pkgsrc/security/clamav/distinfo

16 lines
1 KiB
Text
Raw Normal View History

$NetBSD: distinfo,v 1.43 2022/08/10 13:38:00 taca Exp $
BLAKE2s (clamav-0.103.7.tar.gz) = dd6ecbd43fa6b1835bade917b0758b1516b9e80b770125529a60a3ba059b90c2
SHA512 (clamav-0.103.7.tar.gz) = d426169889d94411b20a2c9c9579fc22a15090c9847849822c63fc6b404075feba0ff3663ee1382b2af5300394c7a93669844736f7473bfdce3250e1fd130326
Size (clamav-0.103.7.tar.gz) = 16501741 bytes
security/clamav: update to 0.103.0 Update clamav package to 0.103.0. Quote from release announce: ClamAV 0.103.0 highlights With your feedback on the previous candidates, we've fixed these additional issues: * The freshclam PID file was not readable by other users in previous release candidates but is now readable by all. * An issue with how freshclam was linked with the autotools build system caused SysLog settings to be ignored. * The real-path checks introduced to clamscan and clamdscan in 0.102.4 broke scanning of some files with Unicode filenames and files on network shares for Windows users. Thanks to the users for your help in fixing these bugs. Major changes * clamd can now reload the signature database without blocking scanning. This multi-threaded database reload improvement was made possible thanks to a community effort. * Non-blocking database reloads are now the default behavior. Some systems that are more constrained on RAM may need to disable non-blocking reloads, as it will temporarily consume double the amount of memory. We added a new clamd config option ConcurrentDatabaseReload, which may be set to no. Special thanks to those who made this feature a reality: * Alberto Wu * Alexander Sulfrian * Arjen de Korte * David Heidelberg * Ged Haywood * Julius Plenz * Michael Orlitzky Notable changes * The DLP module has been enhanced with additional credit card ranges and a new engine option that allows ClamAV to alert only on credit cards (and not, for instance, gift cards) when scanning with the DLP module. John Schember developed this feature, with input from Alexander Sulfrian. * We added support for Adobe Reader X PDF encryption and overhauled the PNG-scanning tool to detect PNG-specific exploits. We also made a major change to GIF parsing that now makes it more tolerant of problematic files and adds the ability to scan overlays, all thanks to work and patches submitted by Aldo Mazzeo. * clamdtop.exe is now available for Windows users. The functionality is somewhat limited when compared to clamdtop on Linux. PDCurses is required to build clamdtop.exe for ClamAV on Windows. * The phishing detection module will now print "Suspicious link found!" along with the "Real URL" and "Display URL" each time ClamAV detects phishing. In a future version, we would like to print out alert-related metadata like this at the end of a scan, but for now, this detail will help users understand why a given file is being flagged as phishing. * Added new *experimental* CMake build tooling. CMake is not yet recommended for production builds. Our team would appreciate any assistance improving the CMake build tooling so we can one day deprecate autotools and remove the Visual Studio solutions. - Please see the new CMake installation instructions found in INSTALL.cmake.md for detailed instructions on how to build ClamAV with CMake. * Added --ping and --wait options to the clamdscan and clamonacc client applications. * The --ping (-p) command will attempt to ping clamd up to a specified maximum number of attempts at an optional interval. If the interval isn't specified, a default one-second interval is used. It will exit with status code `0` when it receives a PONG from clamd or status code `21` if the timeout expires before it receives a response.
