-
clamav (0.103.2+dfsg-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Updated to version 0.103.2 to fix security issues.
- Sync most of packaging with 0.103.2+dfsg-1.
- CVE-2021-1252, CVE-2021-1404, CVE-2021-1405
-- Marc Deslauriers <email address hidden> Thu, 15 Apr 2021 12:48:39 -0400
-
clamav (0.102.4+dfsg-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Updated to 0.102.2 to fix security issues
- debian/libclamav9.symbols: updated for new version.
- debian/rules: bumped CL_FLEVEL to 115.
- CVE-2020-3327
- CVE-2020-3350
- CVE-2020-3481
-- Marc Deslauriers <email address hidden> Thu, 23 Jul 2020 09:08:18 -0400
-
clamav (0.102.3+dfsg-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Updated to 0.102.2 to fix security issues
- debian/libclamav9.symbols: updated for new version.
- debian/rules: bumped CL_FLEVEL to 114.
- CVE-2020-3327
- CVE-2020-3341
-- Marc Deslauriers <email address hidden> Tue, 19 May 2020 14:24:37 -0400
-
clamav (0.102.2+dfsg-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Updated to 0.102.2 to fix security issue (CVE-2020-3123)
- debian/patches/*: synced patches with 0.102.2+dfsg-1.
- debian/libclamav9.symbols: updated for new version.
- debian/rules: bumped CL_FLEVEL to 113.
-- Marc Deslauriers <email address hidden> Tue, 11 Feb 2020 08:45:45 -0500
-
clamav (0.102.1+dfsg-0ubuntu0.16.04.3) xenial; urgency=medium
* d/clamav-daemon.config.in: Correct error from ScanOnAccess option
removal so that setting LogFile options via DebConf works again
(Closes: #950296) (LP: #1860217)
-- Eric Desrochers <email address hidden> Thu, 06 Feb 2020 21:24:44 +0000
-
clamav (0.102.1+dfsg-0ubuntu0.16.04.2) xenial-security; urgency=medium
* Updated to 0.102.1 to fix security issue (CVE-2019-15961)
- debian/patches/*: synced patches with 0.102.1+dfsg-1ubuntu1.
- debian/clamav-daemon.*.in,clamav-freshclam.*.in,
clamav-daemon.templates: added new configuration options, dropped
ClamOnAccess.
- debian/clamav-deamon.install: install new clamonacc binary.
- debian/clamav-docs.*: removed missing docs.
- debian/libclamav9.install: added libfreshclam.so.2.
- debian/libclamav9.symbols: updated for new version.
- debian/rules: bumped CL_FLEVEL to 112.
-- Marc Deslauriers <email address hidden> Tue, 07 Jan 2020 11:12:45 -0500
-
clamav (0.101.4+dfsg-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Updated to version 0.101.4 to fix security issues.
- debian/patches/*: sync patches with 0.101.4+dfsg-1ubuntu1.
- debian/clamav-daemon.postinst.in: removed DetectBrokenExecutables,
added MaxScanTime, HeuristicAlerts, Alert*.
- debian/*: updated for new library version.
- debian/libclamav9.symbols: updated for new version.
- debian/clamav-docs*, debian/rules: fix doc file locations.
- debian/libclam-dev.install: include new header file.
- debian/rules, debian/control: build with --with autoreconf.
- CVE-2019-12625
- CVE-2019-12900
-- Marc Deslauriers <email address hidden> Tue, 24 Sep 2019 05:31:17 -0400
-
clamav (0.100.3+dfsg-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Updated to version 0.100.3 to fix security issues. (LP: #1822503)
- debian/libclamav7.symbols: updated to new version.
- CVE-2019-1787
- CVE-2019-1788
- CVE-2019-1789
-- Marc Deslauriers <email address hidden> Thu, 04 Apr 2019 09:45:34 -0400
-
clamav (0.100.2+dfsg-1ubuntu0.16.04.1) xenial-security; urgency=medium
* Updated to version 0.100.2 to fix security issue.
- CVE-2018-15378
* Bump to new symbol version
- debian/rules: set CL_FLEVEL 93.
- debian/libclamav7.symbols: updated to new version.
-- Marc Deslauriers <email address hidden> Wed, 10 Oct 2018 13:31:49 -0400
-
clamav (0.100.1+dfsg-1ubuntu0.16.04.3) xenial-security; urgency=medium
* debian/clamav-daemon.config.in: fix infinite loop during
dpkg-reconfigure (LP: #1792051)
-- Marc Deslauriers <email address hidden> Thu, 13 Sep 2018 13:59:54 -0400
-
clamav (0.100.1+dfsg-1ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY REGRESSION: clamav-daemon fails to start due to options
removed in new version and manually edited configuration file.
