clamav (0.102.4+dfsg-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to 0.102.2 to fix security issues
    - debian/libclamav9.symbols: updated for new version.
    - debian/rules: bumped CL_FLEVEL to 115.
    - CVE-2020-3327
    - CVE-2020-3350
    - CVE-2020-3481

clamav (0.102.3+dfsg-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to 0.102.2 to fix security issues
    - debian/libclamav9.symbols: updated for new version.
    - debian/rules: bumped CL_FLEVEL to 114.
    - CVE-2020-3327
    - CVE-2020-3341

clamav (0.102.2+dfsg-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to 0.102.2 to fix security issue (CVE-2020-3123)
    - debian/patches/*: synced patches with 0.102.2+dfsg-1.
    - debian/libclamav9.symbols: updated for new version.
    - debian/rules: bumped CL_FLEVEL to 113.
    - debian/clamav-daemon.config.in, clamav-daemon.postinst.in:
      Removing ScanOnAccess option.
  * d/clamav-daemon.config.in: Correct error from ScanOnAccess option
    removal so that setting LogFile options via DebConf works again
    (Closes: #950296) (LP: #1860217)

clamav (0.102.1+dfsg-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to 0.102.1 to fix security issue (CVE-2019-15961)
    - debian/patches/*: synced patches with 0.102.1+dfsg-1ubuntu1.
    - debian/clamav-daemon.postinst.in,clamav-freshclam.postinst.in: added
      new configuration options.
    - debian/clamav-docs.*: removed missing docs.
    - debian/libclamav9.install: added libfreshclam.so.2.
    - debian/libclamav9.symbols: updated for new version.
    - debian/rules: bumped CL_FLEVEL to 112.*
    - debian/control: adding libcurl4-openssl-dev as a new dependency for
      build freshclam, clamsubmit - See NEWS.md file.

clamav (0.101.4+dfsg-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to version 0.101.4 to fix security issues.
    - debian/patches/*: sync patches with 0.101.4+dfsg-1ubuntu1.
    - debian/clamav-daemon.postinst.in: removed DetectBrokenExecutables,
      added MaxScanTime, HeuristicAlerts, Alert*.
    - debian/*: updated for new library version.
    - debian/libclamav9.symbols: updated for new version.
    - debian/clamav-docs*, debian/rules: fix doc file locations.
    - debian/libclam-dev.install: include new header file.
    - debian/rules, debian/control: build with --with autoreconf.
    - debian/rules: build with --with-system-libmspack.
    - CVE-2019-12625
    - CVE-2019-12900

clamav (0.100.3+dfsg-1ubuntu0.12.04.2) precise-security; urgency=medium

  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2019-1010305.patch: length checks when looking
      for control files in libclamav/libmspack-0.5alpha/mspack/chmd.c.
    - CVE-2019-1010305

clamav (0.100.3+dfsg-1ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to version 0.100.3 to fix security issues. (LP: #1822503)
    - debian/libclamav7.symbols: updated to new version.
    - CVE-2019-1787
    - CVE-2019-1788
    - CVE-2019-1789

clamav (0.100.2+dfsg-1ubuntu0.12.04.2) precise-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-18585.patch: Ensure file names are valid in
      libclamav/libmspack-0.5alpha/mspack/chmd.c
    - CVE-2018-18585
  * SECURITY UPDATE: One byte buffer overflow -
    - debian/patches/CVE-2018-18584.patch: Ensure input buffer is large
      enough in libclamav/libmspack-0.5alpha/mspack/cab.h
    - CVE-2018-18584

clamav (0.100.2+dfsg-1ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to version 0.100.2 to fix security issue.
    - CVE-2018-15378
  * Bump to new symbol version
    - debian/rules: set CL_FLEVEL 93.
    - debian/libclamav7.symbols: updated to new version.
  * Removed patches included in new version:
    - debian/patches/CVE-2018-14679-and-CVE-2018-14680.patch
    - debian/patches/CVE-2018-14681.patch
    - debian/patches/CVE-2018-14682.patch

clamav (0.100.1+dfsg-1ubuntu0.12.04.4) precise-security; urgency=medium

  [ Marc Deslauriers ]
  * debian/clamav-daemon.config.in: fix infinite loop during
    dpkg-reconfigure (LP: #1792051)

clamav (0.100.1+dfsg-1ubuntu0.12.04.3) precise-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-14679-and-CVE-2018-14680.patch:
      fix in libclamav/libmspack-0.5alpha/mspack/cchmd.c.
    - CVE-2018-14679
    - CVE-2018-14680
  * SECURITY UPDATE: Bytes overwire with bad KWAJ file extension
    - debian/patches/CVE-2018-14681.patch: fix in
      libclamav/libmspack-0.5alpha/mspack/kwajd.c.
    - CVE-2018-14681
  * SECURITY UPDATE: Off-by-one error
    - debian/patches/CVE-2018-14682.patch: fix in
      libclamav/libmspack-0.5alpha/mspack/chmd.c.
    - CVE-2018-14682

clamav (0.100.1+dfsg-1ubuntu0.12.04.2) precise-security; urgency=medium

  [ Marc Deslauriers ]
  * SECURITY REGRESSION: clamav-daemon fails to start due to options
    removed in new version and manually edited configuration file.
    (LP: #1783632)
    - debian/patches/Deprecate-unused-options-instead-of-removing-it.patch:
      add patch from Debian stretch to simply warn about removed options.

