ports/120547: update clamav to .92.1
Michael Scheidell
scheidell at secnap.net
Tue Feb 12 02:50:01 UTC 2008
>Number: 120547
>Category: ports
>Synopsis: update clamav to .92.1
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Tue Feb 12 02:50:00 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Michael Scheidell
>Release: 6.3
>Organization:
SECNAP Network Security
>Environment:
na
>Description:
clamav has released version .92.1
lots of minor bug fixes:
Mon Feb 11 19:32:02 CET 2008
----------------------------
* libclamav/mew.c: fix possible heap corruption (bb#806)
Found by Elliot, broken module disabled via daily.cvd published on Feb 2
* libclamav/pe.c: fix possible integer overflow (CVE-2008-0318)
Found by Silvio Cesare working with the VeriSign iDefense VCP;
broken module disabled via daily.cvd published on Jan 11, 2008
* libclamav/cab.c: improve handling of stored files (bb#771)
* libclamav/unarj.c: improve bounds checking (bb#811)
* libclamav/scanners.c: respect recursion limits in cli_scanembpe() (bb#771)
* libclamav/vba_extract.c: fix extraction of embedded files (bb#760)
* libclamav/others.[ch]: add cli_ctime() (uses ctime_r() if available or
falls back to mutex protected ctime())
* clamd, clamav-milter, shared: use cli_ctime() instead of the
thread-unsafe ctime()
* libclamav/nsis/nulsft.c: use mutex for cli_nsis_unpack() (bb#812)
* libclamunrar: Use static CRC table - bb#64
* libclamav/matcher-bm.c: on Solaris/Intel bm_shift could be improperly
allocated (bb#773)
* freshclam/manager.c: advertise itself as HTTP/1.0 client
* libclamav/cab.[ch]: rewrite file/folder handling code (bb#730)
* shared/output.c: fix handling of special characters in mprintf/logg (bb#360)
* shared/misc.c: add error reporting to daemonize() (bb#729)
* configure: if available use dscl on Mac OS X (bb#753)
* libclamunrar/unrar.c: disable 'Unknown RAR pack method' error message due
to false alerts with some SFX archives (bb#399)
* configure: don't link with nsl if not needed (bb#754)
* shared/misc.c, clamd, clamscan, freshclam: respect custom dbdir settings
in print_version() (bb#699)
* libclamunrar_iface/unrar_iface.h: add missing #pragma pack direct. (bb#769)
* libclamav/entconv.c: don't make tmp_move negative (exper. code, bb #772).
* shared/misc.c: don't pass --rsrc flag to ditto (bb#380)
* libclamav: fix printing of size_t and off_t vars (bb#444)
* clamav-milter: Use new cli_rndnum API
* libclamav/others.c: improve cli_rndnum() and cli_gentempfd()
* libclamav/cvd.c: fix error path descriptor leak; gzdopen() may not close fd
* shared/misc.c: cvd_unpack: cli_untgz() no longer closes fd
* clamav-milter: Fix error handling in Session Mode
* clamav-milter: Correct nul termination in ping response from clamd
* libclamunrar_iface/unrar_iface.[ch]: minor cleanups
>How-To-Repeat:
>Fix:
diff -bBru /var/tmp/clamav/ ./
diff -bBru /var/tmp/clamav/Makefile ./Makefile
--- /var/tmp/clamav/Makefile Thu Jan 24 12:04:37 2008
+++ ./Makefile Mon Feb 11 21:13:02 2008
@@ -6,7 +6,7 @@
#
PORTNAME= clamav
-PORTVERSION= 0.92
+PORTVERSION= 0.92.1
CATEGORIES= security
MASTER_SITES= SF
diff -bBru /var/tmp/clamav/distinfo ./distinfo
--- /var/tmp/clamav/distinfo Wed Dec 19 18:08:36 2007
+++ ./distinfo Mon Feb 11 21:16:57 2008
@@ -1,6 +1,6 @@
-MD5 (clamav-0.92.tar.gz) = e500651858a9187a87025c8a5c23969c
-SHA256 (clamav-0.92.tar.gz) = d3c8c1e2e0025a354663b330d69c8848c7a5c9d7248204c69362c2924366025e
-SIZE (clamav-0.92.tar.gz) = 14300798
+MD5 (clamav-0.92.1.tar.gz) = c16e60f569b6ec575d8de494e788f9d2
+SHA256 (clamav-0.92.1.tar.gz) = e08a63adb3eda3dfc190d7a8b3fa55c881b1632583fbdf67327d3767d6966581
+SIZE (clamav-0.92.1.tar.gz) = 15284752
MD5 (unrar.diff) = 3ee33ac3d02f5ef95b22905e49dc3ef7
SHA256 (unrar.diff) = 859ea0a74c77cdb2e63e4b674e35d880c304282fab99786d1c9cfee92ce11607
SIZE (unrar.diff) = 178262
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list