(LP: #1783632)
- debian/patches/Deprecate-unused-options-instead-of-removing-it.patch:
add patch from Debian stretch to simply warn about removed options.
-- Marc Deslauriers <email address hidden> Thu, 26 Jul 2018 10:27:58 -0400
-
clamav (0.100.1+dfsg-1ubuntu0.16.04.1) xenial-security; urgency=medium
* Rebuild as security update for 16.04 to fix multiple issues
- CVE-2018-0360
- CVE-2018-0361
* Re-enable LLVM support:
- debian/control: add llvm-3.6-dev to BuildDepends.
- debian/rules: add llvm back.
* debian/clamav-daemon.postinst.in: updated version to drop support for
clamav-daemon.socket.
* debian/control: switch libtfm-dev to libtommath-dev
* Revert to Debhelper in 16.04:
- debian/compat: set to 8
- debian/control: set debhelper to 8.9.7, add dh-systemd
- debian/rules: add --with systemd
* debian/{libclamav7,libclamav-dev}.install: fix file locations
* debian/control: remove Multi-Arch and Rules-Requires-Root tags.
* Added clamav-dbg package:
- debian/control: added package section
- debian/rules: use --dbg-package, not --dbgsym-migration
-- Marc Deslauriers <email address hidden> Thu, 19 Jul 2018 08:07:50 -0400
-
clamav (0.99.4+addedllvm-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Updated to 0.99.4 to fix multiple security issues
- CVE-2018-0202
- CVE-2018-1000085
* Removed patches no longer required
- bb11549-fix-temp-file-cleanup-issue.patch
* debian/libclamav7.symbols,debian/rules: bumped cl_retflevel.
-- Marc Deslauriers <email address hidden> Wed, 07 Mar 2018 13:40:11 +0100
-
clamav (0.99.3+addedllvm-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Updated to 0.99.3 to fix multiple security issues
- CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377,
CVE-2017-12378, CVE-2017-12379, CVE-2017-12380
* Removed patches no longer required
- debian/patches/CVE-2017-6418.patch
- debian/patches/CVE-2017-6420.patch
- debian/patches/CVE-2017-6420-2.patch
* debian/libclamav7.symbols,debian/rules: bumped cl_retflevel, add check.
* debian/patches/bb11549-fix-temp-file-cleanup-issue.patch: fix temp file
cleanup issue.
-- Marc Deslauriers <email address hidden> Mon, 29 Jan 2018 10:21:19 -0500
-
clamav (0.99.2+dfsg-0ubuntu0.16.04.3) xenial; urgency=medium
* d/control: bump break/replaces dependencies to respect major trusty
version upgrades (LP: #1532608)
-- Christian Ehrhardt <email address hidden> Mon, 15 Jan 2018 13:24:57 +0100
-
clamav (0.99.2+dfsg-0ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via crafted e-mail message
- debian/patches/CVE-2017-6418.patch: fix invalid read in
libclamav/message.c.
- CVE-2017-6418
* SECURITY UPDATE: DoS via WWPack compression
- debian/patches/CVE-2017-6420.patch: add bounds checks to
libclamav/wwunpack.c.
- debian/patches/CVE-2017-6420-2.patch: fix unit tests in
libclamav/wwunpack.c, unit_tests/check_jsnorm.c.
- CVE-2017-6420
-- Marc Deslauriers <email address hidden> Tue, 08 Aug 2017 12:57:22 -0400
-
clamav (0.99.2+dfsg-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Updated to 0.99.2 to fix multiple security issues
- CVE-2016-1371
- CVE-2016-1372
- CVE-2016-1405
* Removed patches included in new version
- debian/patches/Add-upstream-systemd-support.patch
- debian/patches/add-LLVM-3.6-support.patch
- debian/patches/llvm-don-t-use-system-libs.patch
* Refreshed patches
- debian/patches/add-support-for-system-tomsfastmath.patch
- debian/patches/tfm-drop-__DATE__.patch
- debian/patches/Allow-M-suffix-for-PCREMaxFileSize.patch
- debian/patches/clamav_add_private_fts_implementation.patch
- debian/patches/fix-ssize_t-size_t-off_t-printf-modifier.patch
- debian/patches/libclamav-use-libmspack.patch
* debian/clamav-daemon.postinst.in: updated to handle new options
- ScanXMLDOCS
- ScanHWP3
- MaxRecHWP3
-- Marc Deslauriers <email address hidden> Mon, 19 Sep 2016 10:21:19 -0400
-
clamav (0.99+dfsg-1ubuntu1.2) xenial; urgency=medium
* Ensure freshclam service is run after package install (LP: #1590688)
-- Christian Ehrhardt <email address hidden> Thu, 07 Jul 2016 09:22:31 +0200
-
clamav (0.99+dfsg-1ubuntu1.1) xenial; urgency=medium
* Fix upgrade paths with proper Breaks/Replaces (LP: #1581839)
- several files were move since the version in trusty, e.g:
/usr/share/man/man1/clamdscan.1.gz moved clamav-daemon to clamdscan
/usr/share/man/man5/clamd.conf.5.gz moved clamav-base to clamav-daemon
-- Christian Ehrhardt <email address hidden> Fri, 10 Jun 2016 12:40:52 +0200
-
clamav (0.99+dfsg-1ubuntu1) xenial; urgency=medium
Merge from Debian. Remaining changes (LP: #1540491) :
* Explicitly build using llvm-3.6.
