From patchwork Fri Feb 17 18:00:48 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Matthias Fischer <matthias.fischer@ipfire.org>
X-Patchwork-Id: 6557
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384)
	 client-signature ECDSA (P-384))
	(Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4PJKP55Vjkz3x1h
	for <patchwork@web04.haj.ipfire.org>; Fri, 17 Feb 2023 18:00:57 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384)
	 client-signature ECDSA (P-384))
	(Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4PJKP44VQDzpN;
	Fri, 17 Feb 2023 18:00:56 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4PJKP43BRQz2yW1;
	Fri, 17 Feb 2023 18:00:56 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-384)
 client-signature ECDSA (P-384))
 (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
 by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4PJKP31Q7sz2xSs
 for <development@lists.ipfire.org>; Fri, 17 Feb 2023 18:00:55 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384)
 (No client certificate requested)
 by mail01.ipfire.org (Postfix) with ESMTPSA id 4PJKP11lCBz65
 for <development@lists.ipfire.org>; Fri, 17 Feb 2023 18:00:53 +0000 (UTC)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003ed25519; t=1676656853;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding;
 bh=KrUNlTawHBW1xx695nBVf0ojNaoisaEmaO1lEV6u8Qc=;
 b=ZnUXG6PC24F7ErGnE7gdBGTrC98VO5Lm5xg5ew0SZtrAkHO+Ty+O+ZvQszzx8BXYBH1ApV
 E9Z0OYCwJPeyuODg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003rsa;
 t=1676656853;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding;
 bh=KrUNlTawHBW1xx695nBVf0ojNaoisaEmaO1lEV6u8Qc=;
 b=bIuzCm2IsowD7NXDutjpXlkiIloKQWFMAnFRgHUF7TWPWMFZ6CDCoxzJi5ViAAkHJ+x3bK
 VMxvJwZsn7093twpAxLgxCJmDfbdK60xBBbmEl3MjY5HTCrSSjxLbPUaE7E4KEYYu7mSW6
 t3dms/CxbsRvG6I50Y85I7F7i2mcBAdkkISX/fd6UIhgyDKdWXy3MPxY6RbrQYU1+vncgm
 UmkevLjsZ504yJ2WHvZKcFRlL1H+RojJCWtSTLi2A8DC02VkfWDrGM1hKva4o3kGM2XRZ5
 mp+vcaQ5b5rJgObK5DzvAgYVfc031bX9B4amxLTuO1kduYckoswm7CVolFwcUg==
From: Matthias Fischer <matthias.fischer@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] clamav: Update to 1.0.1
Date: Fri, 17 Feb 2023 19:00:48 +0100
Message-Id: <20230217180048.1770-1-matthias.fischer@ipfire.org>
MIME-Version: 1.0
X-BeenThere: development@lists.ipfire.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>,
 <mailto:development-request@lists.ipfire.org?subject=unsubscribe>
List-Archive: <http://lists.ipfire.org/pipermail/development/>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>,
 <mailto:development-request@lists.ipfire.org?subject=subscribe>
Errors-To: development-bounces@lists.ipfire.org
Sender: "Development" <development-bounces@lists.ipfire.org>

For details see:
https://blog.clamav.net/2023/02/clamav-01038-01052-and-101-patch.html

"ClamAV 1.0.1 is a critical patch release with the following fixes:

    CVE-2023-20032: Fixed a possible remote code execution
    vulnerability in the HFS+ file parser. The issue affects versions
    1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier.
    Thank you to Simon Scannell for reporting this issue.

    CVE-2023-20052: Fixed a possible remote information leak
    vulnerability in the DMG file parser. The issue affects versions
    1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier.
    Thank you to Simon Scannell for reporting this issue.

    Fix an allmatch detection issue with the preclass bytecode hook."

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
---
 lfs/clamav | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lfs/clamav b/lfs/clamav
index 24c13f00b..426321c05 100644
--- a/lfs/clamav
+++ b/lfs/clamav
@@ -26,7 +26,7 @@ include Config
 
 SUMMARY    = Antivirus Toolkit
 
-VER        = 1.0.0
+VER        = 1.0.1
 
 THISAPP    = clamav-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = clamav
-PAK_VER    = 64
+PAK_VER    = 65
 
 DEPS       =
 
@@ -50,7 +50,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 62d00a9ceb1849d1517f34194daaa3bb8bbc904e81e3a20791cf0b5f557587cc497e23feb38cdfbb8b152446821eb20d9a4bce18a0c83d1c31474bfed9944c69
+$(DL_FILE)_BLAKE2 = 8f216051eeb94a9196849c9edff2fe0c73e4aa3ca242cf72d91c1692eb2a4688f8e525f638b6870a2f934976435a4272a1f116c1cf3a7cfd194efa91f11fd135
 
 install : $(TARGET)