From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] clamav: Update to 1.0.1
Date: Mon, 20 Feb 2023 16:30:47 +0000 [thread overview]
Message-ID: <3F04B7AD-99C7-489B-B9C8-6493DBE185B9@ipfire.org> (raw)
In-Reply-To: <20230217180048.1770-1-matthias.fischer@ipfire.org>
[-- Attachment #1: Type: text/plain, Size: 2064 bytes --]
Thank you. As this is rather critical, I merged this into c173.
> On 17 Feb 2023, at 18:00, Matthias Fischer <matthias.fischer(a)ipfire.org> wrote:
>
> For details see:
> https://blog.clamav.net/2023/02/clamav-01038-01052-and-101-patch.html
>
> "ClamAV 1.0.1 is a critical patch release with the following fixes:
>
> CVE-2023-20032: Fixed a possible remote code execution
> vulnerability in the HFS+ file parser. The issue affects versions
> 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier.
> Thank you to Simon Scannell for reporting this issue.
>
> CVE-2023-20052: Fixed a possible remote information leak
> vulnerability in the DMG file parser. The issue affects versions
> 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier.
> Thank you to Simon Scannell for reporting this issue.
>
> Fix an allmatch detection issue with the preclass bytecode hook."
>
> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> ---
> lfs/clamav | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/lfs/clamav b/lfs/clamav
> index 24c13f00b..426321c05 100644
> --- a/lfs/clamav
> +++ b/lfs/clamav
> @@ -26,7 +26,7 @@ include Config
>
> SUMMARY = Antivirus Toolkit
>
> -VER = 1.0.0
> +VER = 1.0.1
>
> THISAPP = clamav-$(VER)
> DL_FILE = $(THISAPP).tar.gz
> @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE)
> DIR_APP = $(DIR_SRC)/$(THISAPP)
> TARGET = $(DIR_INFO)/$(THISAPP)
> PROG = clamav
> -PAK_VER = 64
> +PAK_VER = 65
>
> DEPS =
>
> @@ -50,7 +50,7 @@ objects = $(DL_FILE)
>
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>
> -$(DL_FILE)_BLAKE2 = 62d00a9ceb1849d1517f34194daaa3bb8bbc904e81e3a20791cf0b5f557587cc497e23feb38cdfbb8b152446821eb20d9a4bce18a0c83d1c31474bfed9944c69
> +$(DL_FILE)_BLAKE2 = 8f216051eeb94a9196849c9edff2fe0c73e4aa3ca242cf72d91c1692eb2a4688f8e525f638b6870a2f934976435a4272a1f116c1cf3a7cfd194efa91f11fd135
>
> install : $(TARGET)
>
> --
> 2.34.1
>
prev parent reply other threads:[~2023-02-20 16:30 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-17 18:00 Matthias Fischer
2023-02-20 16:30 ` Michael Tremer [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3F04B7AD-99C7-489B-B9C8-6493DBE185B9@ipfire.org \
--to=michael.tremer@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox