Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package clamav for openSUSE:Factory checked in at 2021-11-04 16:42:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/clamav (Old) and /work/SRC/openSUSE:Factory/.clamav.new.1890 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "clamav" Thu Nov 4 16:42:16 2021 rev:114 rq:929179 version:0.103.4 Changes: -------- --- /work/SRC/openSUSE:Factory/clamav/clamav.changes 2021-06-26 21:25:43.895364579 +0200 +++ /work/SRC/openSUSE:Factory/.clamav.new.1890/clamav.changes 2021-11-04 16:42:21.762024511 +0100 @@ -1,0 +2,63 @@ +Wed Nov 3 20:52:19 UTC 2021 - Arjen de Korte <suse+bu...@de-korte.org> + +- Update to 0.103.4 + * FreshClam: + - Add a 24-hour cool-down for FreshClam clients that have received + an HTTP 403 (Forbidden) response from the CDN. This is to reduce + the volume of 403-response data served to blocked FreshClam + clients that are configured with a tight update-loop. + - Fixed a bug where FreshClam treats an empty CDIFF as an + incremental update failure instead of as an intentional request + to download the whole CVD. + * ClamDScan: Fix a scan error when broken symlinks are encountered on + macOS with "FollowDirectorySymlinks" and "FollowFileSymlinks" + options disabled. + * Overhauled the scan recursion / nested archive extraction logic and + added new limits on embedded file-type recognition performed during + the "raw" scan of each file. This limits embedded file-type + misidentification and prevents detecting embedded file content that + is found/extracted and scanned at other layers in the scanning + process. + * Fix an issue with the FMap module that failed to read from some + nested files. + * Fixed an issue where failing to load some rules from a Yara file + containing multiple rules may cause a crash. + * Fixed assorted compiler warnings. + * Fixed assorted Coverity static code analysis issues. + * Scan limits: + - Added virus-name suffixes to the alerts that trigger when a scan + limit has been exceeded. Rather than simply + Heuristics.Limits.Exceeded, you may now see limit-specific + virus-names, to include: + + Heuristics.Limits.Exceeded.MaxFileSize + + Heuristics.Limits.Exceeded.MaxScanSize + + Heuristics.Limits.Exceeded.MaxFiles + + Heuristics.Limits.Exceeded.MaxRecursion + + Heuristics.Limits.Exceeded.MaxScanTime + - Renamed the Heuristics.Email.ExceedsMax.* alerts to align with + the other limit alerts names. These alerts include: + + Heuristics.Limits.Exceeded.EmailLineFoldcnt + + Heuristics.Limits.Exceeded.EmailHeaderBytes + + Heuristics.Limits.Exceeded.EmailHeaders + + Heuristics.Limits.Exceeded.EmailMIMEPartsPerMessage + + Heuristics.Limits.Exceeded.EmailMIMEArguments + - Fixed an issue where the Email-related scan limits would alert + even when the "AlertExceedsMax" (--alert-exceeds-max) scan option + is not enabled. + - Fixes an issue in the Zip parser where exceeding the "MaxFiles" + limit or the "MaxFileSize" limit would abort the scan but would + fail to alert. The Zip scan limit issues were independently + identified and reported by Aaron Leliaert and Max Allan. + * Fixed a leak in the Email parser when using the --gen-json scan + option. + * Fixed an issue where a failure to record metadata in the Email + parser when using the --gen-json scan option could cause the Email + parser to abort the scan early and fail to extract and scan + additional content. + * Fixed a file name memory leak in the Zip parser. + * Fixed an issue where certain signature patterns may cause a crash or + cause unintended matches on some systems when converting characters + to uppercase if a UTF-8 unicode single-byte grapheme becomes a + multi-byte grapheme. Patch courtesy of Andrea De Pasquale. + +------------------------------------------------------------------- Old: ---- clamav-0.103.3.tar.gz clamav-0.103.3.tar.gz.sig New: ---- clamav-0.103.4.tar.gz clamav-0.103.4.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ clamav.spec ++++++ --- /var/tmp/diff_new_pack.tM2MV0/_old 2021-11-04 16:42:22.526024550 +0100 +++ /var/tmp/diff_new_pack.tM2MV0/_new 2021-11-04 16:42:22.530024551 +0100 @@ -19,7 +19,7 @@ %bcond_with clammspack %bcond_with valgrind Name: clamav -Version: 0.103.3 +Version: 0.103.4 Release: 0 Summary: Antivirus Toolkit License: GPL-2.0-only ++++++ clamav-0.103.3.tar.gz -> clamav-0.103.4.tar.gz ++++++ /work/SRC/openSUSE:Factory/clamav/clamav-0.103.3.tar.gz /work/SRC/openSUSE:Factory/.clamav.new.1890/clamav-0.103.4.tar.gz differ: char 5, line 1
