From patchwork Sat Aug 19 15:45:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthias Fischer X-Patchwork-Id: 7106 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4RSjkW1Sn1z3wtH for ; Sat, 19 Aug 2023 15:45:39 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4RSjkS6yr4zhS; Sat, 19 Aug 2023 15:45:36 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4RSjkS5yBTz2yTq; Sat, 19 Aug 2023 15:45:36 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4RSjkR3TS9z2xbV for ; Sat, 19 Aug 2023 15:45:35 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4RSjkQ01FyzbH for ; Sat, 19 Aug 2023 15:45:33 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1692459934; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=CaCGqUATQ+bczR/p9Kem7XY+Dy2NxZCt5y6vwU1Snbw=; b=Vl1NCl5ent7XXPTrYSTGP3Zl1EqHprgM1s7y4qKWb7b6vLAj1ZRLVBb9wEdOf3cLr+M4zE fZnzUpkNXAKxnxBw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1692459934; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=CaCGqUATQ+bczR/p9Kem7XY+Dy2NxZCt5y6vwU1Snbw=; b=mVFI9TCgTOIzSx+ozhrqFox5+nJ0bY+2xVtfzKbxtmuHYIDlZ9L2zRCN2BR0XthmpUwwNq YNlwwa7uoIId/SVz35hAxDFoyw1rIwZuDDuJ0mFopNOrhvF5wxCM+GdBP6vqHH+9E9Zy5K 5XRD6yGW8GjYwoPqfvA1rFJZB59UEZT/Slp7gbFeeLKPj5af+tj+CXbXBuqa6ZJL1cb27b JgQ9aBZ5SqRywCXfEl1Mzmokvy+6tdLWC/YelwZU8eYhjAZljVnCuLBDWdN3TXSTEog81H ZhXHDts8fwX/r7dEgbJZoDG4vtgsBShtRtRGiBv25uZRHLb9UehD1Fl/82wAuw== From: Matthias Fischer To: development@lists.ipfire.org Subject: [PATCH] clamav: Update to 1.1.1 Date: Sat, 19 Aug 2023 17:45:28 +0200 Message-Id: <20230819154528.3930634-1-matthias.fischer@ipfire.org> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" For details see: https://blog.clamav.net/2023/07/2023-08-16-releases.html Excerpts from changelog: "ClamAV 1.1.1 is a critical patch release with the following fixes: CVE-2023-20197 Fixed a possible denial of service vulnerability in the HFS+ file parser. This issue affects versions 1.1.0, 1.0.1 through 1.0.0, 0.105.2 through 0.105.0, 0.104.4 through 0.104.0, and 0.103.8 through 0.103.0. Fixed a build issue when using the Rust nightly toolchain, which was affecting the oss-fuzz build environment used for regression tests. Fixed a build issue on Windows when using Rust version 1.70 or newer. CMake build system improvement to support compiling with OpenSSL 3.x on macOS with the Xcode toolchain. The official ClamAV installers and packages are now built with OpenSSL 3.1.1 or newer. Removed a warning message showing the HTTP response codes during the Freshclam database update process." Signed-off-by: Matthias Fischer --- lfs/clamav | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lfs/clamav b/lfs/clamav index c48c48834..88619afcb 100644 --- a/lfs/clamav +++ b/lfs/clamav @@ -26,7 +26,7 @@ include Config SUMMARY = Antivirus Toolkit -VER = 1.1.0 +VER = 1.1.1 THISAPP = clamav-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = clamav -PAK_VER = 67 +PAK_VER = 68 DEPS = @@ -50,7 +50,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 6a30558b8e6d2f8d98eb0b990e58ec9a19d7f58b11863ec5dffe97f45c73c1ea8bb0360456193c76d178068ee5eb7f01fc44851eb7bf90d42ca9dd9431413a4f +$(DL_FILE)_BLAKE2 = 880318a2be3dcc8bc425cd6d7bbc4fb2b6dd28e9f491dcac382e8a9ff7c0229d846512127c6e10a1e1aa7daa5ac53a5284462e341f29725269f8862e73310caa install : $(TARGET)