Hello community, here is the log from the commit of package clamav for openSUSE:Factory checked in at 2012-06-25 12:22:39 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/clamav (Old) and /work/SRC/openSUSE:Factory/.clamav.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "clamav", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/clamav/clamav.changes 2012-03-20 13:28:56.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.clamav.new/clamav.changes 2012-06-25 12:22:42.000000000 +0200 @@ -1,0 +2,17 @@ +Tue Jun 19 00:31:03 UTC 2012 - [email protected] + +- update to 0.95.5 [bnc#767574] +- addresses possible evasion cases in some archive formats +- CVE-2012-1457: allows to bypass malware detection via a TAR archive + entry with a length field that exceeds the total TAR file size +- CVE-2012-1458: allows to bypass malware detection via a crafted + reset interval in the LZXC header of a CHM file +- CVE-2012-1459: allows to bypass malware detection via a TAR archive + entry with a length field corresponding to that entire entry, plus + part of the header of the next entry +- also addresses stability issues in portions of the bytecode engine +- update clamav-conf.patch for moved lines +- add a definitions snapshot as {main,daily}.cvd no longer in tarball +- fix file-contains-date-and-time rpmlint warning + +------------------------------------------------------------------- Old: ---- clamav-0.97.4.tar.gz New: ---- clamav-0.97.5.tar.gz daily-15055.cvd main-54.cvd ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ clamav.spec ++++++ --- /var/tmp/diff_new_pack.WCyavo/_old 2012-06-25 12:22:46.000000000 +0200 +++ /var/tmp/diff_new_pack.WCyavo/_new 2012-06-25 12:22:46.000000000 +0200 @@ -45,7 +45,7 @@ Summary: Antivirus Toolkit License: GPL-2.0 Group: Productivity/Security -Version: 0.97.4 +Version: 0.97.5 Release: 0 Url: http://www.clamav.net Requires: latex2html-pngicons @@ -59,6 +59,10 @@ Source3: clamav-updateclamconf Source4: clamav-rpmlintrc Source5: clamav-rcmilter +# http://db.local.clamav.net/main.cvd +Source6: main-54.cvd +# http://db.local.clamav.net/daily.cvd +Source7: daily-15055.cvd Patch1: clamav-conf.patch Patch2: clamav-sles9.patch Patch3: clamav-gcc47.patch @@ -157,7 +161,8 @@ %clamav_check \ %llvm \ --disable-zlib-vcheck \ - --enable-clamdtop + --enable-clamdtop \ + --disable-timestamps make %{?jobs:-j%jobs} @@ -175,7 +180,10 @@ install -m755 %SOURCE5 %buildroot/etc/init.d/clamav-milter ln -s /etc/init.d/clamav-milter %buildroot%_sbindir/rcclamav-milter install -m755 %SOURCE3 %buildroot%_sbindir/updateclamconf +install -d -m755 %buildroot/var/lib/clamav touch %buildroot/var/lib/clamav/{clamd,freshclam}.pid +install -m755 %SOURCE6 %buildroot/var/lib/clamav/main.cvd +install -m755 %SOURCE7 %buildroot/var/lib/clamav/daily.cvd for f in %buildroot/var/lib/clamav/*.cvd; do mv $f $f.dist touch $f ++++++ clamav-0.97.4.tar.gz -> clamav-0.97.5.tar.gz ++++++ /work/SRC/openSUSE:Factory/clamav/clamav-0.97.4.tar.gz /work/SRC/openSUSE:Factory/.clamav.new/clamav-0.97.5.tar.gz differ: char 5, line 1 ++++++ clamav-conf.patch ++++++ --- /var/tmp/diff_new_pack.WCyavo/_old 2012-06-25 12:22:46.000000000 +0200 +++ /var/tmp/diff_new_pack.WCyavo/_new 2012-06-25 12:22:46.000000000 +0200 @@ -1,7 +1,7 @@ Index: etc/clamav-milter.conf =================================================================== ---- etc/clamav-milter.conf.orig -+++ etc/clamav-milter.conf +--- etc/clamav-milter.conf.orig 2012-06-12 14:36:05.000000000 +0100 ++++ etc/clamav-milter.conf 2012-06-18 22:49:23.000000000 +0100 @@ -2,10 +2,6 @@ ## Example config file for clamav-milter ## @@ -68,8 +68,8 @@ # Index: etc/clamd.conf =================================================================== ---- etc/clamd.conf.orig -+++ etc/clamd.conf +--- etc/clamd.conf.orig 2012-06-12 14:03:26.000000000 +0100 ++++ etc/clamd.conf 2012-06-18 22:49:23.000000000 +0100 @@ -1,12 +1,8 @@ ## -## Example config file for the Clam AV daemon @@ -134,7 +134,7 @@ # Maximum length the queue of pending connections may grow to. # Default: 200 -@@ -187,7 +183,7 @@ Example +@@ -186,7 +182,7 @@ Example # Run as another user (clamd must be started by root for this option to work) # Default: don't drop privileges @@ -143,7 +143,7 @@ # Initialize supplementary group access (clamd must be started by root). # Default: no -@@ -428,6 +424,10 @@ Example +@@ -440,6 +436,10 @@ Example # Enable Clamuko. Dazuko must be configured and running. Clamuko supports # both Dazuko (/dev/dazuko) and DazukoFS (/dev/dazukofs.ctrl). DazukoFS # is the preferred option. For more information please visit www.dazuko.org @@ -156,8 +156,8 @@ Index: etc/freshclam.conf =================================================================== ---- etc/freshclam.conf.orig -+++ etc/freshclam.conf +--- etc/freshclam.conf.orig 2012-06-12 14:36:05.000000000 +0100 ++++ etc/freshclam.conf 2012-06-18 22:49:23.000000000 +0100 @@ -1,12 +1,8 @@ ## -## Example config file for freshclam -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
