clamav: Update to version 1.5.2
Commit Message
- Update from version 1.5.1 to 1.5.2
- Update of rootfile
- CVE fix in update
- Changelog
1.5.2
- [CVE-2026-20031](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20031):
Fixed an error handling bug in the HTML file parser that may crash the program
and cause a denial-of-service (DoS) condition.
This issue was introduced in version 1.1.0.
The fix is included in 1.5.2 and 1.4.4.
- Fixed a possible infinite loop when scanning some JPEG files by upgrading
affected ClamAV dependency, a Rust image library.
Unfortunately, this change requires a newer Rust compiler for ClamAV.
The minimum Rust version for ClamAV 1.4.3 was 1.85.1.
The minimum Rust version for ClamAV 1.4.4 is now 1.87.0.
- Fixed a possible crash on Windows when scanning some files while using the
`LeaveTemporaryFiles` and `TemporaryDirectory` features.
- The CVD verification process will now ignore certificate files in the CVD
certs directory when the user lacks read permissions.
- Freshclam: Fixed CLD verification bug with `PrivateMirror` option.
- Upgraded the Rust `bytes` dependency to a newer version to resolve the
RUSTSEC-2026-0007 advisory.
- Fixed a possible crash caused by invalid pointer alignment on some platforms.
This fix is courtesy of Hsuan-Ming Chen at Synology PSIRT.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
config/rootfiles/packages/clamav | 82 ++++++++++++++------------------
lfs/clamav | 6 +--
2 files changed, 39 insertions(+), 49 deletions(-)
@@ -36,18 +36,8 @@ usr/sbin/clamd
#usr/share/doc/ClamAV
#usr/share/doc/ClamAV/html
#usr/share/doc/ClamAV/html/404.html
-#usr/share/doc/ClamAV/html/FontAwesome
-#usr/share/doc/ClamAV/html/FontAwesome/css
-#usr/share/doc/ClamAV/html/FontAwesome/css/font-awesome.css
-#usr/share/doc/ClamAV/html/FontAwesome/fonts
-#usr/share/doc/ClamAV/html/FontAwesome/fonts/FontAwesome.ttf
-#usr/share/doc/ClamAV/html/FontAwesome/fonts/fontawesome-webfont.eot
-#usr/share/doc/ClamAV/html/FontAwesome/fonts/fontawesome-webfont.svg
-#usr/share/doc/ClamAV/html/FontAwesome/fonts/fontawesome-webfont.ttf
-#usr/share/doc/ClamAV/html/FontAwesome/fonts/fontawesome-webfont.woff
-#usr/share/doc/ClamAV/html/FontAwesome/fonts/fontawesome-webfont.woff2
#usr/share/doc/ClamAV/html/Introduction.html
-#usr/share/doc/ClamAV/html/ace.js
+#usr/share/doc/ClamAV/html/ace-2a3cd908.js
#usr/share/doc/ClamAV/html/appendix
#usr/share/doc/ClamAV/html/appendix/Appendix.html
#usr/share/doc/ClamAV/html/appendix/Authenticode.html
@@ -55,19 +45,19 @@ usr/sbin/clamd
#usr/share/doc/ClamAV/html/appendix/FileTypes.html
#usr/share/doc/ClamAV/html/appendix/FunctionalityLevels.html
#usr/share/doc/ClamAV/html/appendix/Terminology.html
-#usr/share/doc/ClamAV/html/ayu-highlight.css
-#usr/share/doc/ClamAV/html/book.js
-#usr/share/doc/ClamAV/html/clipboard.min.js
+#usr/share/doc/ClamAV/html/ayu-highlight-3fdfc3ac.css
+#usr/share/doc/ClamAV/html/book-a0b12cfe.js
+#usr/share/doc/ClamAV/html/clipboard-1626706a.min.js
#usr/share/doc/ClamAV/html/community_resources
#usr/share/doc/ClamAV/html/community_resources/CommunityResources.html
#usr/share/doc/ClamAV/html/community_resources/CompileClamAV_AmazonLinux2.txt
#usr/share/doc/ClamAV/html/css
-#usr/share/doc/ClamAV/html/css/chrome.css
-#usr/share/doc/ClamAV/html/css/general.css
-#usr/share/doc/ClamAV/html/css/print.css
-#usr/share/doc/ClamAV/html/css/variables.css
-#usr/share/doc/ClamAV/html/editor.js
-#usr/share/doc/ClamAV/html/elasticlunr.min.js
+#usr/share/doc/ClamAV/html/css/chrome-ae938929.css
+#usr/share/doc/ClamAV/html/css/general-8eed8816.css
+#usr/share/doc/ClamAV/html/css/print-9e4910d8.css
+#usr/share/doc/ClamAV/html/css/variables-6d03f665.css
+#usr/share/doc/ClamAV/html/editor-16ca416c.js
+#usr/share/doc/ClamAV/html/elasticlunr-ef4e11c1.min.js
#usr/share/doc/ClamAV/html/faq
#usr/share/doc/ClamAV/html/faq/faq-cvd.html
#usr/share/doc/ClamAV/html/faq/faq-eol.html
@@ -86,25 +76,25 @@ usr/sbin/clamd
#usr/share/doc/ClamAV/html/faq/faq-whichversion.html
#usr/share/doc/ClamAV/html/faq/faq-win32.html
#usr/share/doc/ClamAV/html/faq/faq.html
-#usr/share/doc/ClamAV/html/favicon.png
+#usr/share/doc/ClamAV/html/favicon-ba1b3133.png
#usr/share/doc/ClamAV/html/fonts
