Public bug reported: Upstream: tbd Debian: 1.0.5+dfsg-1.1 1.2.1+dfsg-3 Ubuntu: 1.0.5+dfsg-1.1ubuntu3
Debian new has 1.2.1+dfsg-3, which may be available for merge soon. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38 ### New Debian Changes ### clamav (1.0.5+dfsg-1.1) unstable; urgency=medium * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. Closes: #1062072 -- Steve Langasek <vor...@debian.org> Wed, 28 Feb 2024 15:44:10 +0000 clamav (1.0.5+dfsg-1) unstable; urgency=medium * Import 1.0.4 (Closes: #1063479). - Update symbols. - CVE-2024-20290 (Fixed a possible heap overflow read bug in the OLE2 file parser that could cause a denial-of-service (DoS) condition.) - CVE-2024-20328 (Fixed a possible command injection vulnerability in the 'VirusEvent' feature of ClamAV's ClamD service. -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Thu, 08 Feb 2024 21:38:51 +0100 clamav (1.0.4+dfsg-1) unstable; urgency=medium * Import 1.0.4 - Update symbols. * Add systemd-dev to Build-Depends (Closes: #1060559). * Mark clamav-base as foreign (Closes: #1060889). -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Sat, 20 Jan 2024 11:57:33 +0100 clamav (1.0.3+dfsg-2) unstable; urgency=medium * Remove unnecessary warning messages in freshclam during update. -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Sat, 09 Sep 2023 12:49:40 +0200 clamav (1.0.3+dfsg-1) unstable; urgency=medium * Import 1.0.3 -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Sat, 09 Sep 2023 10:18:34 +0200 clamav (1.0.2+dfsg-1) unstable; urgency=medium * Import 1.0.2 (Closes: #1050057) - CVE-2023-20197 (Possible DoS in HFS+ file parser). - CVE-2023-20212 (Possible DoS in AutoIt file parser). * Use cmake for xml2 detection (Closes: #949100). * Replace tomsfastmath with OpenSSL's BN. * Don't enable clamonacc by default (Closes: #1030171). * Let the clamav-daemon.socket depend on the service file again (Closes: #1044136). -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Sat, 19 Aug 2023 19:07:32 +0200 clamav (1.0.1+dfsg-2) unstable; urgency=medium * Depend on latest libtfm1 (Closes: #1031896, #1027010). -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Sun, 26 Feb 2023 17:39:06 +0100 clamav (1.0.1+dfsg-1) unstable; urgency=medium * Import 1.0.1 (Closes: #1031509) - CVE-2023-20032 (Possible RCE in the HFS+ file parser). - CVE-2023-20052 (Possible information leak in the DMG file parser). -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Fri, 17 Feb 2023 20:29:05 +0100 clamav (1.0.0+dfsg-6) unstable; urgency=medium [ Sebastian Andrzej Siewior ] * Add d/p/Add-an-option-to-avoid-setting-RPATH-on-unix-systems.patch to fix rpath issues [ Scott Kitterman ] * Remove obsolete usr/share/doc/*/NEWS.gz links from debian/*.links, no longer provided in the package (Thanks to Paul Wise for reporting) (Closes: #1029173) * Complete update of d/copyright for upstream file removal/reorganization * Restore and update clamav-freshclam and libclamav lintian-overrides for current lintian * Drop depends on obsolete package lsb-base -- Scott Kitterman <sc...@kitterman.com> Sat, 21 Jan 2023 18:02:12 -0500 clamav (1.0.0+dfsg-5) unstable; urgency=medium [ Scott Kitterman ] * Update paths in d/tests/clamd for new source layout * Add misc:Pre-Depends to clamav-daemon and clamav-milter for init-system-helpers * Remove obsolete debian/NEWS file * More lintian override corrections * Start of removing obsolete d/copyright entries [ Sebastian Andrzej Siewior ] * Fix testsuite on big endian architectures. -- Scott Kitterman <sc...@kitterman.com> Fri, 06 Jan 2023 12:33:39 -0500 clamav (1.0.0+dfsg-4) unstable; urgency=medium ### Old Ubuntu Delta ### clamav (1.0.5+dfsg-1.1ubuntu3) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <steve.langa...@ubuntu.com> Sun, 31 Mar 2024 17:48:52 +0000 clamav (1.0.5+dfsg-1.1ubuntu2) noble; urgency=medium * No-change rebuild against libcurl4t64 -- Steve Langasek <steve.langa...@ubuntu.com> Sat, 16 Mar 2024 06:09:48 +0000 clamav (1.0.5+dfsg-1.1ubuntu1) noble; urgency=medium * Merge with Debian unstable. Remaining changes: - d/p/resolve-armhf-ftbfs.patch: resolve armhf failure to build from source. - clamav-base.postinst.in: Quell warning from check for clamav user (LP 1920217). - Extend ifupdown script to support networkd-dispatcher. + d/clamav-freshclam-ifupdown: Modernize some parts of the script. Implement support for networkd-dispatcher. + d/clamav-freshclam.links: Install the clamav-freshclam-ifupdown script inside the proper /usr/lib/networkd-dispatcher/{off,routable}.d/ directories. (LP 1718227) * Dropped: - po files update [previously undocumented] [causes merge conflict on rebase] -- Bryce Harrington <br...@canonical.com> Tue, 05 Mar 2024 11:00:58 -0800 ** Affects: clamav (Ubuntu) Importance: Undecided Status: New ** Tags: bite-size needs-merge upgrade-software-version ** Changed in: clamav (Ubuntu) Milestone: None => ubuntu-24.06 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064394 Title: Merge clamav from Debian unstable for oracular To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/2064394/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs