From: Matthias Fischer <matthias.fischer@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] clamav: Update to 0.102.1
Date: Thu, 21 Nov 2019 17:57:48 +0100 [thread overview]
Message-ID: <20191121165748.1363-1-matthias.fischer@ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 1978 bytes --]
For details see:
https://blog.clamav.net/2019/11/clamav-01021-and-01015-patches-have.html
"Fix for the following vulnerability affecting 0.102.0 and 0.101.4 and prior:
CVE-2019-15961:
A Denial-of-Service (DoS) vulnerability may occur when scanning
a specially crafted email file as a result of excessively long scan
times. The issue is resolved by implementing several maximums in parsing
MIME messages and by optimizing use of memory allocation.
Build system fixes to build clamav-milter, to correctly link with
libxml2 when detected, and to correctly detect fanotify for on-access
scanning feature support.
Signature load time is significantly reduced by changing to a more
efficient algorithm for loading signature patterns and allocating the AC
trie. Patch courtesy of Alberto Wu.
Introduced a new configure option to statically link libjson-c with
libclamav. Static linking with libjson is highly recommended to prevent
crashes in applications that use libclamav alongside another JSON
parsing library.
Null-dereference fix in email parser when using the --gen-json metadata
option.
Fixes for Authenticode parsing and certificate signature (.crb database)
bugs."
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
lfs/clamav | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lfs/clamav b/lfs/clamav
index 949117bf0..9c0aab55f 100644
--- a/lfs/clamav
+++ b/lfs/clamav
@@ -24,7 +24,7 @@
include Config
-VER = 0.102.0
+VER = 0.102.1
THISAPP = clamav-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = clamav
-PAK_VER = 47
+PAK_VER = 48
DEPS = ""
@@ -50,7 +50,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 51e1dff512350284b4b11c3dc2d00da0
+$(DL_FILE)_MD5 = 3d5f5f10a1bea212823050286c8c5b96
install : $(TARGET)
--
2.18.0
next reply other threads:[~2019-11-21 16:57 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-21 16:57 Matthias Fischer [this message]
2019-11-22 10:06 ` Michael Tremer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191121165748.1363-1-matthias.fischer@ipfire.org \
--to=matthias.fischer@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox