0.68-1
------
Fixed RAR support.
0.68
----
This version fixes a crash with some RAR archives generated by the Bagle worm,
also a few important fixes have been backported from CVS.
We strongly encourage users to install the 0.70-rc version (released today).
0.67
----
This release fixes a memory management problem (platform dependent; can lead
to a DoS attack) with messages that only have attachments (reported by Oliver
Brandmueller). It also contains patches for a few problems found in 0.66 and
has better Cygwin support.
This version is a response to the "clamav 0.65 remote DOS exploit"
information published on popular security-related mailing lists.
Other changes include: (see the README for a full list)
-) clamd:
+ fixed database timestamp handling (and a double reload problem reported
by Alex Pleiner and Ole Stanstrup)
+ new directive: ArchiveMaxCompressionRatio
+ new command: SESSION (starts a clamd session and allows to do multiple
commands per TCP session)
+ new directives: TemporaryDirectory, LogClean (Andrey V. Malyshev)
-) freshclam:
+ support for freshclam.conf (that may be optionally merged with
clamav.conf, command line options overwrite config settings)
+ work-around for potential database downgrade (subtle problem
in r-r dns handling) - reported by Daniel Mario Vega and patched
by Luca Gibelli
Fix build by rather patch "configure" directly instead of configure.in
(autoconf failed). Tested on NetBSD-current and Linux (some kind of Debian).
Somewhat based upon PR 24294 by Eric Schnoebelen.
While at it also fix configure to always install the example config file
to "examples".
Bump PKGREVISION to 1.
working on the issue.
Changes:
-) clamd:
+ fixed a race condition in database reloading code (random crashes
under high load)
+ fixed a race condition with the improperly initialized session start time
(thanks to Michael Dankov)
+ fixed PidFile permissions (Magnus Ekdahl, bug reported by Tomasz Papszun)
+ fixed LogFile permissions (Magnus Ekdahl)
+ new directive ScanRAR (bacause RAR support is now disabled by default)
+ new directive VirusEvent
+ new directive FixStaleSocket (Thomas Lamy and Mark Mielke)
+ new directive TCPAddr (Bernard Quatermass, fixed by Damien Curtain)
+ new directive Debug
-) clamav-milter: (Nigel Horne <njh*clamav.net>)
+ new --force-scan flag
+ new -P and -q flags by Nicholas M. Kirsch
WARNING: clamav-milter and our mail scanner are still in high development
and may be unstable. You should always use the CVS version.
-) libclamav:
+ support for a new database container format (CVD) - compressed and
digitally signed
+ better protection against malformed zip archives (such as Mimail)
+ mail decoder fixes (thanks to Rene Bellora, Bernd Kuhls, Thomas Lamy,
Tomasz Papszun) (Nigel Horne)
+ memory leak fixes (Thomas Lamy)
+ new scan option CL_DISABLERAR (disables built-in RAR unpacker)
-) freshclam:
+ fixed --on-error-execute behaviour (David Woakes)
+ new option --user (-u) USER - run as USER instead of the default user.
Patch by Damien Curtain.
+ rewritten to use database.clamav.net and CVD
-) documentation:
+ new Spanish documentation on ClamAV and Sendmail integration by
Erick Ivaan Lopez Carreon
+ included clamdoc.pdf Turkish translation by yavuz kaya and Ýbrahim erken
+ included clamav-mirror-howto.pdf by Luca Gibelli
+ included clamd+daemontools HOWTO by Jesse D. Guardiani
+ included signatures.pdf
+ man pages: updated
+ clamdoc.pdf: rewritten
However currently milter support is disabled, as it requires strerror_r to
be available, which it isn't on -current.
Note this required the fixing of the milter tests in the configure.in file.
It seemed if you used --disable-milter and the .h file was in the include
path, eg on -current it's in /usr/include/libmilter it was found and used.
We now have a want_milter for the --enable/disable-milter, which will
trigger the tests to setup have_milter.
Once I've sorted out the strerror_r problem in -current I'll enable the
milter support (or if someone tells me it works with pth)
Bump PKGREVISION.
Also fix pkg/22714, clamav not building, this was due to it rerunning
configure due to dependancy updates, which built a new libtool, replacing
the one we had given it from pkgsrc.
The fix is to run autoconf and automake on the patches, I would have done
diff's post autoconf/automake, but the diffs are much bigger.
Known issue, if you run fetchclam to update the databases you'll find that
pkg_install won't remove the db files as the MD5 checksum has changed, I
may move the db files into etc/clamav and copy them in, then fetchclam can
update as needed.
However I thought that given the current spate of viruses hitting people
they maybe wanting the latest version.
Provided in PR 20662 by David Ferlier, modified to use pkgsrc libtool
and to add users by myself.
Clam AntiVirus is an anti-virus toolkit written from scratch. It is
licensed under GNU GPL2 and uses the virus database from
OpenAntiVirus, which is an another free anti-virus project. In
contrast to OpenAntiVirus (which is written in Java), Clam AntiVirus
is written entirely in C and its database is KEPT UP TO DATE. It also
detects polymorphic viruses as well.
