Bug#1031536: bullseye-pu: package clamav/0.103.8+dfsg-0+deb11u1

Sebastian Andrzej Siewior Fri, 17 Feb 2023 14:24:54 -0800

Package: release.debian.org
Control: affects -1 + src:clamav
User: release.debian....@packages.debian.org
Usertags: pu
Tags: bullseye
Severity: normal


ClamAV upstream released 0.103.8 fixing two CVEs:

- CVE-2023-20032: Fixed a possible remote code execution vulnerability in the
  HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and
  earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting
  this issue.

- CVE-2023-20052: Fixed a possible remote information leak vulnerability in the
  DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and
  earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting
  this issue.

See,
        https://blog.clamav.net/2023/02/clamav-01038-01052-and-101-patch.html

The 0.103.x series is a LTS release.
I did test the release in a Bullseye VM.
The attached diff has the changes to the docs/ folder removed (it is
auto generated by upsteams and contains a lot of noise).
Unstable has been addressed by the upload of 1.0.1.

Sebastian

diff -Nru clamav-0.103.7+dfsg/CMakeLists.txt clamav-0.103.8+dfsg/CMakeLists.txt
--- clamav-0.103.7+dfsg/CMakeLists.txt	2022-07-26 06:32:12.000000000 +0200
+++ clamav-0.103.8+dfsg/CMakeLists.txt	2023-02-13 01:03:33.000000000 +0100
@@ -15,7 +15,7 @@
 set(VERSION_SUFFIX "")
 
 project( ClamAV
-         VERSION "0.103.7"
+         VERSION "0.103.8"
          DESCRIPTION "ClamAV open source email, web, and end-point anti-virus toolkit." )
 
 set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake" ${CMAKE_MODULE_PATH})
diff -Nru clamav-0.103.7+dfsg/configure clamav-0.103.8+dfsg/configure
--- clamav-0.103.7+dfsg/configure	2022-07-26 06:32:39.000000000 +0200
+++ clamav-0.103.8+dfsg/configure	2023-02-13 01:03:59.000000000 +0100
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for ClamAV 0.103.7.
+# Generated by GNU Autoconf 2.69 for ClamAV 0.103.8.
 #
 # Report bugs to <https://github.com/Cisco-Talos/clamav/issues>.
 #
@@ -592,8 +592,8 @@
 # Identity of this package.
 PACKAGE_NAME='ClamAV'
 PACKAGE_TARNAME='clamav'
-PACKAGE_VERSION='0.103.7'
-PACKAGE_STRING='ClamAV 0.103.7'
+PACKAGE_VERSION='0.103.8'
+PACKAGE_STRING='ClamAV 0.103.8'
 PACKAGE_BUGREPORT='https://github.com/Cisco-Talos/clamav/issues'
 PACKAGE_URL='https://www.clamav.net/'
 
@@ -1606,7 +1606,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures ClamAV 0.103.7 to adapt to many kinds of systems.
+\`configure' configures ClamAV 0.103.8 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1687,7 +1687,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of ClamAV 0.103.7:";;
+     short | recursive ) echo "Configuration of ClamAV 0.103.8:";;
    esac
   cat <<\_ACEOF
   --enable-dependency-tracking
@@ -1922,7 +1922,7 @@
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-ClamAV configure 0.103.7
+ClamAV configure 0.103.8
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2550,7 +2550,7 @@
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by ClamAV $as_me 0.103.7, which was
+It was created by ClamAV $as_me 0.103.8, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -4308,7 +4308,7 @@
 
 # Define the identity of the package.
  PACKAGE='clamav'
- VERSION='0.103.7'
+ VERSION='0.103.8'
 
 
 # Some tools Automake needs.
@@ -6036,7 +6036,7 @@
 $as_echo "#define PACKAGE PACKAGE_NAME" >>confdefs.h
 
 
-VERSION="0.103.7"
+VERSION="0.103.8"
 
 major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/^0-9//g"`
 minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/^0-9//g"`
@@ -31896,7 +31896,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by ClamAV $as_me 0.103.7, which was
+This file was extended by ClamAV $as_me 0.103.8, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -31963,7 +31963,7 @@
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-ClamAV config.status 0.103.7
+ClamAV config.status 0.103.8
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
@@ -34813,7 +34813,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by ClamAV $as_me 0.103.7, which was
+This file was extended by ClamAV $as_me 0.103.8, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -34880,7 +34880,7 @@
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-ClamAV config.status 0.103.7
+ClamAV config.status 0.103.8
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff -Nru clamav-0.103.7+dfsg/configure.ac clamav-0.103.8+dfsg/configure.ac
--- clamav-0.103.7+dfsg/configure.ac	2022-08-14 21:27:54.000000000 +0200
+++ clamav-0.103.8+dfsg/configure.ac	2023-02-17 21:22:49.000000000 +0100
@@ -22,7 +22,7 @@
 
 dnl For a release change [devel] to the real version [0.xy]
 dnl also change VERSION below
-AC_INIT([ClamAV], [0.103.7], [https://github.com/Cisco-Talos/clamav/issues], [clamav], [https://www.clamav.net/])
+AC_INIT([ClamAV], [0.103.8], [https://github.com/Cisco-Talos/clamav/issues], [clamav], [https://www.clamav.net/])
 
 dnl put configure auxiliary into config
 AC_CONFIG_AUX_DIR([config])
diff -Nru clamav-0.103.7+dfsg/debian/changelog clamav-0.103.8+dfsg/debian/changelog
--- clamav-0.103.7+dfsg/debian/changelog	2022-08-21 21:28:52.000000000 +0200
+++ clamav-0.103.8+dfsg/debian/changelog	2023-02-17 21:43:57.000000000 +0100
@@ -1,3 +1,11 @@
+clamav (0.103.8+dfsg-0+deb11u1) bullseye; urgency=medium
+
+  * Import 0.103.8 (Closes: #1031509)
+    - CVE-2023-20032 (Possible RCE in the HFS+ file parser).
+    - CVE-2023-20052 (Possible information leak in the DMG file parser).
+
+ -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc>  Fri, 17 Feb 2023 21:43:57 +0100
+
 clamav (0.103.7+dfsg-0+deb11u1) bullseye; urgency=medium
 
