-
clamav (0.98.7+dfsg-0ubuntu0.15.04.1) vivid-security; urgency=medium
* Updated to 0.98.7 to fix multiple issues
- CVE-2015-2170
- CVE-2015-2221
- CVE-2015-2222
- CVE-2015-2305
- CVE-2015-2668
* Refreshed patches for 0.98.7:
- d/p/0005-libclamav-use-libmspack.patch
- d/p/0007-fix-ssize_t-size_t-off_t-printf-modifier.patch
- d/p/0008-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
- d/p/0015-llvm-don-t-use-system-libs.patch
* Removed upstreamed patches:
- d/p/0012-remove-AC_CONFIG_SRCDIR-llvm-configure-from-libclama.patch
-- Marc Deslauriers <email address hidden> Mon, 04 May 2015 11:32:16 -0400
-
clamav (0.98.6+dfsg-1ubuntu4) vivid; urgency=medium
* No change upload to work around temporary archive ddeb issue
clamav (0.98.6+dfsg-1ubuntu3) vivid; urgency=medium
* d/clamav-daemon.postinst.in: Fix typo which causes a crash while installing
this package over any previous version (upgrading). Variable $DEBCONFILE
has been used incorrectly inside the script instead of $DEBCONFFILE. This
issue doesn't show up during regular installation (not upgrade) because
the typo is on the path which gets executed only if debconf information is
available for the package (LP: #1438745, #1447809, Closes: #778507).
-- Scott Kitterman <email address hidden> Fri, 24 Apr 2015 22:19:57 -0400
-
clamav (0.98.6+dfsg-1ubuntu3) vivid; urgency=medium
* d/clamav-daemon.postinst.in: Fix typo which causes a crash while installing
this package over any previous version (upgrading). Variable $DEBCONFILE
has been used incorrectly inside the script instead of $DEBCONFFILE. This
issue doesn't show up during regular installation (not upgrade) because
the typo is on the path which gets executed only if debconf information is
available for the package (LP: #1438745, #1447809, Closes: #778507).
-- Oleg Strikov <email address hidden> Fri, 24 Apr 2015 15:05:18 +0000
-
clamav (0.98.6+dfsg-1ubuntu2) vivid; urgency=medium
* Don't use llvm on armhf, arm64 and ppc64el.
- armhf: Should work, but upstream claims it's not tested and
refuses to build. Why do we have testsuites?
- arm64: No JIT available in 3.5.
- ppc64el: Builds, but fails one test.
-- Matthias Klose <email address hidden> Thu, 05 Mar 2015 17:00:42 +0100
-
clamav (0.98.6+dfsg-1ubuntu1) vivid; urgency=medium
* Explicitly build using llvm-3.5, on all architectures.
-- Matthias Klose <email address hidden> Wed, 04 Mar 2015 20:45:34 +0100
-
clamav (0.98.6+dfsg-1) unstable; urgency=high
[ Sebastian Andrzej Siewior ]
* update "fix-ssize_t-size_t-off_t-printf-modifier", include of misc.h was
missing but was pulled in via the systemd patch.
* Don't leak return codes from libmspack to clamav API. (Closes: #774686).
[ Andreas Cadhalpun ]
* Add patch to avoid emitting incremental progress messages when not
outputting to a terminal. (Closes: #767350)
* Update lintian-overrides for unused-file-paragraph-in-dep5-copyright.
* clamav-base.postinst: always chown /var/log/clamav and /var/lib/clamav
to clamav:clamav, not only on fresh installations. (Closes: #775400)
* Adapt the clamav-daemon and clamav-freshclam logrotate scripts,
so that they correctly work under systemd.
* Move the PidFile variable from the clamd/freshclam configuration files
to the init scripts. This makes the init scripts more robust against
misconfiguration and avoids error messages with systemd. (Closes: #767353)
* debian/copyright: drop files from Files-Excluded only present in github
tarballs
* Drop Workaround-a-bug-in-libc-on-Hurd.patch, because hurd got fixed.
(see #752237)
* debian/rules: Remove useless --with-system-tommath --without-included-ltdl
configure options.
[ Scott Kitterman ]
* Stop stripping llvm when repacking the tarball as the system llvm on some
releases is too old to use
* New upstream bugfix release
- Library shared object revisions.
- Includes a patch from Sebastian Andrzej Siewior making ClamAV pid files
compatible with systemd.
- Fix a heap out of bounds condition with crafted Yoda's crypter files.
This issue was discovered by Felix Groebert of the Google Security Team.
- Fix a heap out of bounds condition with crafted mew packer files. This
issue was discovered by Felix Groebert of the Google Security Team.
- Fix a heap out of bounds condition with crafted upx packer files. This
issue was discovered by Kevin Szkudlapski of Quarkslab.
- Fix a heap out of bounds condition with crafted upack packer files. This
issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328.
- Compensate a crash due to incorrect compiler optimization when handling
crafted petite packer files. This issue was discovered by Sebastian
Andrzej Siewior.