2020-09-19 15:41:42 +02:00
SHA1 (patch-Makefile.in) = 51e0f42323f07b7ae0cb35a640469dce4e1a2041
SHA1 (patch-aa) = c07a7b6e883f384ce278964645f0658c0d986ab5
Update clamav to 0.101.2 Remove rar support to workaround PR pkg/54420 This release includes 3 extra security related bug fixes that do not apply to prior versions. In addition, it includes a number of minor bug fixes and improvements. * Fixes for the following vulnerabilities affecting 0.101.1 and prior: + CVE-2019-1787: An out-of-bounds heap read condition may occur when scanning PDF documents. The defect is a failure to correctly keep track of the number of bytes remaining in a buffer when indexing file data. + CVE-2019-1789: An out-of-bounds heap read condition may occur when scanning PE files (i.e. Windows EXE and DLL files) that have been packed using Aspack as a result of inadequate bound-checking. + CVE-2019-1788: An out-of-bounds heap write condition may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. The invalid write happens when an invalid pointer is mistakenly used to initialize a 32bit integer to zero. This is likely to crash the application. * Fixes for the following ClamAV vulnerabilities: + CVE-2018-15378: Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Reported by Secunia Research at Flexera. + Fix for a 2-byte buffer over-read bug in ClamAV's PDF parsing code. Reported by Alex Gaynor. * Fixes for the following vulnerabilities in bundled third-party libraries: + CVE-2018-14680: An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames. + CVE-2018-14681: An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite. + CVE-2018-14682: An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression. + Additionally, 0.100.2 reverted 0.100.1's patch for CVE-2018-14679, and applied libmspack's version of the fix in its place. * Fixes for the following CVE's: + CVE-2017-16932: Vulnerability in libxml2 dependency (affects ClamAV on Windows only). + CVE-2018-0360: HWP integer overflow, infinite loop vulnerability. Reported by Secunia Research at Flexera. + CVE-2018-0361: ClamAV PDF object length check, unreasonably long time to parse relatively small file. Reported by aCaB. For the full release notes, see: https://github.com/Cisco-Talos/clamav-devel/blob/clamav-0.101.2/NEWS.md
2019-08-05 16:44:20 +02:00
SHA1 (patch-ab) = 78793f0267ce8c820b51937186dc17dabb4a1ccf
SHA1 (patch-af) = d217633ed33c72b6d01a9aeef03f0f5dd33b4336
SHA1 (patch-configure) = ea2ecb0f84ef7a617cbbd5d0ed551ebcf7a1d5cb
security/clamav: update to 0.103.0 Update clamav package to 0.103.0. Quote from release announce: ClamAV 0.103.0 highlights With your feedback on the previous candidates, we've fixed these additional issues: * The freshclam PID file was not readable by other users in previous release candidates but is now readable by all. * An issue with how freshclam was linked with the autotools build system caused SysLog settings to be ignored. * The real-path checks introduced to clamscan and clamdscan in 0.102.4 broke scanning of some files with Unicode filenames and files on network shares for Windows users. Thanks to the users for your help in fixing these bugs. Major changes * clamd can now reload the signature database without blocking scanning. This multi-threaded database reload improvement was made possible thanks to a community effort. * Non-blocking database reloads are now the default behavior. Some systems that are more constrained on RAM may need to disable non-blocking reloads, as it will temporarily consume double the amount of memory. We added a new clamd config option ConcurrentDatabaseReload, which may be set to no. Special thanks to those who made this feature a reality: * Alberto Wu * Alexander Sulfrian * Arjen de Korte * David Heidelberg * Ged Haywood * Julius Plenz * Michael Orlitzky Notable changes * The DLP module has been enhanced with additional credit card ranges and a new engine option that allows ClamAV to alert only on credit cards (and not, for instance, gift cards) when scanning with the DLP module. John Schember developed this feature, with input from Alexander Sulfrian. * We added support for Adobe Reader X PDF encryption and overhauled the PNG-scanning tool to detect PNG-specific exploits. We also made a major change to GIF parsing that now makes it more tolerant of problematic files and adds the ability to scan overlays, all thanks to work and patches submitted by Aldo Mazzeo. * clamdtop.exe is now available for Windows users. The functionality is somewhat limited when compared to clamdtop on Linux. PDCurses is required to build clamdtop.exe for ClamAV on Windows. * The phishing detection module will now print "Suspicious link found!" along with the "Real URL" and "Display URL" each time ClamAV detects phishing. In a future version, we would like to print out alert-related metadata like this at the end of a scan, but for now, this detail will help users understand why a given file is being flagged as phishing. * Added new *experimental* CMake build tooling. CMake is not yet recommended for production builds. Our team would appreciate any assistance improving the CMake build tooling so we can one day deprecate autotools and remove the Visual Studio solutions. - Please see the new CMake installation instructions found in INSTALL.cmake.md for detailed instructions on how to build ClamAV with CMake. * Added --ping and --wait options to the clamdscan and clamonacc client applications. * The --ping (-p) command will attempt to ping clamd up to a specified maximum number of attempts at an optional interval. If the interval isn't specified, a default one-second interval is used. It will exit with status code `0` when it receives a PONG from clamd or status code `21` if the timeout expires before it receives a response.