   * Import 0.103.7
diff -Nru clamav-0.103.7+dfsg/debian/.git-dpm clamav-0.103.8+dfsg/debian/.git-dpm
--- clamav-0.103.7+dfsg/debian/.git-dpm	2022-08-21 21:28:52.000000000 +0200
+++ clamav-0.103.8+dfsg/debian/.git-dpm	2023-02-17 21:38:36.000000000 +0100
@@ -1,8 +1,8 @@
 # see git-dpm(1) from git-dpm package
-f2466c7aaf6e140ea150e0f219c86594f3bc04cb
-f2466c7aaf6e140ea150e0f219c86594f3bc04cb
-d1ea680af611ee417616ec3d8615a0e67a495795
-d1ea680af611ee417616ec3d8615a0e67a495795
-clamav_0.103.7+dfsg.orig.tar.xz
-f0708e3df3a432def23c384d28fb3a4628efcfd5
-7136624
+737c42d017cec50f0b64e8a5fb52ed2fe07d0d3b
+737c42d017cec50f0b64e8a5fb52ed2fe07d0d3b
+cf70fa22ae142444ba8e34594b2c29f69a65c1e4
+cf70fa22ae142444ba8e34594b2c29f69a65c1e4
+clamav_0.103.8+dfsg.orig.tar.xz
+23abb9015972460c9ead147ed691e46e857ca1a3
+7130804
diff -Nru clamav-0.103.7+dfsg/debian/libclamav9.symbols clamav-0.103.8+dfsg/debian/libclamav9.symbols
--- clamav-0.103.7+dfsg/debian/libclamav9.symbols	2022-08-21 21:28:52.000000000 +0200
+++ clamav-0.103.8+dfsg/debian/libclamav9.symbols	2023-02-17 21:38:36.000000000 +0100
@@ -1,20 +1,20 @@
 libclamav.so.9 libclamav9 #MINVER#
 * Build-Depends-Package: libclamav-dev
- CLAMAV_PRIVATE@CLAMAV_PRIVATE 0.103.7
+ CLAMAV_PRIVATE@CLAMAV_PRIVATE 0.103.8
  CLAMAV_PUBLIC@CLAMAV_PUBLIC 0.101.0
- __cli_strcasestr@CLAMAV_PRIVATE 0.103.7
- __cli_strndup@CLAMAV_PRIVATE 0.103.7
- __cli_strnlen@CLAMAV_PRIVATE 0.103.7
- __cli_strnstr@CLAMAV_PRIVATE 0.103.7
- base64Flush@CLAMAV_PRIVATE 0.103.7
- blobAddData@CLAMAV_PRIVATE 0.103.7
- blobCreate@CLAMAV_PRIVATE 0.103.7
- blobDestroy@CLAMAV_PRIVATE 0.103.7
- cl_ASN1_GetTimeT@CLAMAV_PRIVATE 0.103.7
+ __cli_strcasestr@CLAMAV_PRIVATE 0.103.8
+ __cli_strndup@CLAMAV_PRIVATE 0.103.8
+ __cli_strnlen@CLAMAV_PRIVATE 0.103.8
+ __cli_strnstr@CLAMAV_PRIVATE 0.103.8
+ base64Flush@CLAMAV_PRIVATE 0.103.8
+ blobAddData@CLAMAV_PRIVATE 0.103.8
+ blobCreate@CLAMAV_PRIVATE 0.103.8
+ blobDestroy@CLAMAV_PRIVATE 0.103.8
+ cl_ASN1_GetTimeT@CLAMAV_PRIVATE 0.103.8
  cl_always_gen_section_hash@CLAMAV_PUBLIC 0.101.0
- cl_base64_decode@CLAMAV_PRIVATE 0.103.7
- cl_base64_encode@CLAMAV_PRIVATE 0.103.7
- cl_cleanup_crypto@CLAMAV_PRIVATE 0.103.7
+ cl_base64_decode@CLAMAV_PRIVATE 0.103.8
+ cl_base64_encode@CLAMAV_PRIVATE 0.103.8
+ cl_cleanup_crypto@CLAMAV_PRIVATE 0.103.8
  cl_countsigs@CLAMAV_PUBLIC 0.101.0
  cl_cvdfree@CLAMAV_PUBLIC 0.101.0
  cl_cvdhead@CLAMAV_PUBLIC 0.101.0
@@ -54,21 +54,21 @@
  cl_fmap_close@CLAMAV_PUBLIC 0.101.0
  cl_fmap_open_handle@CLAMAV_PUBLIC 0.101.0
  cl_fmap_open_memory@CLAMAV_PUBLIC 0.101.0
- cl_get_pkey_file@CLAMAV_PRIVATE 0.103.7
- cl_get_x509_from_mem@CLAMAV_PRIVATE 0.103.7
- cl_hash_data@CLAMAV_PRIVATE 0.103.7
+ cl_get_pkey_file@CLAMAV_PRIVATE 0.103.8
+ cl_get_x509_from_mem@CLAMAV_PRIVATE 0.103.8
+ cl_hash_data@CLAMAV_PRIVATE 0.103.8
  cl_hash_destroy@CLAMAV_PUBLIC 0.101.0
- cl_hash_file_fd@CLAMAV_PRIVATE 0.103.7
- cl_hash_file_fd_ctx@CLAMAV_PRIVATE 0.103.7
- cl_hash_file_fp@CLAMAV_PRIVATE 0.103.7
+ cl_hash_file_fd@CLAMAV_PRIVATE 0.103.8
+ cl_hash_file_fd_ctx@CLAMAV_PRIVATE 0.103.8
+ cl_hash_file_fp@CLAMAV_PRIVATE 0.103.8
  cl_hash_init@CLAMAV_PUBLIC 0.101.0
  cl_init@CLAMAV_PUBLIC 0.101.0
- cl_initialize_crypto@CLAMAV_PRIVATE 0.103.7
+ cl_initialize_crypto@CLAMAV_PRIVATE 0.103.8
  cl_load@CLAMAV_PUBLIC 0.101.0
- cl_load_cert@CLAMAV_PRIVATE 0.103.7
- cl_load_crl@CLAMAV_PRIVATE 0.103.7
+ cl_load_cert@CLAMAV_PRIVATE 0.103.8
+ cl_load_crl@CLAMAV_PRIVATE 0.103.8
  cl_retdbdir@CLAMAV_PUBLIC 0.101.0
- cl_retflevel@CLAMAV_PUBLIC 0.103.7
+ cl_retflevel@CLAMAV_PUBLIC 0.103.8
  cl_retver@CLAMAV_PUBLIC 0.101.0
  cl_scandesc@CLAMAV_PUBLIC 0.101.0
  cl_scandesc_callback@CLAMAV_PUBLIC 0.101.0
@@ -76,196 +76,196 @@
  cl_scanfile_callback@CLAMAV_PUBLIC 0.101.0
  cl_scanmap_callback@CLAMAV_PUBLIC 0.101.0
  cl_set_clcb_msg@CLAMAV_PUBLIC 0.101.0
- cl_sha1@CLAMAV_PRIVATE 0.103.7
- cl_sha256@CLAMAV_PRIVATE 0.103.7
- cl_sign_data@CLAMAV_PRIVATE 0.103.7
- cl_sign_data_keyfile@CLAMAV_PRIVATE 0.103.7
- cl_sign_file_fd@CLAMAV_PRIVATE 0.103.7
- cl_sign_file_fp@CLAMAV_PRIVATE 0.103.7
+ cl_sha1@CLAMAV_PRIVATE 0.103.8
+ cl_sha256@CLAMAV_PRIVATE 0.103.8
+ cl_sign_data@CLAMAV_PRIVATE 0.103.8
+ cl_sign_data_keyfile@CLAMAV_PRIVATE 0.103.8
+ cl_sign_file_fd@CLAMAV_PRIVATE 0.103.8
+ cl_sign_file_fp@CLAMAV_PRIVATE 0.103.8
  cl_statchkdir@CLAMAV_PUBLIC 0.101.0
  cl_statfree@CLAMAV_PUBLIC 0.101.0
  cl_statinidir@CLAMAV_PUBLIC 0.101.0
  cl_strerror@CLAMAV_PUBLIC 0.101.0
  cl_update_hash@CLAMAV_PUBLIC 0.101.0
- cl_validate_certificate_chain@CLAMAV_PRIVATE 0.103.7
- cl_validate_certificate_chain_ts_dir@CLAMAV_PRIVATE 0.103.7
- cl_verify_signature@CLAMAV_PRIVATE 0.103.7
- cl_verify_signature_fd@CLAMAV_PRIVATE 0.103.7
- cl_verify_signature_fd_x509@CLAMAV_PRIVATE 0.103.7
- cl_verify_signature_fd_x509_keyfile@CLAMAV_PRIVATE 0.103.7
- cl_verify_signature_hash@CLAMAV_PRIVATE 0.103.7
- cl_verify_signature_hash_x509@CLAMAV_PRIVATE 0.103.7
- cl_verify_signature_hash_x509_keyfile@CLAMAV_PRIVATE 0.103.7
- cl_verify_signature_x509@CLAMAV_PRIVATE 0.103.7
- cl_verify_signature_x509_keyfile@CLAMAV_PRIVATE 0.103.7
- cli_ac_buildtrie@CLAMAV_PRIVATE 0.103.7
- cli_ac_chklsig@CLAMAV_PRIVATE 0.103.7
- cli_ac_free@CLAMAV_PRIVATE 0.103.7
- cli_ac_freedata@CLAMAV_PRIVATE 0.103.7
- cli_ac_init@CLAMAV_PRIVATE 0.103.7
- cli_ac_initdata@CLAMAV_PRIVATE 0.103.7
- cli_ac_scanbuff@CLAMAV_PRIVATE 0.103.7
- cli_basename@CLAMAV_PRIVATE 0.103.7
- cli_bm_free@CLAMAV_PRIVATE 0.103.7
- cli_bm_init@CLAMAV_PRIVATE 0.103.7
- cli_bm_scanbuff@CLAMAV_PRIVATE 0.103.7
- cli_build_regex_list@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_context_alloc@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_context_clear@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_context_destroy@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_context_getresult_int@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_context_set_trace@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_context_setfile@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_context_setfuncid@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_context_setparam_int@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_context_setparam_ptr@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_debug@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_debug_printsrc@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_describe@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_destroy@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_done@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_init@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_load@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_prepare2@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_printversion@CLAMAV_PRIVATE 0.103.7
- cli_bytecode_run@CLAMAV_PRIVATE 0.103.7
- cli_bytefunc_describe@CLAMAV_PRIVATE 0.103.7
- cli_byteinst_describe@CLAMAV_PRIVATE 0.103.7
- cli_bytetype_describe@CLAMAV_PRIVATE 0.103.7
- cli_bytevalue_describe@CLAMAV_PRIVATE 0.103.7
- cli_calloc@CLAMAV_PRIVATE 0.103.7
- cli_check_auth_header@CLAMAV_PRIVATE 0.103.7
- cli_chomp@CLAMAV_PRIVATE 0.103.7
- cli_codepage_to_utf8@CLAMAV_PRIVATE 0.103.7
- cli_ctime@CLAMAV_PRIVATE 0.103.7
- cli_cvdunpack@CLAMAV_PRIVATE 0.103.7
- cli_dbgmsg_internal@CLAMAV_PRIVATE 0.103.7
- cli_dconf_init@CLAMAV_PRIVATE 0.103.7
- cli_debug_flag@CLAMAV_PRIVATE 0.103.7
- cli_detect_environment@CLAMAV_PRIVATE 0.103.7
- cli_disasm_one@CLAMAV_PRIVATE 0.103.7
- cli_errmsg@CLAMAV_PRIVATE 0.103.7
- cli_filecopy@CLAMAV_PRIVATE 0.103.7
- cli_free_vba_project@CLAMAV_PRIVATE 0.103.7
- cli_ftw@CLAMAV_PRIVATE 0.103.7
- cli_genhash_pe@CLAMAV_PRIVATE 0.103.7
- cli_gentemp@CLAMAV_PRIVATE 0.103.7
- cli_gentemp_with_prefix@CLAMAV_PRIVATE 0.103.7
- cli_gentempfd@CLAMAV_PRIVATE 0.103.7
- cli_get_filepath_from_filedesc@CLAMAV_PRIVATE 0.103.7
- cli_gettmpdir@CLAMAV_PRIVATE 0.103.7
- cli_hashfile@CLAMAV_PRIVATE 0.103.7
- cli_hashset_destroy@CLAMAV_PRIVATE 0.103.7
- cli_hashstream@CLAMAV_PRIVATE 0.103.7
- cli_hex2str@CLAMAV_PRIVATE 0.103.7
- cli_hex2ui@CLAMAV_PRIVATE 0.103.7
- cli_initroots@CLAMAV_PRIVATE 0.103.7
- cli_isnumber@CLAMAV_PRIVATE 0.103.7
- cli_js_destroy@CLAMAV_PRIVATE 0.103.7
- cli_js_init@CLAMAV_PRIVATE 0.103.7
- cli_js_output@CLAMAV_PRIVATE 0.103.7
- cli_js_parse_done@CLAMAV_PRIVATE 0.103.7
- cli_js_process_buffer@CLAMAV_PRIVATE 0.103.7
- cli_ldbtokenize@CLAMAV_PRIVATE 0.103.7
- cli_malloc@CLAMAV_PRIVATE 0.103.7
- cli_memstr@CLAMAV_PRIVATE 0.103.7
- cli_ole2_extract@CLAMAV_PRIVATE 0.103.7
- cli_parse_add@CLAMAV_PRIVATE 0.103.7
- cli_pcre_build@CLAMAV_PRIVATE 0.103.7
- cli_pcre_freeoff@CLAMAV_PRIVATE 0.103.7
- cli_pcre_init@CLAMAV_PRIVATE 0.103.7
- cli_pcre_perf_events_destroy@CLAMAV_PRIVATE 0.103.7
- cli_pcre_perf_print@CLAMAV_PRIVATE 0.103.7
- cli_pcre_recaloff@CLAMAV_PRIVATE 0.103.7
- cli_pcre_scanbuf@CLAMAV_PRIVATE 0.103.7
- cli_ppt_vba_read@CLAMAV_PRIVATE 0.103.7
- cli_printcxxver@CLAMAV_PRIVATE 0.103.7
- cli_readn@CLAMAV_PRIVATE 0.103.7
- cli_realloc@CLAMAV_PRIVATE 0.103.7
- cli_realpath@CLAMAV_PRIVATE 0.103.7
- cli_regcomp@CLAMAV_PRIVATE 0.103.7
- cli_regex2suffix@CLAMAV_PRIVATE 0.103.7
- cli_regexec@CLAMAV_PRIVATE 0.103.7
- cli_regfree@CLAMAV_PRIVATE 0.103.7
- cli_rmdirs@CLAMAV_PRIVATE 0.103.7
- cli_rndnum@CLAMAV_PRIVATE 0.103.7
- cli_sanitize_filepath@CLAMAV_PRIVATE 0.103.7
- cli_scan_buff@CLAMAV_PRIVATE 0.103.7
- cli_scan_fmap@CLAMAV_PRIVATE 0.103.7
- cli_sigopts_handler@CLAMAV_PRIVATE 0.103.7
- cli_sigperf_events_destroy@CLAMAV_PRIVATE 0.103.7
- cli_sigperf_print@CLAMAV_PRIVATE 0.103.7
- cli_str2hex@CLAMAV_PRIVATE 0.103.7
- cli_strbcasestr@CLAMAV_PRIVATE 0.103.7
- cli_strdup@CLAMAV_PRIVATE 0.103.7
- cli_strerror@CLAMAV_PRIVATE 0.103.7
- cli_strlcat@CLAMAV_PRIVATE 0.103.7
- cli_strlcpy@CLAMAV_PRIVATE 0.103.7
- cli_strntoul@CLAMAV_PRIVATE 0.103.7
- cli_strrcpy@CLAMAV_PRIVATE 0.103.7
- cli_strtok@CLAMAV_PRIVATE 0.103.7
- cli_strtokbuf@CLAMAV_PRIVATE 0.103.7
- cli_strtokenize@CLAMAV_PRIVATE 0.103.7
- cli_textbuffer_append_normalize@CLAMAV_PRIVATE 0.103.7
- cli_unescape@CLAMAV_PRIVATE 0.103.7
- cli_unlink@CLAMAV_PRIVATE 0.103.7
- cli_url_canon@CLAMAV_PRIVATE 0.103.7
- cli_utf16_to_utf8@CLAMAV_PRIVATE 0.103.7
- cli_utf16toascii@CLAMAV_PRIVATE 0.103.7
- cli_vba_inflate@CLAMAV_PRIVATE 0.103.7
- cli_vba_readdir@CLAMAV_PRIVATE 0.103.7
- cli_versig2@CLAMAV_PRIVATE 0.103.7
- cli_versig@CLAMAV_PRIVATE 0.103.7
- cli_warnmsg@CLAMAV_PRIVATE 0.103.7
- cli_wm_decrypt_macro@CLAMAV_PRIVATE 0.103.7
- cli_wm_readdir@CLAMAV_PRIVATE 0.103.7
- cli_writen@CLAMAV_PRIVATE 0.103.7
- decodeLine@CLAMAV_PRIVATE 0.103.7
- disasmbuf@CLAMAV_PRIVATE 0.103.7
- fmap@CLAMAV_PRIVATE 0.103.7
- fmap_dump_to_file@CLAMAV_PRIVATE 0.103.7
- fmap_duplicate@CLAMAV_PRIVATE 0.103.7
- free_duplicate_fmap@CLAMAV_PRIVATE 0.103.7
- get_fpu_endian@CLAMAV_PRIVATE 0.103.7
- have_clamjit@CLAMAV_PRIVATE 0.103.7
- have_rar@CLAMAV_PRIVATE 0.103.7
- html_normalise_map@CLAMAV_PRIVATE 0.103.7
- html_normalise_mem@CLAMAV_PRIVATE 0.103.7
- html_screnc_decode@CLAMAV_PRIVATE 0.103.7
- html_tag_arg_free@CLAMAV_PRIVATE 0.103.7
- init_domainlist@CLAMAV_PRIVATE 0.103.7
- init_regex_list@CLAMAV_PRIVATE 0.103.7
- init_whitelist@CLAMAV_PRIVATE 0.103.7
- is_regex_ok@CLAMAV_PRIVATE 0.103.7
- load_regex_matcher@CLAMAV_PRIVATE 0.103.7
+ cl_validate_certificate_chain@CLAMAV_PRIVATE 0.103.8
+ cl_validate_certificate_chain_ts_dir@CLAMAV_PRIVATE 0.103.8
+ cl_verify_signature@CLAMAV_PRIVATE 0.103.8
+ cl_verify_signature_fd@CLAMAV_PRIVATE 0.103.8
+ cl_verify_signature_fd_x509@CLAMAV_PRIVATE 0.103.8
+ cl_verify_signature_fd_x509_keyfile@CLAMAV_PRIVATE 0.103.8
+ cl_verify_signature_hash@CLAMAV_PRIVATE 0.103.8
+ cl_verify_signature_hash_x509@CLAMAV_PRIVATE 0.103.8
+ cl_verify_signature_hash_x509_keyfile@CLAMAV_PRIVATE 0.103.8
+ cl_verify_signature_x509@CLAMAV_PRIVATE 0.103.8
+ cl_verify_signature_x509_keyfile@CLAMAV_PRIVATE 0.103.8
+ cli_ac_buildtrie@CLAMAV_PRIVATE 0.103.8
+ cli_ac_chklsig@CLAMAV_PRIVATE 0.103.8
+ cli_ac_free@CLAMAV_PRIVATE 0.103.8
+ cli_ac_freedata@CLAMAV_PRIVATE 0.103.8
+ cli_ac_init@CLAMAV_PRIVATE 0.103.8
+ cli_ac_initdata@CLAMAV_PRIVATE 0.103.8
+ cli_ac_scanbuff@CLAMAV_PRIVATE 0.103.8
+ cli_basename@CLAMAV_PRIVATE 0.103.8
+ cli_bm_free@CLAMAV_PRIVATE 0.103.8
+ cli_bm_init@CLAMAV_PRIVATE 0.103.8
+ cli_bm_scanbuff@CLAMAV_PRIVATE 0.103.8
+ cli_build_regex_list@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_context_alloc@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_context_clear@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_context_destroy@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_context_getresult_int@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_context_set_trace@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_context_setfile@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_context_setfuncid@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_context_setparam_int@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_context_setparam_ptr@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_debug@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_debug_printsrc@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_describe@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_destroy@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_done@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_init@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_load@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_prepare2@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_printversion@CLAMAV_PRIVATE 0.103.8
+ cli_bytecode_run@CLAMAV_PRIVATE 0.103.8
+ cli_bytefunc_describe@CLAMAV_PRIVATE 0.103.8
+ cli_byteinst_describe@CLAMAV_PRIVATE 0.103.8
+ cli_bytetype_describe@CLAMAV_PRIVATE 0.103.8
+ cli_bytevalue_describe@CLAMAV_PRIVATE 0.103.8
+ cli_calloc@CLAMAV_PRIVATE 0.103.8
+ cli_check_auth_header@CLAMAV_PRIVATE 0.103.8
+ cli_chomp@CLAMAV_PRIVATE 0.103.8
+ cli_codepage_to_utf8@CLAMAV_PRIVATE 0.103.8
+ cli_ctime@CLAMAV_PRIVATE 0.103.8
+ cli_cvdunpack@CLAMAV_PRIVATE 0.103.8
+ cli_dbgmsg_internal@CLAMAV_PRIVATE 0.103.8
+ cli_dconf_init@CLAMAV_PRIVATE 0.103.8
+ cli_debug_flag@CLAMAV_PRIVATE 0.103.8
+ cli_detect_environment@CLAMAV_PRIVATE 0.103.8
+ cli_disasm_one@CLAMAV_PRIVATE 0.103.8
+ cli_errmsg@CLAMAV_PRIVATE 0.103.8
+ cli_filecopy@CLAMAV_PRIVATE 0.103.8
+ cli_free_vba_project@CLAMAV_PRIVATE 0.103.8
+ cli_ftw@CLAMAV_PRIVATE 0.103.8
+ cli_genhash_pe@CLAMAV_PRIVATE 0.103.8
+ cli_gentemp@CLAMAV_PRIVATE 0.103.8
+ cli_gentemp_with_prefix@CLAMAV_PRIVATE 0.103.8
+ cli_gentempfd@CLAMAV_PRIVATE 0.103.8
+ cli_get_filepath_from_filedesc@CLAMAV_PRIVATE 0.103.8
+ cli_gettmpdir@CLAMAV_PRIVATE 0.103.8
+ cli_hashfile@CLAMAV_PRIVATE 0.103.8
+ cli_hashset_destroy@CLAMAV_PRIVATE 0.103.8
+ cli_hashstream@CLAMAV_PRIVATE 0.103.8
+ cli_hex2str@CLAMAV_PRIVATE 0.103.8
+ cli_hex2ui@CLAMAV_PRIVATE 0.103.8
+ cli_initroots@CLAMAV_PRIVATE 0.103.8
+ cli_isnumber@CLAMAV_PRIVATE 0.103.8
+ cli_js_destroy@CLAMAV_PRIVATE 0.103.8
+ cli_js_init@CLAMAV_PRIVATE 0.103.8
+ cli_js_output@CLAMAV_PRIVATE 0.103.8
+ cli_js_parse_done@CLAMAV_PRIVATE 0.103.8
+ cli_js_process_buffer@CLAMAV_PRIVATE 0.103.8
+ cli_ldbtokenize@CLAMAV_PRIVATE 0.103.8
+ cli_malloc@CLAMAV_PRIVATE 0.103.8
+ cli_memstr@CLAMAV_PRIVATE 0.103.8
+ cli_ole2_extract@CLAMAV_PRIVATE 0.103.8
+ cli_parse_add@CLAMAV_PRIVATE 0.103.8
+ cli_pcre_build@CLAMAV_PRIVATE 0.103.8
+ cli_pcre_freeoff@CLAMAV_PRIVATE 0.103.8
+ cli_pcre_init@CLAMAV_PRIVATE 0.103.8
+ cli_pcre_perf_events_destroy@CLAMAV_PRIVATE 0.103.8
+ cli_pcre_perf_print@CLAMAV_PRIVATE 0.103.8
+ cli_pcre_recaloff@CLAMAV_PRIVATE 0.103.8
+ cli_pcre_scanbuf@CLAMAV_PRIVATE 0.103.8
+ cli_ppt_vba_read@CLAMAV_PRIVATE 0.103.8
+ cli_printcxxver@CLAMAV_PRIVATE 0.103.8
+ cli_readn@CLAMAV_PRIVATE 0.103.8
+ cli_realloc@CLAMAV_PRIVATE 0.103.8
+ cli_realpath@CLAMAV_PRIVATE 0.103.8
+ cli_regcomp@CLAMAV_PRIVATE 0.103.8
+ cli_regex2suffix@CLAMAV_PRIVATE 0.103.8
+ cli_regexec@CLAMAV_PRIVATE 0.103.8
+ cli_regfree@CLAMAV_PRIVATE 0.103.8
+ cli_rmdirs@CLAMAV_PRIVATE 0.103.8
+ cli_rndnum@CLAMAV_PRIVATE 0.103.8
+ cli_sanitize_filepath@CLAMAV_PRIVATE 0.103.8
+ cli_scan_buff@CLAMAV_PRIVATE 0.103.8
+ cli_scan_fmap@CLAMAV_PRIVATE 0.103.8
+ cli_sigopts_handler@CLAMAV_PRIVATE 0.103.8
+ cli_sigperf_events_destroy@CLAMAV_PRIVATE 0.103.8
+ cli_sigperf_print@CLAMAV_PRIVATE 0.103.8
+ cli_str2hex@CLAMAV_PRIVATE 0.103.8
+ cli_strbcasestr@CLAMAV_PRIVATE 0.103.8
+ cli_strdup@CLAMAV_PRIVATE 0.103.8
+ cli_strerror@CLAMAV_PRIVATE 0.103.8
+ cli_strlcat@CLAMAV_PRIVATE 0.103.8
+ cli_strlcpy@CLAMAV_PRIVATE 0.103.8
+ cli_strntoul@CLAMAV_PRIVATE 0.103.8
+ cli_strrcpy@CLAMAV_PRIVATE 0.103.8
+ cli_strtok@CLAMAV_PRIVATE 0.103.8
+ cli_strtokbuf@CLAMAV_PRIVATE 0.103.8
+ cli_strtokenize@CLAMAV_PRIVATE 0.103.8
+ cli_textbuffer_append_normalize@CLAMAV_PRIVATE 0.103.8
+ cli_unescape@CLAMAV_PRIVATE 0.103.8
+ cli_unlink@CLAMAV_PRIVATE 0.103.8
+ cli_url_canon@CLAMAV_PRIVATE 0.103.8
+ cli_utf16_to_utf8@CLAMAV_PRIVATE 0.103.8
+ cli_utf16toascii@CLAMAV_PRIVATE 0.103.8
+ cli_vba_inflate@CLAMAV_PRIVATE 0.103.8
+ cli_vba_readdir@CLAMAV_PRIVATE 0.103.8
+ cli_versig2@CLAMAV_PRIVATE 0.103.8
+ cli_versig@CLAMAV_PRIVATE 0.103.8
+ cli_warnmsg@CLAMAV_PRIVATE 0.103.8
+ cli_wm_decrypt_macro@CLAMAV_PRIVATE 0.103.8
+ cli_wm_readdir@CLAMAV_PRIVATE 0.103.8
+ cli_writen@CLAMAV_PRIVATE 0.103.8
+ decodeLine@CLAMAV_PRIVATE 0.103.8
+ disasmbuf@CLAMAV_PRIVATE 0.103.8
+ fmap@CLAMAV_PRIVATE 0.103.8
+ fmap_dump_to_file@CLAMAV_PRIVATE 0.103.8
+ fmap_duplicate@CLAMAV_PRIVATE 0.103.8
+ free_duplicate_fmap@CLAMAV_PRIVATE 0.103.8
+ get_fpu_endian@CLAMAV_PRIVATE 0.103.8
+ have_clamjit@CLAMAV_PRIVATE 0.103.8
+ have_rar@CLAMAV_PRIVATE 0.103.8
+ html_normalise_map@CLAMAV_PRIVATE 0.103.8
+ html_normalise_mem@CLAMAV_PRIVATE 0.103.8
+ html_screnc_decode@CLAMAV_PRIVATE 0.103.8
+ html_tag_arg_free@CLAMAV_PRIVATE 0.103.8
+ init_domainlist@CLAMAV_PRIVATE 0.103.8
+ init_regex_list@CLAMAV_PRIVATE 0.103.8
+ init_whitelist@CLAMAV_PRIVATE 0.103.8
+ is_regex_ok@CLAMAV_PRIVATE 0.103.8
+ load_regex_matcher@CLAMAV_PRIVATE 0.103.8
  lsig_sub_matched@CLAMAV_PUBLIC 0.101.0
- messageCreate@CLAMAV_PRIVATE 0.103.7
- messageDestroy@CLAMAV_PRIVATE 0.103.7
- mpool_calloc@CLAMAV_PRIVATE 0.103.7
- mpool_create@CLAMAV_PRIVATE 0.103.7
- mpool_destroy@CLAMAV_PRIVATE 0.103.7
- mpool_free@CLAMAV_PRIVATE 0.103.7
- mpool_getstats@CLAMAV_PRIVATE 0.103.7
- phishingScan@CLAMAV_PRIVATE 0.103.7
- phishing_done@CLAMAV_PRIVATE 0.103.7
- phishing_init@CLAMAV_PRIVATE 0.103.7
- regex_list_add_pattern@CLAMAV_PRIVATE 0.103.7
- regex_list_done@CLAMAV_PRIVATE 0.103.7
- regex_list_match@CLAMAV_PRIVATE 0.103.7
- tableCreate@CLAMAV_PRIVATE 0.103.7
- tableDestroy@CLAMAV_PRIVATE 0.103.7
- tableFind@CLAMAV_PRIVATE 0.103.7
- tableInsert@CLAMAV_PRIVATE 0.103.7
- tableIterate@CLAMAV_PRIVATE 0.103.7
- tableRemove@CLAMAV_PRIVATE 0.103.7
- tableUpdate@CLAMAV_PRIVATE 0.103.7
- text_normalize_init@CLAMAV_PRIVATE 0.103.7
- text_normalize_map@CLAMAV_PRIVATE 0.103.7
- text_normalize_reset@CLAMAV_PRIVATE 0.103.7
- uniq_add@CLAMAV_PRIVATE 0.103.7
- uniq_free@CLAMAV_PRIVATE 0.103.7
- uniq_get@CLAMAV_PRIVATE 0.103.7
- uniq_init@CLAMAV_PRIVATE 0.103.7
+ messageCreate@CLAMAV_PRIVATE 0.103.8
+ messageDestroy@CLAMAV_PRIVATE 0.103.8
+ mpool_calloc@CLAMAV_PRIVATE 0.103.8
+ mpool_create@CLAMAV_PRIVATE 0.103.8
+ mpool_destroy@CLAMAV_PRIVATE 0.103.8
+ mpool_free@CLAMAV_PRIVATE 0.103.8
+ mpool_getstats@CLAMAV_PRIVATE 0.103.8
+ phishingScan@CLAMAV_PRIVATE 0.103.8
+ phishing_done@CLAMAV_PRIVATE 0.103.8
+ phishing_init@CLAMAV_PRIVATE 0.103.8
+ regex_list_add_pattern@CLAMAV_PRIVATE 0.103.8
+ regex_list_done@CLAMAV_PRIVATE 0.103.8
+ regex_list_match@CLAMAV_PRIVATE 0.103.8
+ tableCreate@CLAMAV_PRIVATE 0.103.8
+ tableDestroy@CLAMAV_PRIVATE 0.103.8
+ tableFind@CLAMAV_PRIVATE 0.103.8
+ tableInsert@CLAMAV_PRIVATE 0.103.8
+ tableIterate@CLAMAV_PRIVATE 0.103.8
+ tableRemove@CLAMAV_PRIVATE 0.103.8
+ tableUpdate@CLAMAV_PRIVATE 0.103.8
+ text_normalize_init@CLAMAV_PRIVATE 0.103.8
+ text_normalize_map@CLAMAV_PRIVATE 0.103.8
+ text_normalize_reset@CLAMAV_PRIVATE 0.103.8
+ uniq_add@CLAMAV_PRIVATE 0.103.8
+ uniq_free@CLAMAV_PRIVATE 0.103.8
+ uniq_get@CLAMAV_PRIVATE 0.103.8
+ uniq_init@CLAMAV_PRIVATE 0.103.8
 libfreshclam.so.2 libclamav9 #MINVER#
  FRESHCLAM_PRIVATE@FRESHCLAM_PRIVATE 0.103.0
  FRESHCLAM_PUBLIC@FRESHCLAM_PUBLIC 0.102.1
diff -Nru clamav-0.103.7+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch clamav-0.103.8+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch
--- clamav-0.103.7+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch	2022-08-21 21:28:52.000000000 +0200
+++ clamav-0.103.8+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch	2023-02-17 21:38:36.000000000 +0100
@@ -1,4 +1,4 @@
-From 37bc5a950e181590ad7bdf2f82ae898ab221ce22 Mon Sep 17 00:00:00 2001
+From bda0d92f0163184b876c871cc820287008e700cd Mon Sep 17 00:00:00 2001
 From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
 Date: Fri, 14 Oct 2016 20:24:39 +0200
 Subject: Add support for LLVM 3.7
diff -Nru clamav-0.103.7+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch clamav-0.103.8+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch
--- clamav-0.103.7+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch	2022-08-21 21:28:52.000000000 +0200
+++ clamav-0.103.8+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch	2023-02-17 21:38:36.000000000 +0100
@@ -1,4 +1,4 @@
-From d31322fab1bcab1cbfbff067d60fbafd366754f0 Mon Sep 17 00:00:00 2001
+From b01e55ace32e1a277474484fd52421abc6d9e9ae Mon Sep 17 00:00:00 2001
 From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
 Date: Fri, 14 Oct 2016 20:24:48 +0200
 Subject: Add support for LLVM 3.8
diff -Nru clamav-0.103.7+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch clamav-0.103.8+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch
--- clamav-0.103.7+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch	2022-08-21 21:28:52.000000000 +0200
+++ clamav-0.103.8+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch	2023-02-17 21:38:36.000000000 +0100
@@ -1,4 +1,4 @@
-From f2466c7aaf6e140ea150e0f219c86594f3bc04cb Mon Sep 17 00:00:00 2001
+From 737c42d017cec50f0b64e8a5fb52ed2fe07d0d3b Mon Sep 17 00:00:00 2001
 From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
 Date: Fri, 14 Oct 2016 20:24:56 +0200
 Subject: Add support for LLVM 3.9
diff -Nru clamav-0.103.7+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch clamav-0.103.8+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch
--- clamav-0.103.7+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch	2022-08-21 21:28:52.000000000 +0200
+++ clamav-0.103.8+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch	2023-02-17 21:38:36.000000000 +0100
@@ -1,4 +1,4 @@
-From 39d775fad03362db330857fef23678f2c4d4c389 Mon Sep 17 00:00:00 2001
+From 3a2b8ec025296535f97018da2afdaef08812ce9b Mon Sep 17 00:00:00 2001
 From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com>
 Date: Wed, 11 Mar 2015 20:03:15 +0100
 Subject: add support for system tomsfastmath
@@ -14,7 +14,7 @@
  create mode 100644 m4/reorganization/libs/tomsfastmath.m4
 
 diff --git a/configure.ac b/configure.ac
-index f58e4eb..561c4f9 100644
+index a5400a7..d8cd587 100644
 --- a/configure.ac
 +++ b/configure.ac
 @@ -98,6 +98,7 @@ m4_include([m4/reorganization/libs/libmspack.m4])
diff -Nru clamav-0.103.7+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch clamav-0.103.8+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch
--- clamav-0.103.7+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch	2022-08-21 21:28:52.000000000 +0200
+++ clamav-0.103.8+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch	2023-02-17 21:38:36.000000000 +0100
@@ -1,4 +1,4 @@
-From d2848f79496bd791bd6bbd2a36ac476152d39432 Mon Sep 17 00:00:00 2001
+From c1ad6468fd95f3c645b027693c91134e44d01d40 Mon Sep 17 00:00:00 2001
 From: Scott Kitterman <sc...@kitterman.com>
 Date: Mon, 10 Mar 2014 19:20:18 -0400
 Subject: Change paths in sample conf file to match Debian
diff -Nru clamav-0.103.7+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch clamav-0.103.8+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch
--- clamav-0.103.7+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch	2022-08-21 21:28:52.000000000 +0200
+++ clamav-0.103.8+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch	2023-02-17 21:38:36.000000000 +0100
@@ -1,4 +1,4 @@
-From f3544ce92e1b0712d7fbaa6db5e868d6e79c7c0f Mon Sep 17 00:00:00 2001
+From 343dae3997771fafe2fcf8d7eb1388a04a095f21 Mon Sep 17 00:00:00 2001
 From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc>
 Date: Thu, 11 Aug 2016 21:54:10 +0200
 Subject: clamd: don't depend on clamav-demon.socket
diff -Nru clamav-0.103.7+dfsg/debian/rules clamav-0.103.8+dfsg/debian/rules
--- clamav-0.103.7+dfsg/debian/rules	2022-08-21 21:28:52.000000000 +0200
+++ clamav-0.103.8+dfsg/debian/rules	2023-02-17 21:43:57.000000000 +0100
@@ -88,7 +88,7 @@
 	  fi;\
 	done; \
 	# Check for library features which may have been upgraded.
-	if ! grep -q "CL_FLEVEL 128" libclamav/others.h ; then \
+	if ! grep -q "CL_FLEVEL 129" libclamav/others.h ; then \
 		echo "cl_retflevel needs boosting in symbol file"; \
 		touch debian/exit; \
 	fi;
diff -Nru clamav-0.103.7+dfsg/debian/watch clamav-0.103.8+dfsg/debian/watch
--- clamav-0.103.7+dfsg/debian/watch	2022-08-21 21:28:52.000000000 +0200
+++ clamav-0.103.8+dfsg/debian/watch	2023-02-17 21:38:36.000000000 +0100
@@ -1,6 +1,6 @@
 version=3
 opts="uversionmangle=s/(\d+)-*(beta|rc)/$1~$2/,dversionmangle=s/\+dfsg//,pgpsigurlmangle=s/$/.sig/" \
-https://www.clamav.net/download.html /downloads/.*/clamav-(.*).tar.gz
+https://www.clamav.net/download.html /downloads/.*/clamav-(0.103.*).tar.gz
 # repository snapshots: fallback location with larger tarballs and without signatures
 #opts="uversionmangle=s/(\d+)-*(beta|rc)/$1~$2/,dversionmangle=s/\+dfsg//" \
 #https://github.com/vrtadmin/clamav-devel/tags /vrtadmin/clamav-devel/archive/clamav-(.*)\.tar\.gz
diff -Nru clamav-0.103.7+dfsg/libclamav/bytecode_api.h clamav-0.103.8+dfsg/libclamav/bytecode_api.h
--- clamav-0.103.7+dfsg/libclamav/bytecode_api.h	2022-07-26 06:32:12.000000000 +0200
+++ clamav-0.103.8+dfsg/libclamav/bytecode_api.h	2023-02-13 01:03:33.000000000 +0100
@@ -153,6 +153,7 @@
     FUNC_LEVEL_0103_5    = 126, /**< LibClamAV release 0.103.5 */
     FUNC_LEVEL_0103_6    = 127, /**< LibClamAV release 0.103.6 */
     FUNC_LEVEL_0103_7    = 128, /**< LibClamAV release 0.103.7 */
+    FUNC_LEVEL_0103_8    = 129, /**< LibClamAV release 0.103.8 */
 };
 
 /**
diff -Nru clamav-0.103.7+dfsg/libclamav/c++/Makefile.in clamav-0.103.8+dfsg/libclamav/c++/Makefile.in
--- clamav-0.103.7+dfsg/libclamav/c++/Makefile.in	2022-07-26 06:32:32.000000000 +0200
+++ clamav-0.103.8+dfsg/libclamav/c++/Makefile.in	2023-02-13 01:03:52.000000000 +0100
@@ -5333,8 +5333,8 @@
 	@echo "This command is intended for maintainers to use"
 	@echo "it deletes files that may require special tools to rebuild."
 	-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
-@BUILD_EXTERNAL_LLVM_TRUE@clean-local:
 @BUILD_EXTERNAL_LLVM_TRUE@distclean-local:
+@BUILD_EXTERNAL_LLVM_TRUE@clean-local:
 clean: clean-am
 
 clean-am: clean-generic clean-libtool clean-local \
diff -Nru clamav-0.103.7+dfsg/libclamav/dmg.c clamav-0.103.8+dfsg/libclamav/dmg.c
--- clamav-0.103.7+dfsg/libclamav/dmg.c	2022-07-26 06:32:12.000000000 +0200
+++ clamav-0.103.8+dfsg/libclamav/dmg.c	2023-02-13 01:03:33.000000000 +0100
@@ -206,8 +206,7 @@
 /* This is the block where we require libxml2 */
 #if HAVE_LIBXML2
 