-#usr/share/doc/ClamAV/html/fonts/OPEN-SANS-LICENSE.txt
-#usr/share/doc/ClamAV/html/fonts/SOURCE-CODE-PRO-LICENSE.txt
-#usr/share/doc/ClamAV/html/fonts/fonts.css
-#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-300.woff2
-#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-300italic.woff2
-#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-600.woff2
-#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-600italic.woff2
-#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-700.woff2
-#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-700italic.woff2
-#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-800.woff2
-#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-800italic.woff2
-#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-italic.woff2
-#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-regular.woff2
-#usr/share/doc/ClamAV/html/fonts/source-code-pro-v11-all-charsets-500.woff2
+#usr/share/doc/ClamAV/html/fonts/OPEN-SANS-LICENSE-cfc7749b.txt
+#usr/share/doc/ClamAV/html/fonts/SOURCE-CODE-PRO-LICENSE-d1e6d465.txt
+#usr/share/doc/ClamAV/html/fonts/fonts-9644e21d.css
+#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-300-7736aa35.woff2
+#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-300italic-2c7b95c0.woff2
+#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-600-486c6759.woff2
+#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-600italic-1a3e8659.woff2
+#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-700-c22fe8c7.woff2
+#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-700italic-238ae959.woff2
+#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-800-3d2c812a.woff2
+#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-800italic-ba1521ec.woff2
+#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-italic-6c9463f7.woff2
+#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-regular-2e3b1d34.woff2
+#usr/share/doc/ClamAV/html/fonts/source-code-pro-v11-all-charsets-500-2bdd9410.woff2
#usr/share/doc/ClamAV/html/googled62299e9391332c4.html
-#usr/share/doc/ClamAV/html/highlight.css
-#usr/share/doc/ClamAV/html/highlight.js
+#usr/share/doc/ClamAV/html/highlight-493f70e1.css
+#usr/share/doc/ClamAV/html/highlight-abc7f01d.js
#usr/share/doc/ClamAV/html/images
#usr/share/doc/ClamAV/html/images/change-fork-name.png
#usr/share/doc/ClamAV/html/images/cisco.png
@@ -165,21 +155,21 @@ usr/sbin/clamd
#usr/share/doc/ClamAV/html/manual/Usage/Services.html
#usr/share/doc/ClamAV/html/manual/Usage/SignatureManagement.html
#usr/share/doc/ClamAV/html/manual/cisco-talos.gpg
-#usr/share/doc/ClamAV/html/mark.min.js
-#usr/share/doc/ClamAV/html/mode-rust.js
+#usr/share/doc/ClamAV/html/mark-09e88c2c.min.js
+#usr/share/doc/ClamAV/html/mode-rust-2c9d5c9a.js
#usr/share/doc/ClamAV/html/print.html
-#usr/share/doc/ClamAV/html/searcher.js
-#usr/share/doc/ClamAV/html/searchindex.js
+#usr/share/doc/ClamAV/html/searcher-c2a407aa.js
+#usr/share/doc/ClamAV/html/searchindex-1b5ba28b.js
#usr/share/doc/ClamAV/html/sitemap.xml
-#usr/share/doc/ClamAV/html/theme-dawn.js
-#usr/share/doc/ClamAV/html/theme-tomorrow_night.js
+#usr/share/doc/ClamAV/html/theme-dawn-4493f9c8.js
+#usr/share/doc/ClamAV/html/theme-tomorrow_night-9dbe62a9.js
+#usr/share/doc/ClamAV/html/toc-cbaddea7.js
#usr/share/doc/ClamAV/html/toc.html
-#usr/share/doc/ClamAV/html/toc.js
-#usr/share/doc/ClamAV/html/tomorrow-night.css
+#usr/share/doc/ClamAV/html/tomorrow-night-4c0ae647.css
#var/ipfire/clamav
var/ipfire/clamav/clamd.conf
var/ipfire/clamav/clamd.conf.sample
var/ipfire/clamav/freshclam.conf
var/ipfire/clamav/freshclam.conf.sample
var/lib/clamav
-usr/local/bin/clamavctrl
+-usr/local/bin/clamavctrl
@@ -26,7 +26,7 @@ include Config
SUMMARY = Antivirus Toolkit
-VER = 1.5.1
+VER = 1.5.2
THISAPP = clamav-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = clamav
-PAK_VER = 82
+PAK_VER = 83
DEPS =
@@ -50,7 +50,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = d6fd0885ea2864b0fecf040d6b0a088b8d9ad05a555697eab6c999b4a8b3d14bc2ee0968ef4dcb3f3b56d8361faecb98afa5ff4ffbb843cf1bf221a4e27a4496
+$(DL_FILE)_BLAKE2 = e63131ac19160a68c6acd9413263fd5793a6acf67adfe30873f6c56bca3a29286bf4f872e439b9c4b75ab772d20e9b05a0e0b3ac19399ac81033c52d7c2b6d42
install : $(TARGET)