clamav (0.100.1+dfsg-1ubuntu0.12.04.1) precise-security; urgency=medium

  * Rebuild as security update for 12.04 to fix multiple issues
    - CVE-2018-0360
    - CVE-2018-0361
  * Disabling LLVM support:
    - debian/control: removing llvm-3.6-dev
    - debian/rules: removing llvm
  * Removing patches that adds LLVM support:
    - debian/patches/Add-support-for-LLVM-3.*.patch
  * Removing dependency for procps >= 1:3:3.2:
    - debian/control
    - debian/clamav-daemon.ini.in
    - debian/clamav-freshclam.ini.in

clamav (0.100.1+dfsg-1ubuntu0.14.04.1) trusty-security; urgency=medium

  * Rebuild as security update for 14.04 to fix multiple issues
    - CVE-2018-0360
    - CVE-2018-0361
  * Re-enable LLVM support:
    - debian/control: add llvm-3.6-dev to BuildDepends.
    - debian/rules: add llvm back.
  * debian/clamav-daemon.postinst.in: updated version to drop support for
    clamav-daemon.socket.
  * debian/control: switch libtfm-dev to libtommath-dev, remove
    dh-strip-nondeterminism, electric-fence, and libsystemd-dev.
  * Use internal libmspack:
    - debian/control: remove libmspack-dev.
    - debian/rules: remove --with-system-libmspack.
    - debian/libclamav7.install: add libclammspack.so.0*.
    - debian/libclamav-dev.install: add libclammspack.so.
  * Revert to Debhelper in 14.04:
    - debian/compat: set to 8
    - debian/control: set debhelper to 8.9.7
  * debian/{libclamav7,libclamav-dev}.install: fix file locations
  * debian/rules: modify to not use dpkg-parsechangelog -S
  * debian/control: remove Multi-Arch and Rules-Requires-Root tags.
  * Don't built with json and curl:
    - debian/rules: remove --with-libjson and --with-libcurl=/usr.
    - debian/control: remove libjson-c-dev, libcurl4-openssl-dev.
    - debian/clamav.install: remove clamsubmit.
    - debian/clamav.manpages: remove clamsubmit.1.
  * Removed clamdscan package:
    - debian/control: removed package section
    - debian/clamdscan.*: removed and added files to clamav-daemon.*
  * Added clamav-dbg package:
    - debian/control: added package section
    - debian/rules: use --dbg-package, not --dbgsym-migration
  * debian/control: updated clamav-daemon Breaks versions.

clamav (0.100.1+dfsg-1ubuntu1) cosmic; urgency=medium

  * debian/control: switch Build-Depends from libpcre2-dev to libpcre3-dev
    as pcre2 is in Universe.

clamav (0.100.1+dfsg-1) unstable; urgency=medium

  [ Scott Kitterman ]
  * Only create clamav user during clamav-base install if it does not exist
    (LP: #121872)
    - Thanks to Shane Williams for the patch
  * Remove spurious debian/changelog entry for the above change from the
    0.100.0~beta+dfsg-1 entry since the change was not actually included

  [ Sebastian Andrzej Siewior ]
  * Import new upstream.
  * Bump symbol version due to new version.
  * Add read permission for freshclam on /var/log in the apparmor profile.
    Thanks to Robie Basak (Closes: #902601).
  * Bump standards-version to 4.1.5 without further change

clamav (0.100.0+dfsg-1) unstable; urgency=medium

  * New upstream release.
    - remove various documentation files including Changelog from the file
      list because they are no longer included in upstream archive.

clamav (0.100.0~beta+dfsg-2) unstable; urgency=medium

  * Switch to pcre2 which is newer (Closes: #891195).
  * Cherry pick patches referenced in bb#11973 and bb#11980 to fix
    CVE-2018-0202.
  * Use compat level 11.

clamav (0.100.0~beta+dfsg-1) unstable; urgency=medium

  [ Scott Kitterman ]
  * Add lintian override for clamav-freshclam: duplicate-updaterc.d-calls-in-
    postinst clamav-freshclam
  * New upstream beta release
  * Bump standards-version to 4.1.3 without further change
  * Update README.Debian to describe how to disable apparmor for clamav-daemon
    and clamav-freshclam (Closes: #884707)

  [ Sebastian Andrzej Siewior ]
  * Point Vcs-* tags to salsa.

clamav (0.99.3~beta2+dfsg-1) unstable; urgency=medium

  * Update upstream's signing gpg key
  * Update to beta2:
    - freshclam does not complain that clamav is outdated (Closes: #876429).

clamav (0.99.3~beta1+dfsg-4) unstable; urgency=medium

  * Ignore errors from update-rc.d in freshclam postins (Closes: #882323).
  * Drop dh-systemd & autoreconf from B-D.

