Revisions of clamav
Reinhard Max (rmax)
committed
(revision 266)
Reinhard Max (rmax)
committed
(revision 265)
Reinhard Max (rmax)
committed
(revision 264)
- New version 1.4.1:
* [CVE-2024-20506, bsc#1230162]: Changed the logging module to
disable following symlinks on Linux and Unix systems so as to
prevent an attacker with existing access to the 'clamd' or
'freshclam' services from using a symlink to corrupt system
files.
* [CVE-2024-20505, bsc#1230161]: Fixed a possible out-of-bounds
read bug in the PDF file parser that could cause a
denial-of-service (DoS) condition.
* https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html
- New version 1.4.0:
* Added support for extracting ALZ archives.
* Added support for extracting LHA/LZH archives.
* Added the ability to disable image fuzzy hashing, if needed.
For context, image fuzzy hashing is a detection mechanism
useful for identifying malware by matching images included with
the malware or phishing email/document.
* https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html
Reinhard Max (rmax)
accepted
request 1198813
from
Arjen de Korte (adkorte)
(revision 263)
- New version 1.3.2:
* CVE-2024-20506: Changed the logging module to disable following
symlinks on Linux and Unix systems so as to prevent an attacker
with existing access to the 'clamd' or 'freshclam' services from
using a symlink to corrupt system files.
* CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF
file parser that could cause a denial-of-service condition.
* Removed unused Python modules from freshclam tests including
deprecated 'cgi' module that is expected to cause test failures in
Python 3.13.
* Fix unit test caused by expiring signing certificate.
* Fixed a build issue on Windows with newer versions of Rust. Also
upgraded GitHub Actions imports to fix CI failures.
* Fixed an unaligned pointer dereference issue on select architectures.
* Fixes to Jenkins CI pipeline.
- Remove upstreamed 1305.patch
buildservice-autocommit
accepted
request 1190182
from
Reinhard Max (rmax)
(revision 262)
Reinhard Max (rmax)
(revision 262)
baserev update by copy to link target
Reinhard Max (rmax)
accepted
request 1190176
from
Bernhard Wiedemann (bmwiedemann)
(revision 261)
Add upstream 1305.patch to fix tests (boo#1102840, https://github.com/Cisco-Talos/clamav/issues/1300) Note: it uses git apply for the binary patch of test.exe
buildservice-autocommit
accepted
request 1184343
from
Factory Maintainer (factory-maintainer)
(revision 260)
Factory Maintainer (factory-maintainer)
(revision 260)
baserev update by copy to link target
Reinhard Max (rmax)
committed
(revision 259)
Reinhard Max (rmax)
committed
(revision 258)
Reinhard Max (rmax)
committed
(revision 257)
Reinhard Max (rmax)
committed
(revision 256)
Reinhard Max (rmax)
committed
(revision 254)
- New Version: 1.3.1:
* CVE-2024-20380: Fixed a possible crash in the HTML file parser
that could cause a denial-of-service (DoS) condition.
* Updated select Rust dependencies to the latest versions.
* Fixed a bug causing some text to be truncated when converting
from UTF-16.
* Fixed assorted complaints identified by Coverity static
analysis.
* Fixed a bug causing CVDs downloaded by the DatabaseCustomURL
Freshclam config option to be pruned and then re-downloaded
with every update.
* Added the new 'valhalla' database name to the list of optional
databases in preparation for future work.
- Drop clamav-disable-yara.patch as yara cannot be disabled anymore
Reinhard Max (rmax)
committed
(revision 253)
Reinhard Max (rmax)
accepted
request 1161540
from
Reinhard Max (rmax)
(revision 252)
- New version: 1.3.0:
* Added support for extracting and scanning attachments found in
Microsoft OneNote section files. OneNote parsing will be
enabled by default, but may be optionally disabled.
* Added file type recognition for compiled Python (`.pyc`) files.
* Improved support for decrypting PDFs with empty passwords.
* Fixed a warning when scanning some HTML files.
* ClamOnAcc: Fixed an infinite loop when a watched directory
does not exist.
* ClamOnAcc: Fixed an infinite loop when a file has been deleted
before a scan.
- Use %patch -P N instead of deprecated %patchN.
- New version: 1.2.0:
* Added support for extracting Universal Disk Format (UDF)
partitions.
* Added an option to customize the size of ClamAV's clean file
cache.
* Raised the MaxScanSize limit so the total amount of data
scanned when scanning a file or archive may exceed 4 gigabytes.
* Added ability for Freshclam to use a client certificate PEM
file and a private key PEM file for authentication to a private
mirror.
* Fix an issue extracting files from ISO9660 partitions where the
files are listed in the plain ISO tree and there also exists an
empty Joliet tree.
* PID and socket are now located under /run/clamav/clamd.pid and
/run/clamav/clamd.sock .
* bsc#1211594: Fixed an issue where ClamAV does not abort the
signature load process after partially loading an invalid
signature.
buildservice-autocommit
accepted
request 1151661
from
Reinhard Max (rmax)
(revision 251)
Reinhard Max (rmax)
(revision 251)
baserev update by copy to link target
Reinhard Max (rmax)
accepted
request 1151087
from
Dominique Leuenberger (dimstar)
(revision 250)
Prepare for RPM 4.20
buildservice-autocommit
accepted
request 1122919
from
Factory Maintainer (factory-maintainer)
(revision 249)
Factory Maintainer (factory-maintainer)
(revision 249)
baserev update by copy to link target
buildservice-autocommit
accepted
request 1120590
from
Reinhard Max (rmax)
(revision 247)
Reinhard Max (rmax)
(revision 247)
baserev update by copy to link target
Displaying revisions 1 - 20 of 266
