Date: Tue, 10 Jan 2006 15:01:40 +0300 (MSK) From: "Boris B. Samorodov" <bsam@ipt.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/91593: [patch] security/clamav: update to new stable release 0.88 Message-ID: <200601101201.k0AC1esU084380@mi.ipt.ru> Resent-Message-ID: <200601101200.k0AC0MJ2095525@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 91593 >Category: ports >Synopsis: [patch] security/clamav: update to new stable release 0.88 >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Tue Jan 10 12:00:21 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Boris B. Samorodov >Release: FreeBSD 6.0-STABLE i386 >Organization: InPharmTech, Co. http://www.ipt.ru >Environment: System: FreeBSD mi.ipt.ru 6.0-STABLE FreeBSD 6.0-STABLE #0: Wed Nov 2 17:58:38 MSK 2005 bsam@mi.ipt.ru:/usr/obj/usr/src/sys/PROBA1 i386 >Description: A new stable version of security/clamav is released. Most serious change: 0.88 ---- A possible heap overflow in the UPX code has been fixed. General improvements include better zip and mail processing, and support for a self-protection mode. The security of the UPX, FSG and Petite modules has been improved, too. Other changes since 0.87.1: Mon Jan 9 18:26:21 CET 2006 ---------------------------- V 0.88 * Changes: - libclamav: add support for signature based self-protection mode (tk) - libclamav/upx.c: fix possible heap overflow (acab) Reported by 3Com's Zero Day Initiative - libclamav/upx.c,fsg.c,petite.c: improve code security (acab) - clamd, clamscan: try to detect library version mismatch (tk) - libclamav/mbox.c: Multipart headers: handle end of header lines that are not empty (njh) - libclamav/zziplib/zzip-zip.c: fix pointer misalignment problem on sparc64 Thanks to Clint Adams <schizo*debian.org> - clamd/others.h: fix compilation error on systems with INCOMPLETE_CMSG (tk) Reported by Fukuda Manabu <fukuda*cri-mw.co.jp> - libclamav/pe.c: respect CL_SCAN_BLOCKMAX (tk) - libclamav/zziplib: improve handling of incorrectly created/handcrafted zip archives. Test file provided by Christoph Cordes (tk) - libclamav/zziplib: improve handling of multi-part/broken zip archives (tk) Test files provided by Tomasz Papszun - clamscan/treewalk.c: --exclude-dir was taking bad arguments when used multiple times (tk) >How-To-Repeat: >Fix: The patch is relative to the port itself: # cd /usr/ports/security # patch -p0 < _the_patch_ <delete clamav/*.orig clamav/files/*.orig files> --- clamav.patch begins here --- diff -ruN clamav.orig/Makefile clamav/Makefile --- clamav.orig/Makefile Tue Jan 10 13:01:07 2006 +++ clamav/Makefile Tue Jan 10 13:01:36 2006 @@ -6,7 +6,7 @@ # PORTNAME= clamav -PORTVERSION= 0.87.1 +PORTVERSION= 0.88 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE_EXTENDED} MASTER_SITE_SUBDIR= clamav diff -ruN clamav.orig/distinfo clamav/distinfo --- clamav.orig/distinfo Tue Jan 10 13:01:07 2006 +++ clamav/distinfo Tue Jan 10 13:03:26 2006 @@ -1,2 +1,3 @@ -MD5 (clamav-0.87.1.tar.gz) = bf9f038edf0b6d5f76552e1b8d014b81 -SIZE (clamav-0.87.1.tar.gz) = 4468992 +MD5 (clamav-0.88.tar.gz) = 5d23205673c32e2b1b6db95000e6da74 +SHA256 (clamav-0.88.tar.gz) = 7912be29d13dae676691fbad7fa5fc1518eb3b8b45f8d147097908533ca1f8db +SIZE (clamav-0.88.tar.gz) = 4564473 diff -ruN clamav.orig/files/extra-patch-libunrar clamav/files/extra-patch-libunrar --- clamav.orig/files/extra-patch-libunrar Tue Jan 10 13:01:07 2006 +++ clamav/files/extra-patch-libunrar Tue Jan 10 13:27:31 2006 @@ -72,7 +72,7 @@ +} +#endif + - static int cli_scanmschm(int desc, const char **virname, long int *scanned, const struct cl_node *root, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) + static int cli_scanmschm(int desc, const char **virname, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, unsigned int options, unsigned int arec, unsigned int mrec) { char *tempname; @@ -1403,8 +1443,13 @@ --- clamav.patch ends here --- WBR -- bsam >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200601101201.k0AC1esU084380>