Hello community, here is the log from the commit of package clamav checked in at Mon Feb 25 17:07:21 CET 2008. -------- --- clamav/clamav.changes 2008-01-15 21:21:55.000000000 +0100 +++ /mounts/work_src_done/STABLE/clamav/clamav.changes 2008-02-15 01:17:51.785069000 +0100 @@ -1,0 +2,7 @@ +Wed Feb 13 12:12:56 CET 2008 - max@suse.de + +- Security update 0.92.1: (bnc#361374) + * CVE-2008-0318: libclamav PE File Integer Overflow Vulnerability + * CVE-2008-0728: heap corruption + +------------------------------------------------------------------- @@ -6,0 +14,16 @@ +Fri Dec 14 14:56:29 CET 2007 - max@suse.de + +- Security update 0.92 (#343277): + * CVE-2007-6335 - MEW PE File Integer Overflow + * CVE-2007-6336 - Off-by-one error in LZX_READ_HUFFSYM() + * CVE-2007-6337 - bzlib issue +- Make clamd error out if /dev/null can't be opened (#300019). + +------------------------------------------------------------------- +Mon Nov 5 16:50:30 CET 2007 - max@suse.de + +- Added sendmail and sendmail-devel to BuildRequires. +- Enabled clamav-milter and added an init script for it. + (fate#302362) + +------------------------------------------------------------------- Old: ---- clamav-0.91.2.tar.bz2 clamav-open.patch New: ---- clamav-0.92.1.tar.bz2 clamav-milter-sysconfig clamav-rcmilter clamav-regex.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ clamav.spec ++++++ --- /var/tmp/diff_new_pack.C32216/_old 2008-02-25 17:07:09.000000000 +0100 +++ /var/tmp/diff_new_pack.C32216/_new 2008-02-25 17:07:09.000000000 +0100 @@ -1,5 +1,5 @@ # -# spec file for package clamav (Version 0.91.2) +# spec file for package clamav (Version 0.92.1) # # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -10,20 +10,26 @@ # norootforbuild + Name: clamav %if 0%{?suse_version} >= 1010 || 0%{!?suse_version:1} -BuildRequires: bc gmp-devel pkgconfig tcpd-devel zlib-devel +BuildRequires: bc gmp-devel pkgconfig zlib-devel %endif %if 0%{?suse_version} > 1020 BuildRequires: pwdutils %endif +%if 0%{?suse_version} >= 0910 +BuildRequires: tcpd-devel +%endif +BuildRequires: sendmail sendmail-devel Summary: Antivirus Toolkit -Version: 0.91.2 -Release: 34 +Version: 0.92.1 +Release: 1 License: GPL v2 or later Group: Productivity/Security Url: http://www.clamav.net Requires: latex2html-pngicons +PreReq: %insserv_prereq %fillup_prereq Obsoletes: clamav-db < 0.88.3 PreReq: %_sbindir/groupadd %_sbindir/useradd /usr/bin/awk /bin/sed Source0: %{name}-%{version}.tar.bz2 @@ -31,8 +37,10 @@ Source2: clamav-rcfreshclam Source3: clamav-updateclamconf Source4: clamav-rpmlintrc -Patch1: %name-conf.patch -Patch2: %name-open.patch +Source5: clamav-rcmilter +Source6: clamav-milter-sysconfig +Patch1: clamav-conf.patch +Patch3: clamav-regex.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -53,7 +61,7 @@ %package db Group: Productivity/Security Summary: Virus Database for ClamAV -PreReq: clamav sed +PreReq: clamav sed /bin/cp %description db This package contains a snapshot of the virus description database for @@ -70,7 +78,7 @@ %prep %setup -q %patch1 -%patch2 +%patch3 %build %if %suse_version >= 1010 @@ -89,7 +97,8 @@ --with-group=vscan \ --with-tcpwrappers \ --with-libcurl \ - --disable-zlib-vcheck + --disable-zlib-vcheck \ + --enable-milter make %{?jobs:-j%jobs} # SLES8 does not support %check %if 0%{?suse_version} > 810 || 0%{!?suse_version:1} @@ -99,13 +108,17 @@ make check %install -rm -rf %buildroot %makeinstall +ln -sf docs/html/{clamdoc,index}.html mkdir -p %buildroot/etc/init.d install -m755 %SOURCE1 %buildroot/etc/init.d/clamd ln -s /etc/init.d/clamd %buildroot%_sbindir/rcclamd install -m755 %SOURCE2 %buildroot/etc/init.d/freshclam ln -s /etc/init.d/freshclam %buildroot%_sbindir/rcfreshclam +install -m755 %SOURCE5 %buildroot/etc/init.d/clamav-milter +ln -s /etc/init.d/clamav-milter %buildroot%_sbindir/rcclamav-milter +mkdir -p %buildroot/var/adm/fillup-templates +install -m644 %SOURCE6 %buildroot/var/adm/fillup-templates/sysconfig.clamav-milter install -m755 %SOURCE3 %buildroot%_sbindir/updateclamconf touch %buildroot/var/lib/clamav/{clamd,freshclam}.pid for f in %buildroot/var/lib/clamav/*.cvd; do @@ -137,6 +150,7 @@ %dir /var/lib/clamav %ghost /var/lib/clamav/*.pid %ghost /var/lib/clamav/*.cvd +/var/adm/fillup-templates/* %files db %defattr(-,vscan,vscan) @@ -150,12 +164,14 @@ %post %run_ldconfig +%{?fillup_only:%fillup_only -n clamav-milter} # merge config files on update test "0$1" -lt 2 && exit 0 # The old default to run clamd in foreground mode was wrong OVERRIDE="Foreground no" for f in /etc/clamd.conf /etc/freshclam.conf; do if test -e $f.rpmnew; then + echo "Merging $f and $f.rpmnew" %_sbindir/updateclamconf -v override="$OVERRIDE" $f $f.rpmnew > $f.tmp if test $? == 0; then mv $f $f.old @@ -207,8 +223,22 @@ done %changelog +* Wed Feb 13 2008 max@suse.de +- Security update 0.92.1: (bnc#361374) + * CVE-2008-0318: libclamav PE File Integer Overflow Vulnerability + * CVE-2008-0728: heap corruption * Tue Jan 15 2008 aj@suse.de - Fix open call to build again. +* Fri Dec 14 2007 max@suse.de +- Security update 0.92 (#343277): + * CVE-2007-6335 - MEW PE File Integer Overflow + * CVE-2007-6336 - Off-by-one error in LZX_READ_HUFFSYM() + * CVE-2007-6337 - bzlib issue +- Make clamd error out if /dev/null can't be opened (#300019). +* Mon Nov 05 2007 max@suse.de +- Added sendmail and sendmail-devel to BuildRequires. +- Enabled clamav-milter and added an init script for it. + (fate#302362) * Tue Aug 21 2007 max@suse.de - Bugfix update 0.91.2. - Fixes some NULL dereferences and variable initialisation problems ++++++ clamav-0.91.2.tar.bz2 -> clamav-0.92.1.tar.bz2 ++++++ clamav/clamav-0.91.2.tar.bz2 /mounts/work_src_done/STABLE/clamav/clamav-0.92.1.tar.bz2 differ: byte 11, line 1 ++++++ clamav-conf.patch ++++++ --- /var/tmp/diff_new_pack.C32216/_old 2008-02-25 17:07:09.000000000 +0100 +++ /var/tmp/diff_new_pack.C32216/_new 2008-02-25 17:07:09.000000000 +0100 @@ -38,17 +38,16 @@ # Optional path to the global temporary directory. # Default: system specific (usually /tmp or /var/tmp). -@@ -69,22 +65,22 @@ +@@ -69,7 +65,7 @@ # Path to a local socket file the daemon will listen on. # Default: disabled (must be specified by a user) -LocalSocket /tmp/clamd.socket -+#LocalSocket /var/lib/clamav/clamd-socket ++LocalSocket /var/lib/clamav/clamd-socket # Remove stale socket after unclean shutdown. # Default: no --#FixStaleSocket yes -+FixStaleSocket yes +@@ -77,14 +73,14 @@ # TCP port address. # Default: no @@ -65,16 +64,16 @@ # Maximum length the queue of pending connections may grow to. # Default: 15 -@@ -142,7 +138,7 @@ - # Run as another user (clamd must be started by root to make this option - # working). +@@ -141,7 +137,7 @@ + + # Run as another user (clamd must be started by root for this option to work) # Default: don't drop privileges -#User clamav +User vscan # Initialize supplementary group access (clamd must be started by root). # Default: no -@@ -323,6 +319,10 @@ +@@ -326,6 +322,10 @@ ## # Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running. ++++++ clamav-regex.patch ++++++ --- libclamav/regex/engine.c +++ libclamav/regex/engine.c @@ -662,6 +662,7 @@ /* "can't happen" */ assert(nope); /* NOTREACHED */ + return(NULL); } /* ++++++ clamav-rpmlintrc ++++++ --- clamav/clamav-rpmlintrc 2007-07-17 18:30:52.000000000 +0200 +++ /mounts/work_src_done/STABLE/clamav/clamav-rpmlintrc 2008-02-13 12:10:00.000000000 +0100 @@ -1,2 +1,3 @@ addFilter("non-standard-uid.*") addFilter("devel-file-in-non-devel-package.*") +addFilter("obsolete-not-provided") ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org