2020-09-19 15:41:42 +02:00
SHA1 (patch-etc_clamav-milter.conf.sample) = fa65d9b25cb51c62365b1d5a8b6dafe89d505057
SHA1 (patch-etc_clamd.conf.sample) = e2c60b81675e73600409f76457fbc7cd8ec51a8f
SHA1 (patch-etc_freshclam.conf.sample) = 804df5480560acb915f9fcb5f2097673c657ae34
security/clamav: update to 0.103.4 ClamAV 0.103.4 is a critical patch release with the following fixes: - FreshClam: - Add a 24-hour cool-down for FreshClam clients that have received an HTTP 403 (Forbidden) response from the CDN. This is to reduce the volume of 403-response data served to blocked FreshClam clients that are configured with a tight update-loop. - Fixed a bug where FreshClam treats an empty CDIFF as an incremental update failure instead of as an intentional request to download the whole CVD. - ClamDScan: Fix a scan error when broken symlinks are encountered on macOS with "FollowDirectorySymlinks" and "FollowFileSymlinks" options disabled. - Overhauled the scan recursion / nested archive extraction logic and added new limits on embedded file-type recognition performed during the "raw" scan of each file. This limits embedded file-type misidentification and prevents detecting embedded file content that is found/extracted and scanned at other layers in the scanning process. - Fix an issue with the FMap module that failed to read from some nested files. - Fixed an issue where failing to load some rules from a Yara file containing multiple rules may cause a crash. - Fixed assorted compiler warnings. - Fixed assorted Coverity static code analysis issues. - Scan limits: - Added virus-name suffixes to the alerts that trigger when a scan limit has been exceeded. Rather than simply `Heuristics.Limits.Exceeded`, you may now see limit-specific virus-names, to include: - `Heuristics.Limits.Exceeded.MaxFileSize` - `Heuristics.Limits.Exceeded.MaxScanSize` - `Heuristics.Limits.Exceeded.MaxFiles` - `Heuristics.Limits.Exceeded.MaxRecursion` - `Heuristics.Limits.Exceeded.MaxScanTime` - Renamed the `Heuristics.Email.ExceedsMax.*` alerts to align with the other limit alerts names. These alerts include: - `Heuristics.Limits.Exceeded.EmailLineFoldcnt` - `Heuristics.Limits.Exceeded.EmailHeaderBytes` - `Heuristics.Limits.Exceeded.EmailHeaders` - `Heuristics.Limits.Exceeded.EmailMIMEPartsPerMessage` - `Heuristics.Limits.Exceeded.EmailMIMEArguments` - Fixed an issue where the Email-related scan limits would alert even when the "AlertExceedsMax" (`--alert-exceeds-max`) scan option is not enabled. - Fixes an issue in the Zip parser where exceeding the "MaxFiles" limit or the "MaxFileSize" limit would abort the scan but would fail to alert. The Zip scan limit issues were independently identified and reported by Aaron Leliaert and Max Allan. - Fixed a leak in the Email parser when using the `--gen-json` scan option. - Fixed an issue where a failure to record metadata in the Email parser when using the `--gen-json` scan option could cause the Email parser to abort the scan early and fail to extract and scan additional content. - Fixed a file name memory leak in the Zip parser. - Fixed an issue where certain signature patterns may cause a crash or cause unintended matches on some systems when converting characters to uppercase if a UTF-8 unicode single-byte grapheme becomes a multi-byte grapheme. Patch courtesy of Andrea De Pasquale. Other fixes backported from 0.104.0: - Fixed a crash in programs that use libclamav when the programs don't set a callback for the "virus found" event. Patch courtesy of Markus Strehle. - Added checks to the the SIS archive parser to prevent an SIS file entry from pointing to the archive, which would result in a loop. This was not an actual infinite loop, as ClamAV's scan recursion limit limits the depth of nested archive extraction. - ClamOnAcc: Fixed a socket file descriptor leak that could result in a crash when all available file descriptors are exhausted. - FreshClam: Fixed an issue where FreshClam would download a CVD repeatedly if a zero-byte CDIFF is downloaded or if the incremental update failed and if the CVD downloaded after that is older than advertised. Patch courtesy of Andrew Williams. - ClamDScan: - Fixed a memory leak of the scan target filename when using the `--fdpass` or `--stream` options. - Fixed an issue where ClamDScan would fail to scan any file after excluding a file with the "ExcludePath" option when using when using the `--multiscan` (`-m`) option along with either `--fdpass` or `--stream`. Also fixed a memory leak of the accidentally-excluded paths in this case. - Fixed a single file path memory leak when using `--fdpass`. - Fixed an issue where the "ExcludePath" regex may fail to exclude absolute paths when the scan is invoked with a relative path. Special thanks to the following for code contributions and bug reports: - Aaron Leliaert - Andrea De Pasquale - Andrew Williams - Markus Strehle - Max Allan
2021-11-08 15:49:23 +01:00
SHA1 (patch-libclamav_fmap.c) = d608faf56aebfcb32146b04a21ab587ee4a1a06d
SHA1 (patch-libclamav_fmap.h) = 4511c7670e871ff5a67e5fa4c7c2a2fd2ceca7b1