable="NO"}
+: ${clamav_freshclam_flags=""}
+
+run_rc_command "$1"
Index: files/clamav-freshclam.sh.in
===================================================================
RCS file: files/clamav-freshclam.sh.in
diff -N files/clamav-freshclam.sh.in
--- files/clamav-freshclam.sh.in	20 Feb 2006 20:47:37 -0000	1.2
+++ /dev/null	1 Jan 1970 00:00:00 -0000
@@ -1,35 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD: ports/security/clamav/files/clamav-freshclam.sh.in,v 1.2 2006/02/20 20:47:37 dougb Exp $
-#
-
-# PROVIDE: freshclam
-# REQUIRE: LOGIN clamd
-# BEFORE: mail
-# KEYWORD: shutdown
-
-#
-# Add the following lines to /etc/rc.conf to enable the freshclam daemon:
-#
-#clamav_freshclam_enable="YES"
-#
-# See freshclam(1) for flags
-#
-
-. %%RC_SUBR%%
-
-name=clamav_freshclam
-rcvar=`set_rcvar`
-
-command=%%PREFIX%%/bin/freshclam
-pidfile=%%RUNDIR%%/freshclam.pid
-command_args="--daemon"
-required_dirs=%%DBDIR%%
-required_files=%%PREFIX%%/etc/freshclam.conf
-
-# read settings, set default values
-load_rc_config "$name"
-: ${clamav_freshclam_enable="NO"}
-: ${clamav_freshclam_flags=""}
-
-run_rc_command "$1"
Index: files/clamav-milter.in
===================================================================
RCS file: files/clamav-milter.in
diff -N files/clamav-milter.in
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ files/clamav-milter.in	6 Apr 2006 13:43:08 -0000
@@ -0,0 +1,46 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: clamav-milter
+# REQUIRE: LOGIN clamd
+# BEFORE: mail
+# KEYWORD: shutdown
+
+#
+# Add the following lines to /etc/rc.conf to enable clamav-milter:
+#
+#clamav_milter_enable="YES"
+#
+# See clamav-milter(1) for flags
+#
+
+. %%RC_SUBR%%
+
+name=clamav_milter
+rcvar=`set_rcvar`
+
+command=%%PREFIX%%/sbin/clamav-milter
+pidfile=%%RUNDIR%%/clamav-milter.pid
+required_dirs=%%DBDIR%%
+required_files=%%PREFIX%%/etc/clamd.conf
+
+start_precmd=start_precmd
+
+start_precmd()
+{
+	if [ -S "$clamav_milter_socket" ]; then
+		warn "Stale socket $clamav_milter_socket removed."
+		rm "$clamav_milter_socket"
+	fi
+	rc_flags="--pidfile ${pidfile} ${flags:-$clamav_milter_flags} $clamav_milter_socket"
+}
+
+# read settings, set default values
+load_rc_config $name
+: ${clamav_milter_enable="NO"}
+: ${clamav_milter_socket="%%CLAMAV_MILTER_SOCKET%%"}
+: ${clamav_milter_flags="--postmaster-only --local --outgoing --timeout=0 --max-children=50"}
+
+run_rc_command "$1"
Index: files/clamav-milter.sh.in
===================================================================
RCS file: files/clamav-milter.sh.in
diff -N files/clamav-milter.sh.in
--- files/clamav-milter.sh.in	20 Feb 2006 20:47:37 -0000	1.3
+++ /dev/null	1 Jan 1970 00:00:00 -0000
@@ -1,46 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD: ports/security/clamav/files/clamav-milter.sh.in,v 1.3 2006/02/20 20:47:37 dougb Exp $
-#
-
-# PROVIDE: clamav-milter
-# REQUIRE: LOGIN clamd
-# BEFORE: mail
-# KEYWORD: shutdown
-
-#
-# Add the following lines to /etc/rc.conf to enable clamav-milter:
-#
-#clamav_milter_enable="YES"
-#
-# See clamav-milter(1) for flags
-#
-
-. %%RC_SUBR%%
-
-name=clamav_milter
-rcvar=`set_rcvar`
-
-command=%%PREFIX%%/sbin/clamav-milter
-pidfile=%%RUNDIR%%/clamav-milter.pid
-required_dirs=%%DBDIR%%
-required_files=%%PREFIX%%/etc/clamd.conf
-
-start_precmd=start_precmd
-
-start_precmd()
-{
-	if [ -S "$clamav_milter_socket" ]; then
-		warn "Stale socket $clamav_milter_socket removed."
-		rm "$clamav_milter_socket"
-	fi
-	rc_flags="--pidfile ${pidfile} ${flags:-$clamav_milter_flags} $clamav_milter_socket"
-}
-
-# read settings, set default values
-load_rc_config $name
-: ${clamav_milter_enable="NO"}
-: ${clamav_milter_socket="%%CLAMAV_MILTER_SOCKET%%"}
-: ${clamav_milter_flags="--postmaster-only --local --outgoing --timeout=0 --max-children=50"}
-
-run_rc_command "$1"
----------------------- clamav.diff ends here ------------------------

-- 
Renato Botelho <garga @ FreeBSD.org>
               <freebsd @ galle.com.br>
GnuPG Key: http://www.FreeBSD.org/~garga/pubkey.asc

We lie loudest when we lie to ourselves.
		-- Eric Hoffer

Comment 5 Renato Botelho freebsd_committer

2006-04-06 16:20:50 UTC

State Changed
From-To: feedback->closed

Committed. Thanks!