243914 – security/clamav: Update to 0.102.2

Bug 243914 - security/clamav: Update to 0.102.2

Summary: security/clamav: Update to 0.102.2

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Some People
Assignee:	Kurt Jaeger

URL:
Keywords:	buildisok

Depends on:	243913
Blocks:
	Show dependency tree / graph

Reported:	2020-02-05 21:39 UTC by Yasuhiro Kimura
Modified:	2020-02-06 21:05 UTC (History)
CC List:	1 user (show)

See Also:

Flags:	pi: merge-quarterly+

Attachments
Patch file (3.20 KB, patch) 2020-02-05 21:39 UTC, Yasuhiro Kimura	yasu: maintainer-approval+	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Yasuhiro Kimura freebsd_committer

2020-02-05 21:39:32 UTC

Created attachment 211392 [details]
Patch file

* Update to 0.102.2 which fixes security vulnerability.
* Remove MSPACK option and always use archivers/libmspack in accordance with policy about bundled library described in 6.2 of Porter's Handbook.
* Remove obsolete and no-op options from CONFIGURE_ARGS.
    
Security: CVE-2020-3123
    
Bug #243913 describes vulnerability fixed in this version. So please commit it together.

Comment 1 Automation User 2020-02-05 21:53:20 UTC

Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/115351888

Comment 2 commit-hook freebsd_committer

2020-02-06 21:00:16 UTC

A commit references this bug:

Author: pi
Date: Thu Feb  6 20:59:18 UTC 2020
New revision: 525450
URL: https://svnweb.freebsd.org/changeset/ports/525450

Log:
  security/clamav: upgrade 0.102.1 -> 0.102.2

  - Remove MSPACK option and always use archivers/libmspack in
    accordance with policy about bundled library described in 6.2 of
    Porter's Handbook.
  - Remove obsolete and no-op options from CONFIGURE_ARGS.

  PR:		243914
  Submitted by:	Yasuhiro KIMURA <yasu@utahime.org> (maintainer)
  Relnotes:	https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html
  Security:	CVE-2020-3123

Changes:
  head/security/clamav/Makefile
  head/security/clamav/distinfo
  head/security/clamav/pkg-plist

Comment 3 commit-hook freebsd_committer

2020-02-06 21:05:18 UTC

A commit references this bug:

Author: pi
Date: Thu Feb  6 21:05:08 UTC 2020
New revision: 525452
URL: https://svnweb.freebsd.org/changeset/ports/525452

Log:
  MFH: r525450

  security/clamav: upgrade 0.102.1 -> 0.102.2

  - Remove MSPACK option and always use archivers/libmspack in
    accordance with policy about bundled library described in 6.2 of
    Porter's Handbook.
  - Remove obsolete and no-op options from CONFIGURE_ARGS.

  PR:		243914
  Submitted by:	Yasuhiro KIMURA <yasu@utahime.org> (maintainer)
  Relnotes:	https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html
  Security:	CVE-2020-3123
  Approved by:	portmgr (security blanket)

Changes:
_U  branches/2020Q1/
  branches/2020Q1/security/clamav/Makefile
  branches/2020Q1/security/clamav/distinfo
  branches/2020Q1/security/clamav/pkg-plist

Comment 4 Kurt Jaeger freebsd_committer

2020-02-06 21:05:39 UTC

Committed, thanks!