Revisions of clamav
Reinhard Max (rmax)
committed
(revision 214)
Add missing bug references
Reinhard Max (rmax)
accepted
request 848100
from
Dominique Leuenberger (dimstar)
(revision 213)
- Do not hard-depend on systemd: use systemd_ordering instead of systemd_requires.
Reinhard Max (rmax)
committed
(revision 212)
- Sync Factory to SLE-15 to implement jsc#ECO-3010.
Reinhard Max (rmax)
committed
(revision 211)
- bsc#1119353, clamav-fips.patch: Fix freshclam crash in FIPS mode. - Keep OBS from installing an existing clamav instance to scan the sources, because this makes "make check" use the old library instead of the just built one. This is only a workaround until we found a way to keep libtool from adding libdir to rpath and LD_LIBRARY_PATH of the binaries in the testsuite.
buildservice-autocommit
accepted
request 835433
from
Reinhard Max (rmax)
(revision 210)
baserev update by copy to link target
Reinhard Max (rmax)
accepted
request 834369
from
Arjen de Korte (adkorte)
(revision 209)
- Update to 0.103.0 * clamd can now reload the signature database without blocking scanning. This multi-threaded database reload improvement was made possible thanks to a community effort. - Non-blocking database reloads are now the default behavior. Some systems that are more constrained on RAM may need to disable non-blocking reloads as it will temporarily consume two times as much memory. We added a new clamd config option ConcurrentDatabaseReload, which may be set to no. * Dropped clamav-str-h.patch (no longer needed) * Fix clamav-milter.service (requires clamd.service to run)
buildservice-autocommit
accepted
request 821532
from
Reinhard Max (rmax)
(revision 208)
baserev update by copy to link target
Reinhard Max (rmax)
accepted
request 821356
from
Arjen de Korte (adkorte)
(revision 207)
- Update to 0.102.4 * CVE-2020-3350: Fix a vulnerability wherein a malicious user could replace a scan target's directory with a symlink to another path to trick clamscan, clamdscan, or clamonacc into removing or moving a different file (eg. a critical system file). The issue would affect users that use the --move or --remove options for clamscan, clamdscan, and clamonacc. * CVE-2020-3327: Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.3 that could cause a Denial-of-Service (DoS) condition. Improper bounds checking results in an out-of-bounds read which could cause a crash. The previous fix for this CVE in 0.102.3 was incomplete. This fix correctly resolves the issue. * CVE-2020-3481: Fix a vulnerability in the EGG archive module in ClamAV 0.102.0 - 0.102.3 could cause a Denial-of-Service (DoS) condition. Improper error handling may result in a crash due to a NULL pointer dereference. This vulnerability is mitigated for those using the official ClamAV signature databases because the file type signatures in daily.cvd will not enable the EGG archive parser in versions affected by the vulnerability.
buildservice-autocommit
accepted
request 803386
from
Reinhard Max (rmax)
(revision 206)
baserev update by copy to link target
Reinhard Max (rmax)
accepted
request 803374
from
Arjen de Korte (adkorte)
(revision 205)
- Update to 0.102.3 * CVE-2020-3327: Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that could cause a Denial-of-Service (DoS) condition. Improper bounds checking of an unsigned variable results in an out-of-bounds read which causes a crash. * CVE-2020-3341: Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that could cause a Denial-of-Service (DoS) condition. Improper size checking of a buffer used to initialize AES decryption routines results in an out-of-bounds read which may cause a crash. * Fix "Attempt to allocate 0 bytes" error when parsing some PDF documents. * Fix a couple of minor memory leaks. * Updated libclamunrar to UnRAR 5.9.2.
buildservice-autocommit
accepted
request 794379
from
Lars Vogdt (lrupp)
(revision 204)
baserev update by copy to link target
Lars Vogdt (lrupp)
accepted
request 790518
from
Martin Pluskal (pluskalm)
(revision 203)
- Drop python build dependency as it is not needed
buildservice-autocommit
accepted
request 770647
from
Reinhard Max (rmax)
(revision 202)
baserev update by copy to link target
Reinhard Max (rmax)
accepted
request 770381
from
Arjen de Korte (adkorte)
(revision 201)
- update to 0.102.2 * CVE-2020-3123: A denial-of-service (DoS) condition may occur when using the optional credit card data-loss-prevention (DLP) feature. Improper bounds checking of an unsigned variable resulted in an out-of-bounds read, which causes a crash. * Significantly improved the scan speed of PDF files on Windows. * Re-applied a fix to alleviate file access issues when scanning RAR files in downstream projects that use libclamav where the scanning engine is operating in a low-privilege process. This bug was originally fixed in 0.101.2 and the fix was mistakenly omitted from 0.102.0. * Fixed an issue where freshclam failed to update if the database version downloaded is one version older than advertised. This situation may occur after a new database version is published. The issue affected users downloading the whole CVD database file. * Changed the default freshclam ReceiveTimeout setting to 0 (infinite). The ReceiveTimeout had caused needless database update failures for users with slower internet connections. * Correctly display the number of kilobytes (KiB) in progress bar and reduced the size of the progress bar to accommodate 80-character width terminals. * Fixed an issue where running freshclam manually causes a daemonized freshclam process to fail when it updates because the manual instance deletes the temporary download directory. The freshclam temporary files will now download to a unique directory created at the time of an update instead of using a hardcoded directory created/destroyed at the program start/exit. * Fix for freshclam's OnOutdatedExecute config option. * Fixes a memory leak in the error condition handling for the email parser. * Improved bound checking and error handling in ARJ archive parser. * Improved error handling in PDF parser. * Fix for memory leak in byte-compare signature handler.
buildservice-autocommit
accepted
request 759922
from
Lars Vogdt (lrupp)
(revision 200)
baserev update by copy to link target
Lars Vogdt (lrupp)
accepted
request 759130
from
Arjen de Korte (adkorte)
(revision 199)
- The freshclam.service should not be started before the network is online (it checks for updates immediately upon service start)
buildservice-autocommit
accepted
request 759585
from
Factory Maintainer (factory-maintainer)
(revision 198)
baserev update by copy to link target
buildservice-autocommit
accepted
request 758279
from
Robert Frohl (rfrohl)
(revision 197)
baserev update by copy to link target
Lars Vogdt (lrupp)
accepted
request 758289
from
Dominique Leuenberger (dimstar)
(revision 196)
Fix a typo in the changelog
Robert Frohl (rfrohl)
accepted
request 758248
from
Dominique Leuenberger (dimstar)
(revision 195)
- BuildRequire pkgconfig(libsystemd) instead of systemd-devel: Aloow OBS to shortcut through the -mini flavors.
Displaying revisions 41 - 60 of 254