Bug 236818
| Summary: | security/clamav: Update to 0.101.2. | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Yasuhiro Kimura <yasu> | ||||
| Component: | Individual Port(s) | Assignee: | Steve Wills <swills> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Many People | CC: | cgreen, danmcgrath.ca, nevecherya, philk, ports-secteam | ||||
| Priority: | Normal | Keywords: | security | ||||
| Version: | Latest | Flags: | yasu:
merge-quarterly?
|
||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Bug Depends on: | 236816 | ||||||
| Bug Blocks: | |||||||
| Attachments: |
|
||||||
|
Description
Yasuhiro Kimura
2019-03-27 03:27:00 UTC
ClamAV 0.101.2, the version fixing the security issues listed above, has been available for download for two weeks now, and the patch on this page was added only the day after that. The bug describing the vulnerabilities was closed days ago, and the box I updated manually to this version seems to be running fine. Is there any reason this updated version hasn't yet been pushed into the ports tree? A commit references this bug: Author: swills Date: Thu Apr 11 00:56:13 UTC 2019 New revision: 498628 URL: https://svnweb.freebsd.org/changeset/ports/498628 Log: security/clamav: Update to 0.101.2 PR: 236818 Submitted by: Yasuhiro KIMURA <yasu@utahime.org> (maintainer) Changes: head/security/clamav/Makefile head/security/clamav/distinfo head/security/clamav/pkg-plist Committed, thanks! Definitely not committed. The version in the pkg repository is still 0.101.1,1 # pkg search clamav clamav-0.101.1,1 Command line virus scanner written entirely in C This has been known vulnerable for 2 months. *** Bug 238428 has been marked as a duplicate of this bug. *** Re-open for MFH Any chance of this fix getting ported to 2019Q2 soonish? Asking for a friend. :) There is already latest version (0.101.2) in latest quarterly branch (2019Q3). |