From mboxrd@z Thu Jan 1 00:00:00 1970
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] clamav: Update to version 1.4.2
Date: Wed, 22 Jan 2025 22:07:00 +0100
Message-ID: <20250122210700.3286179-1-adolf.belka@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1178902590529193161=="
List-Id: <development.lists.ipfire.org>
--===============1178902590529193161==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
- Update from version 1.4.1 to 1.4.2
- Update of rootfile
- Changelog
1.4.2
- [CVE-2025-20128](https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2025=
-20128):
Fixed a possible buffer overflow read bug in the OLE2 file parser that co=
uld
cause a denial-of-service (DoS) condition.
This issue was introduced in version 1.0.0 and affects all currently
supported versions. It will be fixed in:
- 1.4.2
- 1.0.8
Thank you to OSS-Fuzz for identifying this issue.
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/packages/clamav | 2 ++
lfs/clamav | 9 ++++-----
2 files changed, 6 insertions(+), 5 deletions(-)
diff --git a/config/rootfiles/packages/clamav b/config/rootfiles/packages/cla=
mav
index 0bf660202..d5495e4b7 100644
--- a/config/rootfiles/packages/clamav
+++ b/config/rootfiles/packages/clamav
@@ -172,6 +172,8 @@ usr/sbin/clamd
#usr/share/doc/ClamAV/html/sitemap.xml
#usr/share/doc/ClamAV/html/theme-dawn.js
#usr/share/doc/ClamAV/html/theme-tomorrow_night.js
+#usr/share/doc/ClamAV/html/toc.html
+#usr/share/doc/ClamAV/html/toc.js
#usr/share/doc/ClamAV/html/tomorrow-night.css
#var/ipfire/clamav
var/ipfire/clamav/clamd.conf
diff --git a/lfs/clamav b/lfs/clamav
index 72a3be790..ba87dac3a 100644
--- a/lfs/clamav
+++ b/lfs/clamav
@@ -1,7 +1,7 @@
############################################################################=
###
# =
#
# IPFire.org - A linux based firewall =
#
-# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> =
#
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> =
#
# =
#
# This program is free software: you can redistribute it and/or modify =
#
# it under the terms of the GNU General Public License as published by =
#
@@ -26,7 +26,7 @@ include Config
=20
SUMMARY =3D Antivirus Toolkit
=20
-VER =3D 1.4.1
+VER =3D 1.4.2
=20
THISAPP =3D clamav-$(VER)
DL_FILE =3D $(THISAPP).tar.gz
@@ -34,7 +34,7 @@ DL_FROM =3D $(URL_IPFIRE)
DIR_APP =3D $(DIR_SRC)/$(THISAPP)
TARGET =3D $(DIR_INFO)/$(THISAPP)
PROG =3D clamav
-PAK_VER =3D 74
+PAK_VER =3D 75
=20
DEPS =3D
=20
@@ -50,7 +50,7 @@ objects =3D $(DL_FILE)
=20
$(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
=20
-$(DL_FILE)_BLAKE2 =3D 2cc31d5d4f33ddfffd01a46d88b09965ea8634fa711e5772a303d0=
0c31efab2986727d6d26ca221f6518b80eb5ea3637c26dc0a2c32a493dd0a1cd43d2fd5d10
+$(DL_FILE)_BLAKE2 =3D 869f3375ff3da33c0a63607499d06b3312788cf8fdaa0f026553c0=
b12a23888b7f27a6eda9ffb0888c268faad6b552941cef0c3178ea86197eb92d4ce4f011e5
=20
=20
install : $(TARGET)
@@ -101,7 +101,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
-DAPP_CONFIG_DIRECTORY=3D/var/ipfire/clamav \
-DCURSES_LIBRARY=3D/usr/lib/libncurses.so \
-DDATABASE_DIRECTORY=3D$(DATABASE_DIR)
-
cd $(DIR_APP)/build && ninja $(MAKETUNING) && ninja install
=20
mkdir -pv $(DATABASE_DIR)
--=20
2.48.1
--===============1178902590529193161==--