On Sat, 2018-01-27 at 23:22 +0100, Marcus Schopen wrote: > Am Freitag, den 26.01.2018, 16:25 +0100 schrieb Reindl Harald: > > > > > > if you use distribution packages you are supposed to wait for a > > update > > from the distribution or learn to proper package at your own > > > > i heard that's not that easy as on Redhat systems because you don't > > have > > everything in a .src.rpm and just need to replace the tarball > > after > > unpack the src.rpm and edit the version in the spec file but again: > That's not right. Building a 0.99.3 deb package based on the current > 0.99.2 deb source package are just a few shell commands, e.g.: > > 0. set up an build environment e.g. on a fresh box: > > aptitude install dpkg-dev devscripts equivs quilt > > export QUILT_PATCHES=debian/patches > > 1. get the current 0.99.2 clamav src package, e.g. for 14.04 TLS from > > https://packages.ubuntu.com/source/trusty/clamav > > wget http://archive.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.99. > 2+ > addedllvm-0ubuntu0.14.04.2.dsc > > wget http://archive.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.99. > 2+ > addedllvm.orig.tar.xz > > wget http://archive.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.99. > 2+ > addedllvm-0ubuntu0.14.04.2.debian.tar.gz > > 2. unpack the source package > > dpkg-source -x clamav_0.99.2+addedllvm-0ubuntu0.14.04.2.dsc > > 3. download the new original 0.99.3 clamav source > > http://www.clamav.net/downloads/production/clamav-0.99.3.tar.gz > > 4. upgrade the old 0.99.2 deb source package > > cd clamav-0.99.2+addedllvm > uupdate -v 0.99.3 ../clamav-0.99.3.tar.gz > > 5. enter the new 0.99.3 deb source package dir > > cd ../clamav-0.99.3 > > 6. remove old patches from ./debian/patches dir which are not longer > needed. > > In this case (to my mind) on 14.04 LTS CVE-2017-6418 and CVE-2017- > 6420 > are already patched in 0.99.3. Unsure about CVE-2017-6419 (didn't > find > it in the README); I removed it, because 0.99.3 original source > doesn't > come up with this patch. May be someone knows better. > > quilt pop -a > quilt delete -r CVE-2017-6418 > quilt delete -r CVE-2017-6419 > quilt delete -r CVE-2017-6420 > quilt delete -r CVE-2017-6420-2 > > 7. maintenance debian/changelog and add your suffix, e.g. > > dch --local ~yoursuffix > Thanks so much for this Marcus, seems a lot easier than going through using pbuilder. One question. I'm at step 7, what should go after --local? Not sure what you mean by ~yoursuffix.
> 8. finally build new deb package > > dpkg-buildpackage -us -uc > > That's it. So basically it's replacing the orig tar ball and update > changelog too. > > Ciao > Marcus > > > _______________________________________________ > clamav-users mailing list > [email protected] > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml -- Chris KeyID 0xE372A7DA98E6705C 31.11972; -97.90167 (Elev. 1092 ft) 17:20:28 up 1 day, 9:08, 1 user, load average: 0.78, 0.69, 0.74 Description: Ubuntu 16.04.3 LTS, kernel 4.13.0-32-generic
signature.asc
Description: This is a digitally signed message part
_______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
