Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: pu
Tags: bullseye
Severity: normal
This is an update of clamav to version 0.103.3 which is considered as a
LTS version. It contains only important fixes. The details were
documented by upstream at
https://blog.clamav.net/2021/09/changes-to-clamav-end-of-life-policy.html
The 103.3 version is in unstable since July.
It addresses a clamdscan related regression which was introduced in
103.2.
Side note: As per
https://docs.clamav.net/faq/faq-eol.html#definitions
upstream defines "support" as also including "Signature Database (CVD)
Access". Therefore it would be nice to include this into
bullseye/updates once time permits.
Sebastian
diff -Nru clamav-0.103.2+dfsg/clamd/scanner.c
clamav-0.103.3+dfsg/clamd/scanner.c
--- clamav-0.103.2+dfsg/clamd/scanner.c 2021-04-06 21:03:42.0 +0200
+++ clamav-0.103.3+dfsg/clamd/scanner.c 2021-06-19 23:15:59.0 +0200
@@ -146,8 +146,8 @@
if (NULL != filename) {
if (CL_SUCCESS != cli_realpath((const char *)filename,
_filename)) {
-conn_reply_errno(scandata->conn, msg, "Failed to determine real
path:");
-logg("^Failed to determine real path for: %s\n", filename);
+conn_reply_errno(scandata->conn, msg, "File path check failure:");
+logg("^File path check failure for: %s\n", filename);
logg("*Quarantine of the file may fail if file path contains
symlinks.\n");
} else {
free(filename);
@@ -180,25 +180,30 @@
else
logg("!Memory allocation failed during cli_ftw()\n");
scandata->errors++;
+free(filename);
return CL_EMEM;
case error_stat:
-conn_reply_errno(scandata->conn, msg, "lstat() failed:");
-logg("^lstat() failed on: %s\n", msg);
+conn_reply_errno(scandata->conn, msg, "File path check failure:");
+logg("^File path check failure on: %s\n", msg);
scandata->errors++;
+free(filename);
return CL_SUCCESS;
case warning_skipped_dir:
-logg("^Directory recursion limit reached, skipping %s\n",
- msg);
+logg("^Directory recursion limit reached, skipping %s\n", msg);
+free(filename);
return CL_SUCCESS;
case warning_skipped_link:
logg("$Skipping symlink: %s\n", msg);
+free(filename);
return CL_SUCCESS;
case warning_skipped_special:
if (msg == scandata->toplevel_path)
conn_reply(scandata->conn, msg, "Not supported file type",
"ERROR");
logg("*Not supported file type: %s\n", msg);
+free(filename);
return CL_SUCCESS;
case visit_directory_toplev:
+free(filename);
return CL_SUCCESS;
case visit_file:
break;
diff -Nru clamav-0.103.2+dfsg/clamdscan/proto.c
clamav-0.103.3+dfsg/clamdscan/proto.c
--- clamav-0.103.2+dfsg/clamdscan/proto.c 2021-04-06 21:03:42.0
+0200
+++ clamav-0.103.3+dfsg/clamdscan/proto.c 2021-06-19 23:15:59.0
+0200
@@ -238,6 +238,10 @@
{
const struct optstruct *opt;
+if (!path) {
+return 1;
+}
+
if ((opt = optget(clamdopts, "ExcludePath"))->enabled) {
while (opt) {
if (match_regex(path, opt->strarg) == 1) {
diff -Nru clamav-0.103.2+dfsg/clamsubmit/clamsubmit.c
clamav-0.103.3+dfsg/clamsubmit/clamsubmit.c
--- clamav-0.103.2+dfsg/clamsubmit/clamsubmit.c 2021-04-06 21:03:42.0
+0200
+++ clamav-0.103.3+dfsg/clamsubmit/clamsubmit.c 2021-06-19 23:15:59.0
+0200
@@ -1,3 +1,30 @@
+/*
+ * ClamAV Malware and False Positive Reporting Tool
+ *
+ * Copyright (C) 2014-2020 Cisco Systems, Inc. and/or its affiliates. All
rights reserved.
+ *
+ * Authors: Shawn Webb, Steve Morgan
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "clamav-config.h"
+#endif
+
+#include
#include
#include
#if HAVE_UNISTD_H
@@ -23,6 +50,7 @@
#include "misc.h"
#include "getopt.h"
#include "cert_util.h"
+#include "output.h"
#define OPTS "e:p:n:N:V:H:h?v?d"
@@ -32,7 +60,6 @@
typedef struct _header_data {
int len;
-char