| Message ID | 20191121165748.1363-1-matthias.fischer@ipfire.org |
|---|---|
| State | Accepted |
| Commit | 1f1c2f4364434a11ddaaef3f1778a6c284cf380f |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 47Jm2w23tWz43Ts for <patchwork@web04.haj.ipfire.org>; Thu, 21 Nov 2019 16:58:00 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 47Jm2t39h4z2Jl; Thu, 21 Nov 2019 16:57:58 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 47Jm2t0zHbz2yd4; Thu, 21 Nov 2019 16:57:58 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 47Jm2r6P8Mz2xxq for <development@lists.ipfire.org>; Thu, 21 Nov 2019 16:57:56 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 47Jm2r30Nsz2Jl for <development@lists.ipfire.org>; Thu, 21 Nov 2019 16:57:56 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909ed25519; t=1574355476; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=YWj5L1ahDEKvwZA36xBKgIp99FsIDiJ+V8qUcGR/UNI=; b=LcZRt5EirlcIiE1OcOoKP8jG30z1otUxSUWxw8eH1AJyaYzEtMVOyoRmDEu0SJzHv/fJ2y 8iSBz6Tq4AZ8qsCQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201909rsa; t=1574355476; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=YWj5L1ahDEKvwZA36xBKgIp99FsIDiJ+V8qUcGR/UNI=; b=InkbasI3kn3vUqI0yykrXdGHXAF84kaFSGvM2I9imX+JZFEMfSoB38U6pbcE7n/q3cEMNg Qj2QwyYdjVLKX4q8J1+V+IP6MK0kSL5LhEorCqMU6IXQLTdBMVgL2nudU/ahBv/Km/oJDS cqRmfjtN2nIl1HFXbBWGuwpsvOLk+IxlAmx3nsXn6k3DbzAwiApGpzISbkqjFSHYY5Osy+ zKlX95FFLQv20VzGH66pd/ITZov463iV7s9FsPpkQK1GXR5wXQHdEQNWTeNB+2YdxVrkEg ywDtiI41n1dC/rB86UvR9Zwi+q6nW2CewXgdpO+pGyVsS9AvORzYqfOeSt4AQA== From: Matthias Fischer <matthias.fischer@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] clamav: Update to 0.102.1 Date: Thu, 21 Nov 2019 17:57:48 +0100 Message-Id: <20191121165748.1363-1-matthias.fischer@ipfire.org> Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=mfischer smtp.mailfrom=matthias.fischer@ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
| Series |
clamav: Update to 0.102.1
|
|
Commit Message
Matthias Fischer
Nov. 21, 2019, 4:57 p.m. UTC
For details see:
https://blog.clamav.net/2019/11/clamav-01021-and-01015-patches-have.html
"Fix for the following vulnerability affecting 0.102.0 and 0.101.4 and prior:
CVE-2019-15961:
A Denial-of-Service (DoS) vulnerability may occur when scanning
a specially crafted email file as a result of excessively long scan
times. The issue is resolved by implementing several maximums in parsing
MIME messages and by optimizing use of memory allocation.
Build system fixes to build clamav-milter, to correctly link with
libxml2 when detected, and to correctly detect fanotify for on-access
scanning feature support.
Signature load time is significantly reduced by changing to a more
efficient algorithm for loading signature patterns and allocating the AC
trie. Patch courtesy of Alberto Wu.
Introduced a new configure option to statically link libjson-c with
libclamav. Static linking with libjson is highly recommended to prevent
crashes in applications that use libclamav alongside another JSON
parsing library.
Null-dereference fix in email parser when using the --gen-json metadata
option.
Fixes for Authenticode parsing and certificate signature (.crb database)
bugs."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
---
lfs/clamav | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
Comments
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> > On 21 Nov 2019, at 16:57, Matthias Fischer <matthias.fischer@ipfire.org> wrote: > > For details see: > https://blog.clamav.net/2019/11/clamav-01021-and-01015-patches-have.html > > "Fix for the following vulnerability affecting 0.102.0 and 0.101.4 and prior: > > CVE-2019-15961: > A Denial-of-Service (DoS) vulnerability may occur when scanning > a specially crafted email file as a result of excessively long scan > times. The issue is resolved by implementing several maximums in parsing > MIME messages and by optimizing use of memory allocation. > > Build system fixes to build clamav-milter, to correctly link with > libxml2 when detected, and to correctly detect fanotify for on-access > scanning feature support. > > Signature load time is significantly reduced by changing to a more > efficient algorithm for loading signature patterns and allocating the AC > trie. Patch courtesy of Alberto Wu. > > Introduced a new configure option to statically link libjson-c with > libclamav. Static linking with libjson is highly recommended to prevent > crashes in applications that use libclamav alongside another JSON > parsing library. > > Null-dereference fix in email parser when using the --gen-json metadata > option. > > Fixes for Authenticode parsing and certificate signature (.crb database) > bugs." > > Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> > --- > lfs/clamav | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/lfs/clamav b/lfs/clamav > index 949117bf0..9c0aab55f 100644 > --- a/lfs/clamav > +++ b/lfs/clamav > @@ -24,7 +24,7 @@ > > include Config > > -VER = 0.102.0 > +VER = 0.102.1 > > THISAPP = clamav-$(VER) > DL_FILE = $(THISAPP).tar.gz > @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) > DIR_APP = $(DIR_SRC)/$(THISAPP) > TARGET = $(DIR_INFO)/$(THISAPP) > PROG = clamav > -PAK_VER = 47 > +PAK_VER = 48 > > DEPS = "" > > @@ -50,7 +50,7 @@ objects = $(DL_FILE) > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > -$(DL_FILE)_MD5 = 51e1dff512350284b4b11c3dc2d00da0 > +$(DL_FILE)_MD5 = 3d5f5f10a1bea212823050286c8c5b96 > > install : $(TARGET) > > -- > 2.18.0 >
diff --git a/lfs/clamav b/lfs/clamav index 949117bf0..9c0aab55f 100644 --- a/lfs/clamav +++ b/lfs/clamav @@ -24,7 +24,7 @@ include Config -VER = 0.102.0 +VER = 0.102.1 THISAPP = clamav-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = clamav -PAK_VER = 47 +PAK_VER = 48 DEPS = "" @@ -50,7 +50,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 51e1dff512350284b4b11c3dc2d00da0 +$(DL_FILE)_MD5 = 3d5f5f10a1bea212823050286c8c5b96 install : $(TARGET)