diff mbox series

clamav: Update to 1.0.1

Message ID 20230217180048.1770-1-matthias.fischer@ipfire.org
State Accepted
Commit d08fb579282307f4db936996c6e6110d442d79f4
Headers
Series clamav: Update to 1.0.1 |

Commit Message

Matthias Fischer Feb. 17, 2023, 6 p.m. UTC 
  For details see:
https://blog.clamav.net/2023/02/clamav-01038-01052-and-101-patch.html

"ClamAV 1.0.1 is a critical patch release with the following fixes:

    CVE-2023-20032: Fixed a possible remote code execution
    vulnerability in the HFS+ file parser. The issue affects versions
    1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier.
    Thank you to Simon Scannell for reporting this issue.

    CVE-2023-20052: Fixed a possible remote information leak
    vulnerability in the DMG file parser. The issue affects versions
    1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier.
    Thank you to Simon Scannell for reporting this issue.

    Fix an allmatch detection issue with the preclass bytecode hook."

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
---
 lfs/clamav | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

Comments

Michael Tremer Feb. 20, 2023, 4:30 p.m. UTC | #1 
Thank you. As this is rather critical, I merged this into c173.

> On 17 Feb 2023, at 18:00, Matthias Fischer <matthias.fischer@ipfire.org> wrote:
> 
> For details see:
> https://blog.clamav.net/2023/02/clamav-01038-01052-and-101-patch.html
> 
> "ClamAV 1.0.1 is a critical patch release with the following fixes:
> 
>    CVE-2023-20032: Fixed a possible remote code execution
>    vulnerability in the HFS+ file parser. The issue affects versions
>    1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier.
>    Thank you to Simon Scannell for reporting this issue.
> 
>    CVE-2023-20052: Fixed a possible remote information leak
>    vulnerability in the DMG file parser. The issue affects versions
>    1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier.
>    Thank you to Simon Scannell for reporting this issue.
> 
>    Fix an allmatch detection issue with the preclass bytecode hook."
> 
> Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
> ---
> lfs/clamav | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/lfs/clamav b/lfs/clamav
> index 24c13f00b..426321c05 100644
> --- a/lfs/clamav
> +++ b/lfs/clamav
> @@ -26,7 +26,7 @@ include Config
> 
> SUMMARY    = Antivirus Toolkit
> 
> -VER        = 1.0.0
> +VER        = 1.0.1
> 
> THISAPP    = clamav-$(VER)
> DL_FILE    = $(THISAPP).tar.gz
> @@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
> DIR_APP    = $(DIR_SRC)/$(THISAPP)
> TARGET     = $(DIR_INFO)/$(THISAPP)
> PROG       = clamav
> -PAK_VER    = 64
> +PAK_VER    = 65
> 
> DEPS       =
> 
> @@ -50,7 +50,7 @@ objects = $(DL_FILE)
> 
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> 
> -$(DL_FILE)_BLAKE2 = 62d00a9ceb1849d1517f34194daaa3bb8bbc904e81e3a20791cf0b5f557587cc497e23feb38cdfbb8b152446821eb20d9a4bce18a0c83d1c31474bfed9944c69
> +$(DL_FILE)_BLAKE2 = 8f216051eeb94a9196849c9edff2fe0c73e4aa3ca242cf72d91c1692eb2a4688f8e525f638b6870a2f934976435a4272a1f116c1cf3a7cfd194efa91f11fd135
> 
> install : $(TARGET)
> 
> -- 
> 2.34.1
>
diff mbox series

Patch

diff --git a/lfs/clamav b/lfs/clamav
index 24c13f00b..426321c05 100644
--- a/lfs/clamav
+++ b/lfs/clamav
@@ -26,7 +26,7 @@  include Config
 
 SUMMARY    = Antivirus Toolkit
 
-VER        = 1.0.0
+VER        = 1.0.1
 
 THISAPP    = clamav-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -34,7 +34,7 @@  DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = clamav
-PAK_VER    = 64
+PAK_VER    = 65
 
 DEPS       =
 
@@ -50,7 +50,7 @@  objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 62d00a9ceb1849d1517f34194daaa3bb8bbc904e81e3a20791cf0b5f557587cc497e23feb38cdfbb8b152446821eb20d9a4bce18a0c83d1c31474bfed9944c69
+$(DL_FILE)_BLAKE2 = 8f216051eeb94a9196849c9edff2fe0c73e4aa3ca242cf72d91c1692eb2a4688f8e525f638b6870a2f934976435a4272a1f116c1cf3a7cfd194efa91f11fd135
 
 install : $(TARGET)