clamav (0.99.3~beta1+dfsg-3) unstable; urgency=medium

  * Drop "demime = *" from Debian.README for clamav, this option is gone from
    exim (Closes: #881634).
  * Use "ucf" instead "ucp" in clamav-milter's postinst.
  * Disable LLVM support due to 3.8 removal (Closes: #873401).
  * Disable the freshclam service if changed to `manual' mode so it does not 
start
    again after system reboot with systemd (Closes: #881780).
  * Bump standards version to 4.1.1 without further change.
  * Allow to build as non root user.
  * Update dh compat level 10

clamav (0.99.3~beta1+dfsg-2) unstable; urgency=medium

  * Build again against system's libmspack (dropped by accident)
    (Closes: #872594).
  * Don't replace config file with sample config after debconf gets disabled
    (in milter and daemon (Closes: #870253).
  * Update standards to 4.0.1
    - use invoke-rc.d instead of /etc/init.d.
    - drop priority extra from clamav-milter.
  * Add bytecode.c(l|v)d to log clamav-freshclam.logcheck.ignore.server. Patch
    by Václav Ovsík <vaclav.ov...@gmail.com> (Closes: #868766).

clamav (0.99.3~beta1+dfsg-1) unstable; urgency=medium

  * Upload to unstable
  * update to official beta1 release:
    - drop fts-no-use-AC_TRY_RUN.patch, applied upstream.

clamav (0.99.3~snapshot20170704+dfsg-1) experimental; urgency=medium

  * Update to upstream snapshot (commit
    144ef69462427b63a650294257c892b047601aac):
    - add config options
    - boost symbol file
    - drop applied patches:
      - Allow-M-suffix-for-PCREMaxFileSize.patch
      - bb11549-fix-temp-file-cleanup-issue.patch
      - clamav_add_private_fts_implementation.patch
      - drop-AllowSupplementaryGroups-option-and-make-it-def.patch
      - fix-ssize_t-size_t-off_t-printf-modifier.patch
      - libclamav-use-libmspack.patch
      - make_it_compile_against_openssl_1_1_0.patch
    - add new ones:
      - fts-no-use-AC_TRY_RUN.patch
      - clamsubmit-add-JSON-libs-to-clamsubmit.patch

clamav (0.99.2+dfsg-6) unstable; urgency=medium

  * Fix detection of curl. Patch by Reiner Herrmann <rei...@reiner-h.de>
    (Closes: #852894).

clamav (0.99.2+dfsg-5) unstable; urgency=medium

  [ Andreas Cadhalpun ]
  * Add patches to support LLVM 3.7-3.9.
  * Re-enable llvm support.
  * Update embedded-library lintian override for multiarch locations.
  * Update standards version to 3.9.8. (no changes needed)
  * Mark clamav-docs and clamav-testfiles as Multi-Arch foreign and
    libclamav7 as same.
  * Fix spelling errors in the debian files. (Closes: #825055)
  * Remove unused package-contains-timestamped-gzip lintian-override.
  * Fix wildcard-matches-nothing-in-dep5-copyright lintian warning.

  [ Sebastian Andrzej Siewior ]
  * Remove clamav-daemon.service.d on purge (Closes: #842074).
  * Fix FTCBFS: Annotate interpreter dependencies with :native. Patch by
    Helmut Grohne (Closes: #844066).
  * Drop bc from B-D, it seems we no longer need it.
  * Cherry-pick patch from bb11549 to fix a temp file cleanup issue
    (Closes: #824196).

clamav (0.99.2+dfsg-4) unstable; urgency=medium

  * Remove Stephen Gran as Uploader and thank you for your work
    (Closes: #838405).
  * Drop llvm supported for now. The bytecode will be interpreted by clamav
    instead of llvm's JIT - there is no loss in functionality. It will come back
    once we llvm support again (Closes: #839850).

clamav (0.99.2+dfsg-3) unstable; urgency=medium

  * BD on dh-strip-nondeterminism.
  * get it compiled against openssl 1.1.0 (Closes: #828083).
  * Drop support for clamav-daemon.socket. Should avoid restart loops if clamd
    crashes on start (via OOM for instance). (Closes: #824042).

clamav (0.99.2+dfsg-2) unstable; urgency=medium

  * Ensure the users of PRIVATE symbols (clamd + freshclam) do not fall
    behind a upstream version (Closes: #824485).

clamav (0.99.2+dfsg-1) unstable; urgency=medium

  [ Sebastian Andrzej Siewior ]
  * also remove bytecode.cld on purge
  * Update to new upstream release 0.99.2
  * Drop AllowSupplementaryGroups option which is default now
    (Closes: #822444).
  * Let the LSB init script have more consistent output. Patch by Guillem
    Jover (Closes: #823074).

Date: 2020-07-24 18:00:18.826063+00:00
Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)
Signed-By: Steve Langasek <steve.langa...@canonical.com>
https://launchpad.net/ubuntu/+source/clamav/0.102.4+dfsg-0ubuntu0.12.04.1
Sorry, changesfile not available.
-- 
Precise-changes mailing list
Precise-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/precise-changes

Reply via email to