-/* XML_PARSE_NOENT | XML_PARSE_NONET | XML_PARSE_COMPACT */
-#define DMG_XML_PARSE_OPTS ((1 << 1 | 1 << 11 | 1 << 16) | CLAMAV_MIN_XMLREADER_FLAGS)
+#define DMG_XML_PARSE_OPTS ((XML_PARSE_NONET | XML_PARSE_COMPACT) | CLAMAV_MIN_XMLREADER_FLAGS)
 
     reader = xmlReaderForMemory(outdata, (int)hdr.xmlLength, "toc.xml", NULL, DMG_XML_PARSE_OPTS);
     if (!reader) {
diff -Nru clamav-0.103.7+dfsg/libclamav/hfsplus.c clamav-0.103.8+dfsg/libclamav/hfsplus.c
--- clamav-0.103.7+dfsg/libclamav/hfsplus.c	2022-07-26 06:32:12.000000000 +0200
+++ clamav-0.103.8+dfsg/libclamav/hfsplus.c	2023-02-13 01:03:33.000000000 +0100
@@ -54,7 +54,8 @@
                                    hfsPlusForkData *, const char *, char **, char *);
 static int hfsplus_validate_catalog(cli_ctx *, hfsPlusVolumeHeader *, hfsHeaderRecord *);
 static int hfsplus_fetch_node(cli_ctx *, hfsPlusVolumeHeader *, hfsHeaderRecord *,
-                              hfsHeaderRecord *, hfsPlusForkData *, uint32_t, uint8_t *);
+                              hfsHeaderRecord *, hfsPlusForkData *, uint32_t, uint8_t *,
+                              size_t);
 static cl_error_t hfsplus_walk_catalog(cli_ctx *, hfsPlusVolumeHeader *, hfsHeaderRecord *,
                                        hfsHeaderRecord *, hfsHeaderRecord *, const char *);
 
@@ -521,7 +522,7 @@
         }
 
         /* fetch node into buffer */
-        ret = hfsplus_fetch_node(ctx, volHeader, attrHeader, NULL, &(volHeader->attributesFile), thisNode, nodeBuf);
+        ret = hfsplus_fetch_node(ctx, volHeader, attrHeader, NULL, &(volHeader->attributesFile), thisNode, nodeBuf, nodeSize);
         if (ret != CL_CLEAN) {
             cli_dbgmsg("hfsplus_check_attribute: node fetch failed.\n");
             break;
@@ -629,7 +630,8 @@
 
