Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package clamav for openSUSE:Factory checked in at 2024-07-02 18:17:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/clamav (Old) and /work/SRC/openSUSE:Factory/.clamav.new.18349 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "clamav" Tue Jul 2 18:17:36 2024 rev:125 rq:1184343 version:1.3.1 Changes: -------- --- /work/SRC/openSUSE:Factory/clamav/clamav.changes 2024-02-26 19:49:21.898528909 +0100 +++ /work/SRC/openSUSE:Factory/.clamav.new.18349/clamav.changes 2024-07-02 18:17:42.686189302 +0200 @@ -1,0 +2,96 @@ +Mon Apr 22 15:30:18 UTC 2024 - Reinhard Max <max@suse.com> + +- New Version: 1.3.1: + * CVE-2024-20380: Fixed a possible crash in the HTML file parser + that could cause a denial-of-service (DoS) condition. + * Updated select Rust dependencies to the latest versions. + * Fixed a bug causing some text to be truncated when converting + from UTF-16. + * Fixed assorted complaints identified by Coverity static + analysis. + * Fixed a bug causing CVDs downloaded by the DatabaseCustomURL + Freshclam config option to be pruned and then re-downloaded + with every update. + * Added the new 'valhalla' database name to the list of optional + databases in preparation for future work. + +------------------------------------------------------------------- +Fri Mar 15 13:52:57 UTC 2024 - Reinhard Max <max@suse.com> + +- New version: 1.3.0: + * Added support for extracting and scanning attachments found in + Microsoft OneNote section files. OneNote parsing will be + enabled by default, but may be optionally disabled. + * Added file type recognition for compiled Python (`.pyc`) files. + * Improved support for decrypting PDFs with empty passwords. + * Fixed a warning when scanning some HTML files. + * ClamOnAcc: Fixed an infinite loop when a watched directory + does not exist. + * ClamOnAcc: Fixed an infinite loop when a file has been deleted + before a scan. +- New version: 1.2.0: + * Added support for extracting Universal Disk Format (UDF) + partitions. + * Added an option to customize the size of ClamAV's clean file + cache. + * Raised the MaxScanSize limit so the total amount of data + scanned when scanning a file or archive may exceed 4 gigabytes. + * Added ability for Freshclam to use a client certificate PEM + file and a private key PEM file for authentication to a private + mirror. + * Fix an issue extracting files from ISO9660 partitions where the + files are listed in the plain ISO tree and there also exists an + empty Joliet tree. + * PID and socket are now located under /run/clamav/clamd.pid and + /run/clamav/clamd.sock . + * bsc#1211594: Fixed an issue where ClamAV does not abort the + signature load process after partially loading an invalid + signature. +- New version 1.1.0: + * https://blog.clamav.net/2023/05/clamav-110-released.html + * Added the ability to extract images embedded in HTML CSS + <style> blocks. + * Updated to Sigtool so that the --vba option will extract VBA + code from Microsoft Office documents the same way that + libclamav extracts VBA. + * Added a new option --fail-if-cvd-older-than=days to clamscan + and clamd, and FailIfCvdOlderThan to clamd.conf + * Added a new function cl_cvdgetage() to the libclamav API. + * Added a new function cl_engine_set_clcb_vba() to the + libclamav API. + * obsoletes clamav-ec32.patch. +- boo#1180296: Integrate clamonacc as a service. +- New version 1.0.1 LTS (including changes in 0.104 and 0.105): + * As of ClamAV 0.104, CMake is required to build ClamAV. + * As of ClamAV 0.105, Rust is now required to compile ClamAV. + * Increased the default limits for file and scan size: + * MaxScanSize: 100M to 400M + * MaxFileSize: 25M to 100M + * StreamMaxLength: 25M to 100M + * PCREMaxFileSize: 25M to 100M + * MaxEmbeddedPE: 10M to 40M + * MaxHTMLNormalize: 10M to 40M + * MaxScriptNormalize: 5M to 20M + * MaxHTMLNoTags: 2M to 8M + * Added image fuzzy hash subsignatures for logical signatures. + * Support for decrypting read-only OLE2-based XLS files that are + encrypted with the default password. + * Overhauled the implementation of the all-match feature. + * Added a new callback to the public API for inspecting file + content during a scan at each layer of archive extraction. + * Added a new function to the public API for unpacking CVD + signature archives. + * The option to build with an external TomsFastMath library has + been removed. ClamAV requires non-default build options for + TomsFastMath to support bigger floating point numbers. + * For a full list of changes see the release announcements: + * https://blog.clamav.net/2022/11/clamav-100-lts-released.html + * https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html + * https://blog.clamav.net/2021/09/clamav-01040-released.html +- Build clamd with systemd support. +- Fix format strings on 32bit platforms (clamav-format.patch). +- Add missing endianness conversions (clamav-ec32.patch). +- Don't build on armv7l for now due to some test failures. +- Drop clamav-disable-yara.patch as yara cannot be disabled anymore + +------------------------------------------------------------------- Old: ---- clamav-0.103.11.tar.gz clamav-0.103.11.tar.gz.sig clamav-disable-yara.patch New: ---- _constraints clamav-1.3.1.tar.gz clamav-1.3.1.tar.gz.sig clamav-format.patch service.clamonacc BETA DEBUG BEGIN: Old:- Don't build on armv7l for now due to some test failures. - Drop clamav-disable-yara.patch as yara cannot be disabled anymore BETA DEBUG END: BETA DEBUG BEGIN: New:- Build clamd with systemd support. - Fix format strings on 32bit platforms (clamav-format.patch). - Add missing endianness conversions (clamav-ec32.patch). BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ clamav.spec ++++++ --- /var/tmp/diff_new_pack.W2iroa/_old 2024-07-02 18:17:43.410215797 +0200 +++ /var/tmp/diff_new_pack.W2iroa/_new 2024-07-02 18:17:43.410215797 +0200 @@ -1,7 +1,7 @@ # # spec file for package clamav # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,10 +16,23 @@ # -%bcond_with clammspack +%bcond_without clammspack %bcond_with valgrind + +%if 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150400 +%bcond_without sysuser_vscan +%endif +%if 0%{?suse_version} <= 1500 +%define vgcc 13 +%if 0%{?sle_version} < 150400 +%define vrust 1.69 +%define vcmake 3 +%endif +%endif +%global confdir %_prefix%_sysconfdir + Name: clamav -Version: 0.103.11 +Version: 1.3.1 Release: 0 Summary: Antivirus Toolkit License: GPL-2.0-only @@ -35,27 +48,40 @@ Source10: timer.freshclam # w3m https://www.clamav.net/downloads | sed -n '/-BEGIN /,/-END /p' Source11: clamav.keyring +Source12: service.clamonacc Source65: system-user-vscan.conf Patch1: clamav-conf.patch Patch5: clamav-obsolete-config.patch -Patch6: clamav-disable-yara.patch Patch12: clamav-fips.patch Patch14: clamav-document-maxsize.patch +Patch15: clamav-format.patch +ExcludeArch: %{arml} -BuildRequires: autoconf -BuildRequires: automake -BuildRequires: gcc-c++ +BuildRequires: cargo%{?vrust} +BuildRequires: cmake%{?vcmake} +BuildRequires: gcc%{?vgcc} +BuildRequires: gcc%{?vgcc}-c++ BuildRequires: libbz2-devel -BuildRequires: libcurl-devel >= 7.45 BuildRequires: libjson-c-devel BuildRequires: libopenssl-devel >= 1.0.2 -BuildRequires: libtool BuildRequires: libxml2-devel +BuildRequires: make +BuildRequires: rust%{?vrust} +#BuildRequires: rust+cargo >= 1.61.0 +#BuildRequires: rust+rustc >= 1.61.0 BuildRequires: sendmail-devel +BuildRequires: systemd +BuildRequires: pkgconfig(bzip2) BuildRequires: pkgconfig(check) +BuildRequires: pkgconfig(libcurl) >= 7.45 BuildRequires: pkgconfig(libpcre2-8) >= 10.30 +BuildRequires: pkgconfig(libsystemd) BuildRequires: pkgconfig(ncurses) BuildRequires: pkgconfig(zlib) +BuildRequires: python(abi) >= 3.6 +%if 0%{?suse_version} >= 1500 +BuildRequires: python3-pytest +%endif # # Workaround to keep "make check" from using an existing libclamav # instead of the just built one. This should rather be fixed @@ -72,7 +98,7 @@ %if %{with valgrind} BuildRequires: valgrind %endif -%if 0%{?suse_version} > 1500 +%if %{with sysuser_vscan} Requires(pre): group(vscan) Requires(pre): user(vscan) %else @@ -114,19 +140,19 @@ between different machines and to keep scanning for viruses even when a server goes down. -%package -n libclamav9 +%package -n libclamav12 Summary: ClamAV antivirus engine runtime Group: System/Libraries -%description -n libclamav9 +%description -n libclamav12 ClamAV is an antivirus engine designed for detecting trojans, viruses, malware and other malicious threats. -%package -n libfreshclam2 +%package -n libfreshclam3 Summary: ClamAV updater library Group: System/Libraries -%description -n libfreshclam2 +%description -n libfreshclam3 ClamAV is an antivirus engine designed for detecting trojans, viruses, malware and other malicious threats. @@ -141,8 +167,8 @@ %package devel Summary: Development files for libclamav, an antivirus engine Group: Development/Libraries/C and C++ -Requires: libclamav9 = %{version} -Requires: libfreshclam2 = %{version} +Requires: libclamav12 = %{version} +Requires: libfreshclam3 = %{version} %description devel ClamAV is an antivirus engine designed for detecting trojans, @@ -155,102 +181,93 @@ %setup -q %patch -P 1 %patch -P 5 -%patch -P 6 %patch -P 12 -%patch -P 14 -p1 +%patch -P 14 +%patch -P 15 chmod -x docs/html/images/flamegraph.svg %build -%if 0%{?suse_version} <= 1500 +%if %{without sysuser_vscan} # Create vscan user %sysusers_generate_pre %{SOURCE65} vscan %endif -CFLAGS="-fstack-protector" -CXXFLAGS="-fstack-protector" -export CFLAGS="%optflags $CFLAGS -fPIE -fno-strict-aliasing" -export CXXFLAGS="%optflags $CXXFLAGS -fPIE -fno-strict-aliasing" -export LDFLAGS="-pie" -%if "%{_lib}" == "lib64" -# tomsfastmath needs this for correct operation on 64-bit platforms -CFLAGS="$CFLAGS -DFP_64BIT" -%endif -%configure \ - --disable-clamav \ - --disable-static \ - --with-dbdir=%{_localstatedir}/lib/clamav \ - --with-user=vscan \ - --with-group=vscan \ - --enable-milter \ - --enable-check \ - --enable-clamdtop \ - --disable-yara \ +%cmake \ +%if "%{?vgcc}" != "" + -DCMAKE_C_COMPILER=gcc-%{vgcc} \ + -DCMAKE_CXX_COMPILER=g++-%{vgcc} \ +%endif + -DCMAKE_BUILD_TYPE=DEBUG \ + -DCLAMAV_USER=vscan \ + -DCLAMAV_GROUP=vscan \ + -DCMAKE_INSTALL_DOCDIR:PATH=%{_docdir}/%name \ + -DAPP_CONFIG_DIRECTORY:PATH=%_sysconfdir \ + -DDATABASE_DIRECTORY:PATH=%_localstatedir/lib/clamav \ + -DENABLE_CLAMONACC=ON \ + -DENABLE_MILTER=ON \ + -DSYSTEMD_UNIT_DIR=%{_unitdir} \ %if %{without clammspack} - --with-system-libmspack + -DENABLE_EXTERNAL_MSPACK=ON %endif -%make_build - %install -%make_install + +%cmake_install install -d -m755 %{buildroot}%{_localstatedir}/lib/clamav install -d -m755 %{buildroot}%{_tmpfilesdir} install -m644 %SOURCE6 %{buildroot}%{_tmpfilesdir}/clamav.conf %if 0%{?suse_version} <= 1500 mkdir -p %{buildroot}%{_localstatedir}/spool/amavis %endif -mkdir -p -m 0755 %{buildroot}/run/clamav +mkdir -p -m 0755 %{buildroot}{%_sysconfdir,/run/clamav} find %{buildroot} -type f -name "*.la" -delete -print -# libclammspack is not meant to be linked against by anything but -# libclamav -rm -f %{buildroot}%{_libdir}/pkgconfig/libclammspack.pc -rm -f %{buildroot}%{_libdir}/libclammspack.so - -# fix the new config file names -mv %{buildroot}%{_sysconfdir}/clamd.conf{.sample,} -mv %{buildroot}%{_sysconfdir}/clamav-milter.conf{.sample,} -mv %{buildroot}%{_sysconfdir}/freshclam.conf{.sample,} +for f in %{buildroot}%{_sysconfdir}/*.conf.sample; +do + mv $f ${f%.sample} +done # Systemd... -install -d -m 0755 %{buildroot}%{_unitdir} rm -f %{buildroot}%{_unitdir}/clamav-* install -m 0644 %SOURCE7 %{buildroot}%{_unitdir}/clamd.service install -m 0644 %SOURCE8 %{buildroot}%{_unitdir}/freshclam.service install -m 0644 %SOURCE9 %{buildroot}%{_unitdir}/clamav-milter.service install -m 0644 %SOURCE10 %{buildroot}%{_unitdir}/freshclam.timer -# this is broken if system does not have systemd so don't -# use it at all on systems without mandatory systemd -for srvname in clamd freshclam clamav-milter; do - (export PATH=%_prefix/sbin:/sbin:$PATH ;ln -sf $(which service) %{buildroot}/%{_sbindir}/rc${srvname}) +install -m 0644 %SOURCE12 %{buildroot}%{_unitdir}/clamonacc.service +for srvname in clamd freshclam clamav-milter clamonacc; do + (export PATH=%_prefix/sbin:/sbin:$PATH ;ln -sf service %{buildroot}/%{_sbindir}/rc${srvname}) done %check # regression tests -%if !0%{?qemu_user_space_build:1} -make check VG=1 +%if !0%{?qemu_user_space_build:1} && ( 0%{?suse_version} > 1500 || 0%{?sle_version} >= 150500 ) +# Run ctest with a single job to avoid failures +# due to race conditions, e.g. on s390x. +%define _smp_mflags -j1 +%ctest +%undefine _smp_mflags %endif -%if 0%{?suse_version} > 1500 +%if %{with sysuser_vscan} %pre %else %pre -f vscan.pre %endif -%service_add_pre clamd.service +%service_add_pre clamd.service clamonacc.service %post %tmpfiles_create %{_tmpfilesdir}/clamav.conf -%service_add_post clamd.service +%service_add_post clamd.service clamonacc.service %preun if [ $1 -eq 0 ]; then # package will be uninstalled rm -f %{_localstatedir}/lib/clamav/* fi -%service_del_preun clamd.service +%service_del_preun clamd.service clamonacc.service %postun -%service_del_postun clamd.service +%service_del_postun clamd.service clamonacc.service %pre milter %service_add_pre clamav-milter.service @@ -265,16 +282,16 @@ %service_del_postun clamav-milter.service %if 0%{?suse_version} > 1500 -%ldconfig_scriptlets -n libclamav9 -%ldconfig_scriptlets -n libfreshclam2 +%ldconfig_scriptlets -n libclamav12 +%ldconfig_scriptlets -n libfreshclam3 %if %{with clammspack} %ldconfig_scriptlets -n libclammspack0 %endif %else -%post -n libclamav9 -p /sbin/ldconfig -%postun -n libclamav9 -p /sbin/ldconfig -%post -n libfreshclam2 -p /sbin/ldconfig -%postun -n libfreshclam2 -p /sbin/ldconfig +%post -n libclamav12 -p /sbin/ldconfig +%postun -n libclamav12 -p /sbin/ldconfig +%post -n libfreshclam3 -p /sbin/ldconfig +%postun -n libfreshclam3 -p /sbin/ldconfig %if %{with clammspack} %post -n libclammspack0 -p /sbin/ldconfig %postun -n libclammspack0 -p /sbin/ldconfig @@ -298,6 +315,7 @@ %{_sbindir}/clamonacc %{_sbindir}/rcclamd %{_sbindir}/rcfreshclam +%{_sbindir}/rcclamonacc %{_mandir}/man1/clambc.1%{?ext_man} %{_mandir}/man1/clamconf.1%{?ext_man} %{_mandir}/man1/clamdscan.1%{?ext_man} @@ -314,6 +332,7 @@ %{_unitdir}/clamd.service %{_unitdir}/freshclam.service %{_unitdir}/freshclam.timer +%{_unitdir}/clamonacc.service %defattr(-,vscan,vscan) %dir %{_localstatedir}/lib/clamav %if 0%{?suse_version} <= 1500 @@ -322,7 +341,7 @@ %ghost %attr(755,vscan,vscan) /run/clamav %files docs-html -%doc docs/html/* +%doc %_docdir/%name %files milter %config(noreplace) %{_sysconfdir}/clamav-milter.conf @@ -332,11 +351,11 @@ %{_mandir}/man5/clamav-milter.conf.5%{?ext_man} %{_mandir}/man8/clamav-milter.8%{?ext_man} -%files -n libclamav9 -%{_libdir}/libclam*.so.9* +%files -n libclamav12 +%{_libdir}/libclam*.so.12* -%files -n libfreshclam2 -%{_libdir}/libfreshclam.so.2* +%files -n libfreshclam3 +%{_libdir}/libfreshclam.so.3* %if %{with clammspack} %files -n libclammspack0 @@ -348,4 +367,5 @@ %{_libdir}/pkgconfig/* %{_libdir}/libclam*.so %{_libdir}/libfreshclam*.so +%{_libdir}/libclamav_rust.a ++++++ _constraints ++++++ <constraints> <hardware> <disk> <size unit="G">6</size> </disk> <memory> <size unit="G">8</size> </memory> </hardware> </constraints> ++++++ clamav-0.103.11.tar.gz -> clamav-1.3.1.tar.gz ++++++ /work/SRC/openSUSE:Factory/clamav/clamav-0.103.11.tar.gz /work/SRC/openSUSE:Factory/.clamav.new.18349/clamav-1.3.1.tar.gz differ: char 5, line 1 ++++++ clamav-conf.patch ++++++ --- /var/tmp/diff_new_pack.W2iroa/_old 2024-07-02 18:17:43.482218432 +0200 +++ /var/tmp/diff_new_pack.W2iroa/_new 2024-07-02 18:17:43.486218578 +0200 @@ -1,7 +1,9 @@ --- etc/clamav-milter.conf.sample.orig +++ etc/clamav-milter.conf.sample -@@ -2,10 +2,6 @@ - ## Example config file for clamav-milter +@@ -1,11 +1,7 @@ + ## +-## Example config file for clamav-milter ++## config file for clamav-milter ## -# Comment or remove the line below. @@ -11,17 +13,16 @@ ## ## Main options ## -@@ -17,8 +13,7 @@ Example +@@ -17,7 +13,7 @@ Example # inet6:port@[hostname|ip-address] - to specify an ipv6 socket # # Default: no default --#MilterSocket /tmp/clamav-milter.socket --#MilterSocket inet:7357 -+MilterSocket /run/clamav/clamav-milter-socket - - # Define the group ownership for the (unix) milter socket. - # Default: disabled (the primary group of the user running clamd) -@@ -37,7 +32,7 @@ Example +-#MilterSocket /run/clamav/clamav-milter.sock ++MilterSocket /run/clamav/clamav-milter.sock + #MilterSocket /tmp/clamav-milter.sock + #MilterSocket inet:7357 + +@@ -38,7 +34,7 @@ Example # to work) # # Default: unset (don't drop privileges) @@ -30,25 +31,25 @@ # Waiting for data from clamd will timeout after this time (seconds). # Value of 0 disables the timeout. -@@ -61,7 +56,7 @@ Example +@@ -65,7 +61,7 @@ Example # also owned by root to keep other users from tampering with it. # # Default: disabled --#PidFile /var/run/clamav-milter.pid +-#PidFile /run/clamav/clamav-milter.pid +PidFile /run/clamav/clamav-milter.pid # Optional path to the global temporary directory. # Default: system specific (usually /tmp or /var/tmp). -@@ -88,7 +83,7 @@ Example - # fashion. +@@ -93,7 +89,7 @@ Example # # Default: no default --#ClamdSocket tcp:scanner.mydomain:7357 -+ClamdSocket unix:/run/clamav/clamd-socket + #ClamdSocket tcp:scanner.mydomain:7357 +-#ClamdSocket unix:/run/clamav/clamd.sock ++ClamdSocket unix:/run/clamav/clamd.sock ## -@@ -238,13 +233,13 @@ Example +@@ -243,13 +239,13 @@ Example # Use system logger (can work together with LogFile). # # Default: no @@ -95,25 +96,25 @@ # Enable verbose logging. # Default: no -@@ -71,7 +67,7 @@ Example +@@ -74,7 +70,7 @@ Example # It is recommended that the directory where this file is stored is # also owned by root to keep other users from tampering with it. # Default: disabled --#PidFile /var/run/clamd.pid +-#PidFile /run/clamav/clamd.pid +PidFile /run/clamav/clamd.pid # Optional path to the global temporary directory. # Default: system specific (usually /tmp or /var/tmp). -@@ -90,7 +86,7 @@ Example +@@ -98,7 +94,7 @@ Example # Path to a local socket file the daemon will listen on. # Default: disabled (must be specified by a user) --#LocalSocket /tmp/clamd.socket -+LocalSocket /run/clamav/clamd-socket +-#LocalSocket /run/clamav/clamd.sock ++LocalSocket /run/clamav/clamd.sock + #LocalSocket /tmp/clamd.sock # Sets the group ownership on the unix socket. - # Default: disabled (the primary group of the user running clamd) -@@ -204,7 +200,7 @@ Example +@@ -230,7 +226,7 @@ Example # Run as another user (clamd must be started by root for this option to work) # Default: don't drop privileges @@ -122,6 +123,24 @@ # Stop daemon when libclamav reports out of memory condition. #ExitOnOOM yes +@@ -708,7 +704,7 @@ Example + # multiple OnAccessIncludePath directives but each directory must be added + # in a separate line. + # Default: disabled +-#OnAccessIncludePath /home ++OnAccessIncludePath /home + #OnAccessIncludePath /students + + # Set the exclude paths. All subdirectories are also excluded. +@@ -778,7 +774,7 @@ Example + # It has the same potential race condition limitations of the + # OnAccessExcludeUID option. + # Default: disabled +-#OnAccessExcludeUname clamav ++OnAccessExcludeUname vscan + + # Number of times the OnAccess client will retry a failed scan due to + # connection problems (or other issues). --- etc/freshclam.conf.sample.orig +++ etc/freshclam.conf.sample @@ -1,12 +1,8 @@ @@ -138,12 +157,12 @@ # Path to the database directory. # WARNING: It must match clamd.conf's directive! # Default: hardcoded (depends on installation options) -@@ -48,12 +44,12 @@ Example +@@ -52,12 +48,12 @@ Example # It is recommended that the directory where this file is stored is # also owned by root to keep other users from tampering with it. # Default: disabled --#PidFile /var/run/freshclam.pid -+#PidFile /run/clamav/freshclam.pid +-#PidFile /run/clamav/freshclam.pid ++PidFile /run/clamav/freshclam.pid # By default when started freshclam drops privileges and switches to the # "clamav" user. This directive allows you to change the database owner. @@ -153,7 +172,7 @@ # Use DNS to verify virus database version. FreshClam uses DNS TXT records # to verify database and software versions. With this directive you can change -@@ -127,7 +123,7 @@ DatabaseMirror database.clamav.net +@@ -148,7 +144,7 @@ DatabaseMirror database.clamav.net # Send the RELOAD command to clamd. # Default: no ++++++ clamav-document-maxsize.patch ++++++ --- /var/tmp/diff_new_pack.W2iroa/_old 2024-07-02 18:17:43.498219017 +0200 +++ /var/tmp/diff_new_pack.W2iroa/_new 2024-07-02 18:17:43.502219164 +0200 @@ -1,7 +1,5 @@ -Index: clamav-0.103.2/docs/man/clamscan.1.in -=================================================================== ---- clamav-0.103.2.orig/docs/man/clamscan.1.in -+++ clamav-0.103.2/docs/man/clamscan.1.in +--- docs/man/clamscan.1.in.orig ++++ docs/man/clamscan.1.in @@ -8,6 +8,18 @@ clamscan [options] [file/directory/\-] .SH "DESCRIPTION" .LP @@ -21,10 +19,8 @@ .SH "OPTIONS" .LP Most of the options are simple switches which enable or disable some features. Options marked with [=yes/no(*)] can be optionally followed by =yes/=no; if they get called without the boolean argument the scanner will assume 'yes'. The asterisk marks the default internal setting for a given option. -Index: clamav-0.103.2/docs/man/clamdscan.1.in -=================================================================== ---- clamav-0.103.2.orig/docs/man/clamdscan.1.in -+++ clamav-0.103.2/docs/man/clamdscan.1.in +--- docs/man/clamdscan.1.in.orig ++++ docs/man/clamdscan.1.in @@ -8,6 +8,17 @@ clamdscan [options] [file/directory] .SH "DESCRIPTION" .LP ++++++ clamav-format.patch ++++++ --- clamdscan/client.c.orig +++ clamdscan/client.c @@ -239,14 +239,14 @@ int16_t ping_clamd(const struct optstruc if (i + 1 < attempts) { if (optget(opts, "wait")->enabled) { if (interval == 1) - logg(LOGG_DEBUG, "Could not connect, will try again in %lu second\n", interval); + logg(LOGG_DEBUG, "Could not connect, will try again in %" PRIu64 " second\n", interval); else - logg(LOGG_DEBUG, "Could not connect, will try again in %lu seconds\n", interval); + logg(LOGG_DEBUG, "Could not connect, will try again in %" PRIu64 " seconds\n", interval); } else { if (interval == 1) - logg(LOGG_INFO, "Could not connect, will PING again in %lu second\n", interval); + logg(LOGG_INFO, "Could not connect, will PING again in %" PRIu64 " second\n", interval); else - logg(LOGG_INFO, "Could not connect, will PING again in %lu seconds\n", interval); + logg(LOGG_INFO, "Could not connect, will PING again in %" PRIu64 " seconds\n", interval); } sleep(interval); } --- clamonacc/client/client.c.orig +++ clamonacc/client/client.c @@ -254,14 +254,14 @@ int16_t onas_ping_clamd(struct onas_cont if (i + 1 < attempts) { if (optget((*ctx)->opts, "wait")->enabled) { if (interval == 1) - logg(LOGG_DEBUG, "Will try again in %lu second\n", interval); + logg(LOGG_DEBUG, "Will try again in %" PRIu64 " second\n", interval); else - logg(LOGG_DEBUG, "Will try again in %lu seconds\n", interval); + logg(LOGG_DEBUG, "Will try again in %" PRIu64 " seconds\n", interval); } else { if (interval == 1) - logg(LOGG_INFO, "PINGing again in %lu second\n", interval); + logg(LOGG_INFO, "PINGing again in %" PRIu64 " second\n", interval); else - logg(LOGG_INFO, "PINGing again in %lu seconds\n", interval); + logg(LOGG_INFO, "PINGing again in %" PRIu64 " seconds\n", interval); } sleep(interval); } --- clamonacc/fanotif/fanotif.c.orig +++ clamonacc/fanotif/fanotif.c @@ -141,7 +141,7 @@ cl_error_t onas_setup_fanotif(struct ona /* Load other options. */ (*ctx)->sizelimit = optget((*ctx)->clamdopts, "OnAccessMaxFileSize")->numarg; if ((*ctx)->sizelimit) { - logg(LOGG_DEBUG, "ClamFanotif: max file size limited to %lu bytes\n", (*ctx)->sizelimit); + logg(LOGG_DEBUG, "ClamFanotif: max file size limited to %" PRIu64 " bytes\n", (*ctx)->sizelimit); } else { logg(LOGG_DEBUG, "ClamFanotif: file size limit disabled\n"); } --- libclamav/mew.c.orig +++ libclamav/mew.c @@ -787,7 +787,7 @@ int unmew11(char *src, uint32_t off, uin } if (((size_t)(src + off) < (size_t)(src)) || ((size_t)(src + off) < (size_t)(off))) { - cli_dbgmsg("MEW: Buffer pointer (%08zx) + offset (%08zx) exceeds max size of pointer (%08lx)\n", + cli_dbgmsg("MEW: Buffer pointer (%08zx) + offset (%08zx) exceeds max size of pointer (%08zx)\n", (size_t)src, (size_t)off, SIZE_MAX); return -1; } --- libclamav/pe.c.orig +++ libclamav/pe.c @@ -5185,12 +5185,12 @@ cl_error_t cli_peheader(fmap_t *map, str /* If a section is truncated, adjust its size value */ if (!CLI_ISCONTAINED_0_TO(fsize, section->raw, section->rsz)) { - cli_dbgmsg("cli_peheader: PE Section %zu raw+rsz extends past the end of the file by %lu bytes\n", section_pe_idx, (section->raw + section->rsz) - fsize); + cli_dbgmsg("cli_peheader: PE Section %zu raw+rsz extends past the end of the file by %zu bytes\n", section_pe_idx, (section->raw + section->rsz) - fsize); section->rsz = fsize - section->raw; } if (!CLI_ISCONTAINED_0_TO(fsize, section->uraw, section->ursz)) { - cli_dbgmsg("cli_peheader: PE Section %zu uraw+ursz extends past the end of the file by %lu bytes\n", section_pe_idx, (section->uraw + section->ursz) - fsize); + cli_dbgmsg("cli_peheader: PE Section %zu uraw+ursz extends past the end of the file by %zu bytes\n", section_pe_idx, (section->uraw + section->ursz) - fsize); section->ursz = fsize - section->uraw; } } --- libfreshclam/libfreshclam_internal.c.orig +++ libfreshclam/libfreshclam_internal.c @@ -226,7 +226,7 @@ fc_error_t load_freshclam_dat(void) if (-1 == lseek(handle, strlen(MIRRORS_DAT_MAGIC), SEEK_SET)) { char error_message[260]; cli_strerror(errno, error_message, 260); - logg(LOGG_ERROR, "Can't seek to %lu, error: %s\n", strlen(MIRRORS_DAT_MAGIC), error_message); + logg(LOGG_ERROR, "Can't seek to %zu, error: %s\n", strlen(MIRRORS_DAT_MAGIC), error_message); goto done; } --- unit_tests/check_clamav.c.orig +++ unit_tests/check_clamav.c @@ -1939,7 +1939,7 @@ void diff_file_mem(int fd, const char *r ck_assert_msg(!!buf, "unable to malloc buffer: %zu", len); p = read(fd, buf, len); - ck_assert_msg(p == len, "file is smaller: %lu, expected: %lu", p, len); + ck_assert_msg(p == len, "file is smaller: %zu, expected: %zu", p, len); p = 0; while (len > 0) { c1 = ref[p]; @@ -1950,10 +1950,10 @@ void diff_file_mem(int fd, const char *r len--; } if (len > 0) - ck_assert_msg(c1 == c2, "file contents mismatch at byte: %lu, was: %c, expected: %c", p, c2, c1); + ck_assert_msg(c1 == c2, "file contents mismatch at byte: %zu, was: %c, expected: %c", p, c2, c1); free(buf); p = lseek(fd, 0, SEEK_END); - ck_assert_msg(p == reflen, "trailing garbage, file size: %ld, expected: %ld", p, reflen); + ck_assert_msg(p == reflen, "trailing garbage, file size: %zd, expected: %zd", p, reflen); close(fd); } @@ -1969,7 +1969,7 @@ void diff_files(int fd, int ref_fd) ck_assert_msg(lseek(ref_fd, 0, SEEK_SET) == 0, "lseek failed"); nread = read(ref_fd, ref, siz); - ck_assert_msg(nread == siz, "short read, expected: %ld, was: %ld", siz, nread); + ck_assert_msg(nread == siz, "short read, expected: %ld, was: %zd", siz, nread); close(ref_fd); diff_file_mem(fd, ref, siz); free(ref); --- unit_tests/check_clamd.c.orig +++ unit_tests/check_clamd.c @@ -363,7 +363,7 @@ START_TEST(test_stats) recvdata = (char *)recvfull(sockd, &len); - ck_assert_msg(len > strlen(STATS_REPLY), "Reply has wrong size: %lu, minimum %lu, reply: %s\n", + ck_assert_msg(len > strlen(STATS_REPLY), "Reply has wrong size: %zu, minimum %zu, reply: %s\n", len, strlen(STATS_REPLY), recvdata); if (len > strlen(STATS_REPLY)) @@ -416,7 +416,7 @@ START_TEST(test_instream) recvdata = (char *)recvfull(sockd, &len); expect_len = strlen(EXPECT_INSTREAM); - ck_assert_msg(len == expect_len, "Reply has wrong size: %lu, expected %lu, reply: %s\n", + ck_assert_msg(len == expect_len, "Reply has wrong size: %zu, expected %zu, reply: %s\n", len, expect_len, recvdata); rc = memcmp(recvdata, EXPECT_INSTREAM, expect_len); @@ -494,7 +494,7 @@ static void tst_fildes(const char *cmd, ck_assert_msg(sscanf(recvdata, "fd[%u]", &rc) == 1, "Reply doesn't contain fd: %s\n", recvdata); len -= p - recvdata; - ck_assert_msg(len == expect_len, "Reply has wrong size: %lu, expected %lu, reply: %s, expected: %s\n", + ck_assert_msg(len == expect_len, "Reply has wrong size: %zu, expected %zu, reply: %s, expected: %s\n", len, expect_len, p, expect); rc = memcmp(p, expect, expect_len); --- libclamav/others_common.c.orig +++ libclamav/others_common.c @@ -312,7 +312,7 @@ char *cli_strdup(const char *s) } alloc = strdup(s); - + if (!alloc) { perror("strdup_problem"); cli_errmsg("cli_strdup(): Can't allocate memory (%u bytes).\n", (unsigned int)strlen(s)); ++++++ clamav-obsolete-config.patch ++++++ --- /var/tmp/diff_new_pack.W2iroa/_old 2024-07-02 18:17:43.526220042 +0200 +++ /var/tmp/diff_new_pack.W2iroa/_new 2024-07-02 18:17:43.530220188 +0200 @@ -1,6 +1,6 @@ ---- shared/optparser.c.orig -+++ shared/optparser.c -@@ -517,6 +517,13 @@ const struct clam_option __clam_options[ +--- common/optparser.c.orig ++++ common/optparser.c +@@ -598,6 +598,13 @@ const struct clam_option __clam_options[ {"MailFollowURLs", "mail-follow-urls", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", ""}, {"AllowSupplementaryGroups", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_MILTER | OPT_DEPRECATED, "Initialize a supplementary group access (the process must be started by root).", "no"}, {"ScanOnAccess", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD | OPT_DEPRECATED, "", ""}, ++++++ service.clamonacc ++++++ [Unit] Description=ClamAV On-Access Scanner Documentation=man:clamonacc(8) man:clamd.conf(5) https://docs.clamav.net/ Requires=clamd.service After=clamd.service syslog.target network.target [Service] Type=forking User=root ExecStart=/usr/sbin/clamonacc --ping 30:10 --wait [Install] WantedBy=multi-user.target