Hello community, here is the log from the commit of package clamav for openSUSE:Factory checked in at 2020-11-13 19:00:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/clamav (Old) and /work/SRC/openSUSE:Factory/.clamav.new.24930 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "clamav" Fri Nov 13 19:00:07 2020 rev:110 rq:848312 version:0.103.0 Changes: -------- --- /work/SRC/openSUSE:Factory/clamav/clamav.changes 2020-09-21 17:42:01.160833651 +0200 +++ /work/SRC/openSUSE:Factory/.clamav.new.24930/clamav.changes 2020-11-13 19:00:41.762223510 +0100 @@ -1,0 +2,17 @@ +Thu Nov 12 11:02:09 UTC 2020 - Dominique Leuenberger <[email protected]> + +- Do not hard-depend on systemd: use systemd_ordering instead of + systemd_requires. + +------------------------------------------------------------------- +Tue Nov 10 16:44:57 UTC 2020 - Reinhard Max <[email protected]> + +- Sync Factory to SLE-15 to implement jsc#ECO-3010 and bsc#1118459. +- bsc#1119353, clamav-fips.patch: Fix freshclam crash in FIPS mode. +- Keep OBS from installing an existing clamav instance to scan the + sources, because this makes "make check" use the old library + instead of the just built one. This is only a workaround until + we found a way to keep libtool from adding libdir to rpath and + LD_LIBRARY_PATH of the binaries in the testsuite. + +------------------------------------------------------------------- @@ -115,5 +132,5 @@ - * CVE-2019-15961: A Denial-of-Service (DoS) vulnerability may - occur when scanning a specially crafted email file as a result - of excessively long scan times. The issue is resolved by - implementing several maximums in parsing MIME messages and by - optimizing use of memory allocation. + * CVE-2019-15961, bsc#1157763: A Denial-of-Service (DoS) + vulnerability may occur when scanning a specially crafted email + file as a result of excessively long scan times. The issue is + resolved by implementing several maximums in parsing MIME + messages and by optimizing use of memory allocation. New: ---- clamav-fips.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ clamav.spec ++++++ --- /var/tmp/diff_new_pack.rxA7Nk/_old 2020-11-13 19:00:42.634224596 +0100 +++ /var/tmp/diff_new_pack.rxA7Nk/_new 2020-11-13 19:00:42.638224602 +0100 @@ -37,6 +37,7 @@ Patch4: clamav-disable-timestamps.patch Patch5: clamav-obsolete-config.patch Patch6: clamav-disable-yara.patch +Patch12: clamav-fips.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: bc @@ -58,6 +59,13 @@ #BuildRequires: valgrind BuildRequires: zlib-devel BuildRequires: pkgconfig(libsystemd) +# +# Workaround to keep "make check" from using an existing libclamav +# instead of the just built one. This should rather be fixed +# by keeping libtool from adding libdir to rpath and LD_LIBRARY_PATH +# of the test binaries. +# +#!BuildIgnore: clamav Requires(pre): %_bindir/awk Requires(pre): %_sbindir/groupadd Requires(pre): %_sbindir/useradd @@ -67,7 +75,7 @@ Obsoletes: clamav-db < 0.88.3 Provides: clamav-nodb = %version Obsoletes: clamav-nodb <= 0.98.4 -%systemd_requires +%systemd_ordering %if %{without clammspack} BuildRequires: libmspack-devel %endif @@ -125,6 +133,7 @@ %patch4 %patch5 %patch6 +%patch12 %build CFLAGS="-fstack-protector" ++++++ clamav-fips.patch ++++++ --- libclamav/crypto.c.orig +++ libclamav/crypto.c @@ -145,6 +145,9 @@ int cl_initialize_crypto(void) ERR_load_crypto_strings(); #endif + /* avoid fips issues */ + EVP_add_digest(EVP_md5()); + return 0; } _______________________________________________ openSUSE Commits mailing list -- [email protected] To unsubscribe, email [email protected] List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/[email protected]
