Update clamav to 0.102.3. ## 0.102.3 ClamAV 0.102.3 is a bug patch release to address the following issues. - [CVE-2020-3327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327): Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that could cause a Denial-of-Service (DoS) condition. Improper bounds checking of an unsigned variable results in an out-of-bounds read which causes a crash. Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ parsing vulnerability. - [CVE-2020-3341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341): Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that could cause a Denial-of-Service (DoS) condition. Improper size checking of a buffer used to initialize AES decryption routines results in an out-of- bounds read which may cause a crash. Bug found by OSS-Fuzz. - Fix "Attempt to allocate 0 bytes" error when parsing some PDF documents. - Fix a couple of minor memory leaks. - Updated libclamunrar to UnRAR 5.9.2.
15 lines
447 B
Text
15 lines
447 B
Text
# $NetBSD: Makefile.common,v 1.16 2020/05/13 14:58:58 taca Exp $
|
|
#
|
|
# used by security/clamav/Makefile
|
|
# used by security/clamav-doc/Makefile
|
|
|
|
DISTNAME= clamav-0.102.3
|
|
CATEGORIES= security
|
|
MASTER_SITES= http://www.clamav.net/downloads/production/
|
|
|
|
MAINTAINER?= pkgsrc-users@NetBSD.org
|
|
HOMEPAGE= https://www.clamav.net/
|
|
LICENSE= gnu-gpl-v2
|
|
|
|
DISTINFO_FILE= ${.CURDIR}/../../security/clamav/distinfo
|
|
PATCHDIR= ${.CURDIR}/../../security/clamav/patches
|