 /* Fetch a node's contents into the buffer */
 static int hfsplus_fetch_node(cli_ctx *ctx, hfsPlusVolumeHeader *volHeader, hfsHeaderRecord *catHeader,
-                              hfsHeaderRecord *extHeader, hfsPlusForkData *catFork, uint32_t node, uint8_t *buff)
+                              hfsHeaderRecord *extHeader, hfsPlusForkData *catFork, uint32_t node, uint8_t *buff,
+                              size_t buffSize)
 {
     int foundBlock = 0;
     uint64_t catalogOffset;
@@ -714,6 +716,11 @@
             readSize = endSize;
         }
 
+        if ((buffOffset + readSize) > buffSize) {
+            cli_dbgmsg("hfsplus_fetch_node: Not enough space for read\n");
+            return CL_EFORMAT;
+        }
+
         if (fmap_readn(ctx->fmap, buff + buffOffset, fileOffset, readSize) != readSize) {
             cli_dbgmsg("hfsplus_fetch_node: not all bytes read\n");
             return CL_EFORMAT;
@@ -911,7 +918,7 @@
         }
 
         /* fetch node into buffer */
-        ret = hfsplus_fetch_node(ctx, volHeader, catHeader, extHeader, &(volHeader->catalogFile), thisNode, nodeBuf);
+        ret = hfsplus_fetch_node(ctx, volHeader, catHeader, extHeader, &(volHeader->catalogFile), thisNode, nodeBuf, nodeSize);
         if (ret != CL_SUCCESS) {
             cli_dbgmsg("hfsplus_walk_catalog: node fetch failed.\n");
             break;
diff -Nru clamav-0.103.7+dfsg/libclamav/others.h clamav-0.103.8+dfsg/libclamav/others.h
--- clamav-0.103.7+dfsg/libclamav/others.h	2022-07-26 06:32:12.000000000 +0200
+++ clamav-0.103.8+dfsg/libclamav/others.h	2023-02-13 01:03:33.000000000 +0100
@@ -73,7 +73,7 @@
  * in re-enabling affected modules.
  */
 
-#define CL_FLEVEL 128
+#define CL_FLEVEL 129
 #define CL_FLEVEL_DCONF CL_FLEVEL
 #define CL_FLEVEL_SIGTOOL CL_FLEVEL
 
diff -Nru clamav-0.103.7+dfsg/libclamav/version.h clamav-0.103.8+dfsg/libclamav/version.h
--- clamav-0.103.7+dfsg/libclamav/version.h	2022-07-26 06:33:01.000000000 +0200
+++ clamav-0.103.8+dfsg/libclamav/version.h	2023-02-13 01:04:24.000000000 +0100
@@ -1 +1 @@
-#define REPO_VERSION "devel-11aaa24dd"
+#define REPO_VERSION "devel-709ad8ff7"
diff -Nru clamav-0.103.7+dfsg/m4/reorganization/version.m4 clamav-0.103.8+dfsg/m4/reorganization/version.m4
--- clamav-0.103.7+dfsg/m4/reorganization/version.m4	2022-07-26 06:32:12.000000000 +0200
+++ clamav-0.103.8+dfsg/m4/reorganization/version.m4	2023-02-13 01:03:33.000000000 +0100
@@ -3,7 +3,7 @@
 dnl For beta,                  set: VERSION="<version>-beta"
 dnl For release candidate,     set: VERSION="<version>-rc"
 dnl For release,               set: VERSION="<version>"
-VERSION="0.103.7"
+VERSION="0.103.8"
 
 major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/[^0-9]//g"`
 minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/[^0-9]//g"`
diff -Nru clamav-0.103.7+dfsg/NEWS.md clamav-0.103.8+dfsg/NEWS.md
--- clamav-0.103.7+dfsg/NEWS.md	2022-07-26 06:32:12.000000000 +0200
+++ clamav-0.103.8+dfsg/NEWS.md	2023-02-13 01:03:33.000000000 +0100
@@ -3,6 +3,28 @@
 Note: This file refers to the source tarball. Things described here may differ
  slightly from the binary packages.
 
+## 0.103.8
+
+ClamAV 0.103.8 is a critical patch release with the following fixes:
+
+- [CVE-2023-20032](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032):
+  Fixed a possible remote code execution vulnerability in the HFS+ file parser.
+  Issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and
+  earlier.
+  Thank you to Simon Scannell for reporting this issue.
+
+- [CVE-2023-20052](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052):
+  Fixed a possible remote information leak vulnerability in the DMG file parser.
+  Issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and
+  earlier.
+  Thank you to Simon Scannell for reporting this issue.
+
+- Update vendored libmspack library to version 0.11alpha.
+  - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/830
+
+Special thanks to the following people for code contributions and bug reports:
+- Simon Scannell
+
 ## 0.103.7
 
 ClamAV 0.103.7 is a critical patch release with the following fixes:
@@ -18,19 +40,20 @@
 
 ClamAV 0.103.6 is a critical patch release with the following fixes:
 
-- [CVE-2022-20770](CVE-2022-20770): Fixed a possible infinite loop vulnerability
-  in the CHM file parser.
+- [CVE-2022-20770](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20770):
+  Fixed a possible infinite loop vulnerability in the CHM file parser.
   Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
   prior versions.
   Thank you to Michał Dardas for reporting this issue.
 
-- [CVE-2022-20796](CVE-2022-20796): Fixed a possible NULL-pointer dereference
-  crash in the scan verdict cache check.
+- [CVE-2022-20796](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20796):
+  Fixed a possible NULL-pointer dereference crash in the scan verdict cache
+  check.
   Issue affects versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2.
   Thank you to Alexander Patrakov and Antoine Gatineau for reporting this issue.
 
-- [CVE-2022-20771](CVE-2022-20771): Fixed a possible infinite loop vulnerability
-  in the TIFF file parser.
+- [CVE-2022-20771](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20771):
+  Fixed a possible infinite loop vulnerability in the TIFF file parser.
   Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
   prior versions.
   The issue only occurs if the "--alert-broken-media" ClamScan option is
@@ -38,14 +61,15 @@
   libclamav it is the "CL_SCAN_HEURISTIC_BROKEN_MEDIA" scan option.
   Thank you to Michał Dardas for reporting this issue.
 
-- [CVE-2022-20785](CVE-2022-20785): Fixed a possible memory leak in the
-  HTML file parser / Javascript normalizer.
+- [CVE-2022-20785](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20785):
+  Fixed a possible memory leak in the HTML file parser / Javascript normalizer.
   Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
   prior versions.
   Thank you to Michał Dardas for reporting this issue.
 
-- [CVE-2022-20792](CVE-2022-20792): Fixed a possible multi-byte heap buffer
-  overflow write vulnerability in the signature database load module.
+- [CVE-2022-20792](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20792):
+  Fixed a possible multi-byte heap buffer overflow write vulnerability in the
+  signature database load module.
   The fix was to update the vendored regex library to the latest version.
   Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
   prior versions.

Bug#1031536: bullseye-pu: package clamav/0.103.8+dfsg-0+deb11u1

Reply via email to