From patchwork Mon Nov 7 17:54:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthias Fischer X-Patchwork-Id: 6070 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4N5f4f3cJwz3wcM for ; Mon, 7 Nov 2022 17:54:26 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4N5f4b1f5mz2Q4; Mon, 7 Nov 2022 17:54:23 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4N5f4Z4ww5z2ycl; Mon, 7 Nov 2022 17:54:22 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4N5f4Y312Mz2xRt for ; Mon, 7 Nov 2022 17:54:21 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4N5f4X0My9zQS for ; Mon, 7 Nov 2022 17:54:19 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1667843660; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=AKWx82vwBESeQLveonzUdckoZd8WZmjn3HEBOtp/hok=; b=Y1RAgpMdonVQ3Npek/G1dP/Ti7/gofh8yk2lNdAI9twcBn2Vhjpxz1+We75STFLdEH2qp7 c9QlzZTI8CWMDmCQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1667843660; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=AKWx82vwBESeQLveonzUdckoZd8WZmjn3HEBOtp/hok=; b=Vqlwo02rEBl3kmoZz7aQiZC7AFCvSB1DgMj9XiI3BkKeqLeO5VOlvjRHjZ+8ajwVFFsSPc KCk7TxUSIwanTkIENL5MrCzM2fSxkxOQNU+39GI6/BTUwGoLPPBH6Vbrtlcj/2VBRfQoeP FC+yprDW6n7j1YitLndDFKBPzLbrQ4szCA+iXcETwi/pNGUvfHfBBH3XuBOSHoAjMtf5To ESZkfqS8tuy9iY3Rk8KXoHpp+2L8SKFty3UZSHaSDXT27ndDauHKfH/P1d62WqFf/jbvFL xSxRgo+D6XBSptRkCg1kq0EEGIp/mBGuYKwuh1PmOUV6Yt6xEr+eQMr+HAdqyw== From: Matthias Fischer To: development@lists.ipfire.org Subject: [PATCH] clamav 0.105.1: New package to resolve several CVEs Date: Mon, 7 Nov 2022 18:54:14 +0100 Message-Id: <20221107175414.3603488-1-matthias.fischer@ipfire.org> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" For details see: https://blog.clamav.net/2022/10/new-packages-for-clamav-01037-01044.html Fixes: "CVE-2022-37434 - A critical severity vulnerability in the zlib library. CVE-2022-40303 - A high severity vulnerability in the libxml2 library. Note: As of writing, the details of this CVE are not published. However, you can find additional details on other sites. CVE-2022-40304 - A high severity vulnerability in the libxml2 library. Note: As of writing, the details of this CVE are not published. However, you can find additional details on other sites." Signed-off-by: Matthias Fischer --- lfs/clamav | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lfs/clamav b/lfs/clamav index 987c0453a..1cd15ea27 100644 --- a/lfs/clamav +++ b/lfs/clamav @@ -27,14 +27,15 @@ include Config SUMMARY = Antivirus Toolkit VER = 0.105.1 +SUBVER = -2 THISAPP = clamav-$(VER) -DL_FILE = $(THISAPP).tar.gz +DL_FILE = $(THISAPP)$(SUBVER).tar.gz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = clamav -PAK_VER = 62 +PAK_VER = 63 DEPS = @@ -50,7 +51,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = be46d9afd76fb536d7de7363a45d38fef6a5983011e3cd0dcc25c2a209c8d37a2bbe1f7f4a5694152cabf622ef83e072b892ae12ba404da1955bb5b654e5216d +$(DL_FILE)_BLAKE2 = 09e67f4ae4f9689e634aa18cd672b16d8a4cb8b3923527c7c92ffa264b415dc49b5ee82ceaa518cf701a910b49a344753c7d0de894a772b0b871e492c95d60f4 install : $(TARGET)