From mboxrd@z Thu Jan  1 00:00:00 1970
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] clamav: Update to version 1.4.2
Date: Wed, 22 Jan 2025 22:07:00 +0100
Message-ID: <20250122210700.3286179-1-adolf.belka@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1178902590529193161=="
List-Id: <development.lists.ipfire.org>

--===============1178902590529193161==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

- Update from version 1.4.1 to 1.4.2
- Update of rootfile
- Changelog
    1.4.2
	- [CVE-2025-20128](https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2025=
-20128):
	   Fixed a possible buffer overflow read bug in the OLE2 file parser that co=
uld
	   cause a denial-of-service (DoS) condition.
	  This issue was introduced in version 1.0.0 and affects all currently
	   supported versions. It will be fixed in:
		  - 1.4.2
		  - 1.0.8
	  Thank you to OSS-Fuzz for identifying this issue.

Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
 config/rootfiles/packages/clamav | 2 ++
 lfs/clamav                       | 9 ++++-----
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/config/rootfiles/packages/clamav b/config/rootfiles/packages/cla=
mav
index 0bf660202..d5495e4b7 100644
--- a/config/rootfiles/packages/clamav
+++ b/config/rootfiles/packages/clamav
@@ -172,6 +172,8 @@ usr/sbin/clamd
 #usr/share/doc/ClamAV/html/sitemap.xml
 #usr/share/doc/ClamAV/html/theme-dawn.js
 #usr/share/doc/ClamAV/html/theme-tomorrow_night.js
+#usr/share/doc/ClamAV/html/toc.html
+#usr/share/doc/ClamAV/html/toc.js
 #usr/share/doc/ClamAV/html/tomorrow-night.css
 #var/ipfire/clamav
 var/ipfire/clamav/clamd.conf
diff --git a/lfs/clamav b/lfs/clamav
index 72a3be790..ba87dac3a 100644
--- a/lfs/clamav
+++ b/lfs/clamav
@@ -1,7 +1,7 @@
 ############################################################################=
###
 #                                                                           =
  #
 # IPFire.org - A linux based firewall                                       =
  #
-# Copyright (C) 2007-2024  IPFire Team  <info(a)ipfire.org>                 =
    #
+# Copyright (C) 2007-2025  IPFire Team  <info(a)ipfire.org>                 =
    #
 #                                                                           =
  #
 # This program is free software: you can redistribute it and/or modify      =
  #
 # it under the terms of the GNU General Public License as published by      =
  #
@@ -26,7 +26,7 @@ include Config
=20
 SUMMARY    =3D Antivirus Toolkit
=20
-VER        =3D 1.4.1
+VER        =3D 1.4.2
=20
 THISAPP    =3D clamav-$(VER)
 DL_FILE    =3D $(THISAPP).tar.gz
@@ -34,7 +34,7 @@ DL_FROM    =3D $(URL_IPFIRE)
 DIR_APP    =3D $(DIR_SRC)/$(THISAPP)
 TARGET     =3D $(DIR_INFO)/$(THISAPP)
 PROG       =3D clamav
-PAK_VER    =3D 74
+PAK_VER    =3D 75
=20
 DEPS       =3D
=20
@@ -50,7 +50,7 @@ objects =3D $(DL_FILE)
=20
 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
=20
-$(DL_FILE)_BLAKE2 =3D 2cc31d5d4f33ddfffd01a46d88b09965ea8634fa711e5772a303d0=
0c31efab2986727d6d26ca221f6518b80eb5ea3637c26dc0a2c32a493dd0a1cd43d2fd5d10
+$(DL_FILE)_BLAKE2 =3D 869f3375ff3da33c0a63607499d06b3312788cf8fdaa0f026553c0=
b12a23888b7f27a6eda9ffb0888c268faad6b552941cef0c3178ea86197eb92d4ce4f011e5
=20
=20
 install : $(TARGET)
@@ -101,7 +101,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 		-DAPP_CONFIG_DIRECTORY=3D/var/ipfire/clamav \
 		-DCURSES_LIBRARY=3D/usr/lib/libncurses.so \
 		-DDATABASE_DIRECTORY=3D$(DATABASE_DIR)
-
 	cd $(DIR_APP)/build && ninja $(MAKETUNING) && ninja install
=20
 	mkdir -pv $(DATABASE_DIR)
--=20
2.48.1


--===============1178902590529193161==--