Revisions of clamav
Reinhard Max (rmax)
accepted
request 1120366
from
Arjen de Korte (adkorte)
(revision 246)
- Update to 0.103.11 * Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.12. * Windows: libjson-c 0.17 compatibility fix. with ssize_t type definition. * Windows: Update build system to use OpenSSL 3 and PThreads-Win32 v3. - Update to 0.103.10 * Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.10.
buildservice-autocommit
accepted
request 1105919
from
Factory Maintainer (factory-maintainer)
(revision 245)
Factory Maintainer (factory-maintainer)
(revision 245)
baserev update by copy to link target
Reinhard Max (rmax)
committed
(revision 244)
Reinhard Max (rmax)
committed
(revision 243)
Reinhard Max (rmax)
accepted
request 1104230
from
Arjen de Korte (adkorte)
(revision 241)
- Update to 0.103.9
* CVE-2023-20197: Fixed a possible denial of service vulnerability in
the HFS+ file parser. This issue affects versions 1.1.0, 1.0.1 through
1.0.0, 0.105.2 through 0.105.0, 0.104.4 through 0.104.0, and 0.103.8
through 0.103.0. (boo#1214342)
* Fixed compiler warnings that may turn into errors in Clang 16.
buildservice-autocommit
accepted
request 1066149
from
Reinhard Max (rmax)
(revision 240)
Reinhard Max (rmax)
(revision 240)
baserev update by copy to link target
Reinhard Max (rmax)
committed
(revision 239)
0.105.1 and earlier, and 0.103.7 and earlier. (bsc#1208363)
(bsc#1208365)
Reinhard Max (rmax)
accepted
request 1066029
from
Arjen de Korte (adkorte)
(revision 238)
- Update to 0.103.8
* CVE-2023-20032: Fixed a possible remote code execution vulnerability
in the HFS+ file parser. Issue affects versions 1.0.0 and earlier,
0.105.1 and earlier, and 0.103.7 and earlier.
* CVE-2023-20052: Fixed a possible remote information leak
vulnerability in the DMG file parser. Issue affects versions 1.0.0
and earlier, 0.105.1 and earlier, and 0.103.7 and earlier.
* Update vendored libmspack library to version 0.11alpha.
- Package huge .html documentation in a separate subpackage.
buildservice-autocommit
accepted
request 993801
from
Reinhard Max (rmax)
(revision 237)
Reinhard Max (rmax)
(revision 237)
baserev update by copy to link target
Reinhard Max (rmax)
accepted
request 993249
from
Eric Schirra (ecsos)
(revision 236)
- Update to 0.103.7 - Zip parser: tolerate 2-byte overlap in file entries - Fix bug with logical signature Intermediates feature - Update to UnRAR v6.1.7 - Patch UnRAR: allow skipping files in solid archives - Patch UnRAR: limit dict winsize to 1GB
buildservice-autocommit
accepted
request 975373
from
Robert Frohl (rfrohl)
(revision 235)
Robert Frohl (rfrohl)
(revision 235)
baserev update by copy to link target
Robert Frohl (rfrohl)
accepted
request 975241
from
Arjen de Korte (adkorte)
(revision 232)
- Update to 0.103.6
* CVE-2022-20770: Fixed a possible infinite loop vulnerability in the CHM
file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS
version 0.103.5 and prior versions.
* CVE-2022-20796: Fixed a possible NULL-pointer dereference crash in the
scan verdict cache check. Issue affects versions 0.103.4, 0.103.5,
0.104.1, and 0.104.2.
* CVE-2022-20771: Fixed a possible infinite loop vulnerability in the
TIFF file parser. Issue affects versions 0.104.0 through 0.104.2 and
LTS version 0.103.5 and prior versions. The issue only occurs if the
"--alert-broken-media" ClamScan option is enabled. For ClamD, the
affected option is "AlertBrokenMedia yes", and for libclamav it is the
"CL_SCAN_HEURISTIC_BROKEN_MEDIA" scan option.
* CVE-2022-20785: Fixed a possible memory leak in the HTML file parser /
Javascript normalizer. Issue affects versions 0.104.0 through 0.104.2
and LTS version 0.103.5 and prior versions.
* CVE-2022-20792: Fixed a possible multi-byte heap buffer overflow write
vulnerability in the signature database load module. The fix was to
update the vendored regex library to the latest version. Issue affects
versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior
versions.
* ClamOnAcc: Fixed a number of assorted stability issues and added
niceties for debugging ClamOnAcc.
* Fixed an issue causing byte-compare subsignatures to cause an alert
when they match even if other conditions of the given logical
signatures were not met.
* Fix memleak when using multiple byte-compare subsignatures. This fix
was backported from 0.104.0.
* Assorted bug fixes and improvements.
- Remove upstreamed clamav-ck_assert_msg.patch
buildservice-autocommit
accepted
request 970848
from
Factory Maintainer (factory-maintainer)
(revision 231)
Factory Maintainer (factory-maintainer)
(revision 231)
baserev update by copy to link target
Reinhard Max (rmax)
accepted
request 945934
from
Arjen de Korte (adkorte)
(revision 229)
- Update to 0.103.5
* CVE-2022-20698: Fix for invalid pointer read that may cause a crash.
This issue affects 0.104.1, 0.103.4 and prior when ClamAV is compiled
with libjson-c and the CL_SCAN_GENERAL_COLLECT_METADATA scan option
(the clamscan --gen-json option) is enabled.
* Fixed ability to disable the file size limit with libclamav C API,
like this:
cl_engine_set_num(engine, CL_ENGINE_MAX_FILESIZE, 0);
This issue didn't affect ClamD or ClamScan which also can disable the
limit by setting it to zero using MaxFileSize 0 in clamd.conf for ClamD,
or clamscan --max-filesize=0 for ClamScan.
Note: Internally, the max file size is still set to 2 GiB. Disabling the
limit for a scan will fall back on the internal 2 GiB limitation.
* Increased the maximum line length for ClamAV config files from 512 bytes
to 1,024 bytes to allow for longer config option strings.
* SigTool: Fix insufficient buffer size for --list-sigs that caused a
failure when listing a database containing one or more very long
signatures. This fix was backported from 0.104.
Reinhard Max (rmax)
committed
(revision 228)
Reinhard Max (rmax)
committed
(revision 227)
Displaying revisions 21 - 40 of 266