* Ignore test results on armhf.
* debian/rules: Restore --with-llvm-linking=dynamic to avoid underlinkage
causing FTBS
* d/p/llvm-don-t-use-system-libs.patch:
Do not use system libraries for linking : We are not linking the .a
files so we don't care about the libs llvm links against (like -ledit)
Dropping this patch will cause FTBS on Ubuntu with unresolvable -ledit
Dropped changes :
* debian/control : libsystemd-dev no longer renamed since it has been
changed upstream.
* d/p/0005-libclamav-use-libmspack.patch : Now part of upstream release.
* d/p/0007-fix-ssize_t-size_t-off_t-printf-modifier.patch : Now part of
upstream release to the exception of the sigtool/sigtool.c cast
identified previously.
d/p/0008-hardcode-LLVM-linker-flag-because-llvm-config-return.patch :
Now part of upstream release.
d/p/0012-remove-AC_CONFIG_SRCDIR-llvm-configure-from-libclama.patch
* d/clamav-daemon.postinst.in: Fix typo which causes a crash while
installing this package over any previous version (upgrading). Fixed
upstream.
* Explicitly build using llvm-3.5. Now build using llvm-3.6.
clamav (0.99+dfsg-1) unstable; urgency=medium
* Import final release of 0.99
* suggest libclamunrar7 instead of libclamunrar6
clamav (0.99~rc2+dfsg-2) experimental; urgency=medium
* Drop LLVM usage on powerpc (it is broken since the v3.6 switch).
clamav (0.99~rc2+dfsg-1) experimental; urgency=medium
[ Andreas Cadhalpun ]
* Import first upstream release candidate for 0.99.
* Drop patches included upstream:
- Avoid-emitting-incremental-progress-messages.patch
- bb-10731-Allow-to-specificy-a-group-for-the-socket.patch
- clamav-milter-add-additinal-SMFIF_-flags.patch
- remove-unnecessary-harmful-flags-from-libclamav.pc.patch
- hardcode-LLVM-linker-flag.patch
* Disable Large File Support because it is incompatible with fts.h, which
is required by the new upstream release.
* Drop patches needing LFS:
- libclamav-use-libmspack.patch
- fix-ssize_t-size_t-off_t-printf-modifier.patch
* Disable valgrind in the test suite again. It is too flaky.
* Print all new options in one build attempt.
* Preserve new OnAccessMountPath, OnAccessDisableDDD and OnAccessPrevention
options in clamd.conf.
* Rename libclamav6 to libclamav7 and update symbols file.
* Add -Wl,--as-needed to LDFLAGS to avoid useless dependencies.
* Remove unused lintian overrides.
* Update debian/copyright.
[ Sebastian Andrzej Siewior ]
* add a LFS safe fts() implementation from glibc
* bring back libmspack related patches (libclamav-use-libmspack.patch +
fix-ssize_t-size_t-off_t-printf-modifier.patch) and -D_FILE_OFFSET_BITS=64
* fix a crash in clamdscan if file is passed via fd
* Import second upstream release candidate for 0.99.
clamav (0.99~beta1+dfsg-1) experimental; urgency=medium
* use T=<timeout> so we can drop
unit_tests-increment-test-timeout-from-40secs-to-5mi from the patch queue.
* import new beta from upstream
* depend on libpcre3-dev, required for YARA support
* add new PCRE related options postist script for clamd
* record new symbols in libclamav6.symbols
* enable valgrind in the test suite and see how well it works across all
architecures.
* Update debian/copyright.
clamav (0.98.7+dfsg-5) unstable; urgency=medium
[ Andreas Cadhalpun ]
* Drop patch numbers, because they cause too much diff noise.
* Fix use-pkg-config-to-determine-CHECK_LIBS.patch so that the tests
actually get run again.
[ Sebastian Andrzej Siewior ]
* Drop LLVM usage on powerpc (it is broken since the v3.6 switch).
clamav (0.98.7+dfsg-4) unstable; urgency=medium
* Add patch to support LLVM 3.6.
* debian/clamav-milter.postinst.in: Update to reflect the change from
examples/clamav-milter.conf to examples/clamav-milter.conf.sample.
Thanks to Christian Schrötter. (Closes: #795190)
* Use 'grep -a' instead of grep in maintainer scripts. (Closes: #799808)
* Restore the SE Linux context when creating /var/lib/ucf/cache.
Thanks to Russell Coker for the patch. (Closes: #802311)
* Adapt debian/watch to new download location www.clamav.net/download.html.
* Add patch to use pkg-config to determine CHECK_LIBS.
The linker flags for check changed making the hardcoded flags useless.
clamav (0.98.7+dfsg-3) unstable; urgency=medium
[ Sebastian Andrzej Siewior ]
* use T=<timeout> so we can drop
unit_tests-increment-test-timeout-from-40secs-to-5mi from the patch queue.
* add 0013-tfm-fix-compile-errors.patch and
0014-tfm-duct-tape-misscompile-on-armhf.patch to get it built on armhf
with gcc-5.
[ Andreas Cadhalpun ]
* Prevent the logrotate scripts from aborting if reloading/restarting fails.
Thanks to John Zaitseff. (Closes: #788652)
clamav (0.98.7+dfsg-2) unstable; urgency=medium
[ Andreas Cadhalpun ]
* Increase MaxRecursion to the upstream default of 16. (Closes: #787249)
* Bump the version for the PidFile removal check in the clamav-daemon and
clamav-freshclam postinst scripts (Closes: #767353)
* Add database existence check also to clamav-daemon.socket.
This works around systemd bug #775458. (Closes: #775112)
[ Sebastian Andrzej Siewior ]
* also remove debian/clamav-freshclam.prerm clean
clamav (0.98.7+dfsg-1) unstable; urgency=high
[ Andreas Cadhalpun ]
* Use SocketUser, SocketGroup and RemoveOnStop systemd socket options
instead of using ExecStartPost and ExecStopPost for that.
* Respect clamav-daemon's LocalSocket* options with the systemd unit by
extending the clamav-daemon.socket file appropriately, when running
dpkg-reconfigure clamav-daemon. (Closes: #783720)
* Disable this extendend configuration, when handling the configuration
file with debconf is disabled.
* Disable clamav-daemon.socket in prerm script.
[ Sebastian Andrzej Siewior ]
* Import new upstream:
- Improvements to PDF processing: decryption, escape sequence
handling, and file property collection.
- Scanning/analysis of additional Microsoft Office 2003 XML format.
- Fix infinite loop condition on crafted y0da cryptor file. Identified
and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221.
- Fix crash on crafted petite packed file. Reported and patch
supplied by Sebastian Andrzej Siewior. CVE-2015-2222.
- Fix false negatives on files within iso9660 containers. This issue
was reported by Minzhuan Gong.
- Fix a couple crashes on crafted upack packed file. Identified and
patches supplied by Sebastian Andrzej Siewior.
- Fix a crash during algorithmic detection on crafted PE file.
Identified and patch supplied by Sebastian Andrzej Siewior.
- Fix an infinite loop condition on a crafted "xz" archive file.
This was reported by Dimitri Kirchner and Goulven Guiheux.
CVE-2015-2668.
- Fix compilation error after ./configure --disable-pthreads.
Reported and fix suggested by John E. Krokes.
- Apply upstream patch for possible heap overflow in Henry Spencer's
regex library. CVE-2015-2305 (Closes: #778406).
- Fix crash in upx decoder with crafted file. Discovered and patch
supplied by Sebastian Andrzej Siewior. CVE-2015-2170.
- Fix segfault scanning certain HTML files. Reported with sample by
Kai Risku.
- Improve detections within xar/pkg files.
* update GPG key used to verify releases to get uscan/get_orig.sh working
again.
* update symbol version for cl_retflevel due to CL_FLEVEL change.
-- Louis Bouchard <email address hidden> Mon, 15 Feb 2016 17:32:43 +0100
-
clamav (0.98.7+dfsg-0ubuntu5) xenial; urgency=high
* Use new libsystemd-dev package name.
-- Dimitri John Ledkov <email address hidden> Mon, 07 Dec 2015 11:09:19 +0000
-
clamav (0.98.7+dfsg-0ubuntu4) wily; urgency=medium
* Ignore test results on armhf.
-- Matthias Klose <email address hidden> Mon, 10 Aug 2015 08:37:47 +0000