* Update lintian override for embedded zlib to match new so version
[ Javier Fernández-Sanguino ]
* Updated Spanish Debconf template translation (Closes: #773563)
-- Scott Kitterman <email address hidden> Wed, 28 Jan 2015 00:25:13 -0500
-
clamav (0.98.5+dfsg-3) unstable; urgency=medium
* Fix failure to purge, noticed by piuparts. (Closes: #772092)
-- Andreas Cadhalpun <email address hidden> Thu, 04 Dec 2014 22:30:17 +0100
-
clamav (0.98.5+dfsg-2) unstable; urgency=medium
* Automatically extend the clamav-daemon.socket systemd unit to create the
TCP socket, when clamd is configured to use TCP. (Closes: #771911)
* Also accept AF_INET6 sockets in clamd, as they are now supported.
Systemd uses AF_INET6 for TCP sockets without specified address.
-- Andreas Cadhalpun <email address hidden> Wed, 03 Dec 2014 23:26:21 +0100
-
clamav (0.98.5+dfsg-1) unstable; urgency=medium
[ Sebastian Andrzej Siewior ]
* import new upsstream version, refresh patches:
dropped:
- LLVM-3.5-version-check-update.patch
- add-support-for-LLVM-3.5.patch
- fix-test-failure-on-powerpc-again.patch
updated:
- hardcode-LLVM-linker-flag-because-llvm-config-return
- added "bb-10731-Allow-to-specificy-a-group-for-the-socket-o" as
dependecy for "clamav-milter-add-additinal-SMFIF_-flags-before-invo"
(Closes: #763300)
* Add "Bump-.so-version-number", likely the RPM version of 769384.
* Add "llvm-don-t-use-system-libs", since we don't link against .a libs, we
don't need the deps either.
[ Scott Kitterman ]
* Update libclamav6: embedded-library lintian override for new libclamav6 so
version
-- Sebastian Andrzej Siewior <email address hidden> Wed, 19 Nov 2014 22:28:22 +0100
-
clamav (0.98.5~rc1+dfsg-4) unstable; urgency=medium
* Bump the version requirement for the cl_retflevel symbol to 0.98.5~rc1,
because the CL_FLEVEL, which this function returns, increased in that
version the last time.
This ensures that the functionality level of libclamav is always new
enough. (Closes: #769384)
-- Andreas Cadhalpun <email address hidden> Thu, 13 Nov 2014 23:34:58 +0100
-
clamav (0.98.5~rc1+dfsg-3) unstable; urgency=medium
* Add "clamav-milter-add-additinal-SMFIF_-flags-before-invo" to make sure
clamav-milter is able to add/replace X-Virus-Status + X-Virus-Scanned
header flags. Broken since bb-10731 got included (0.98.5~beta1+dfsg-3).
-- Sebastian Andrzej Siewior <email address hidden> Thu, 30 Oct 2014 16:27:26 -0400
-
clamav (0.98.5~rc1+dfsg-2) unstable; urgency=medium
* Add patch to fix test failure on powerpc again.
(This is the same fix as in 0.98.4~rc1+dfsg-3.)
-- Andreas Cadhalpun <email address hidden> Thu, 16 Oct 2014 23:18:53 +0200
-
clamav (0.98.4+dfsg-2) unstable; urgency=high
[ Scott Kitterman ]
* Urgency high due to fix for undocumented API/ABI break
* debian/patches/0002-Fix-STAT64-definition-and-add-missing-includes.patch:
Removed, because the remaining changes are not needed to fix FTBFS and
upstream recommends drop due to potential issues with scanning large
files.
[ Andreas Cadhalpun ]
* Fix debian/watch to properly detect release candidates.
* Add patches to fix building on Hurd:
- 0008-Fix-compiling-on-Hurd.patch
- 0009-Workaround-a-bug-in-libc-on-Hurd.patch
* Fix 0004-Fix-FTBFS-with-LLVM-3.1-3.4.patch to correctly detect the
new LLVM version scheme X.Y.Z (instead of X.Y).
* Add versioned dependencies on procps (for 'pkill -F') and on dpkg
(for 'start-stop-daemon --status').
* Remove useless code from debian/freshclam.init.in.
* Avoid creation of an empty freshclam.pid file.
* Switch the watchfile to look at github.com, because the sf.net
website doesn't work correctly at the moment, see #752384.
* Add DEP-5 header with Files-Excluded field to debian/copyright
in order to let uscan remove unneeded files.
[ Julien Patriarca ]
* Updated French Debconf template translation (Closes: #752388)
[ Sebastian Andrzej Siewior ]
* Add 0010-Call-cl_initialize_crypto-in-cl_init.patch from upstream. The
cl_initialize_crypto() will now be invoked within libclamav in cl_init()
so there is now no need to force third party to invoke that function on
their own.
-- Scott Kitterman <email address hidden> Fri, 04 Jul 2014 10:17:03 -0400
