lp:debian/clamav
- Get this branch:
- bzr branch lp:debian/clamav
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 61. By Sebastian Andrzej Siewior <email address hidden>
-
[ Sebastian Andrzej Siewior ]
* use T=<timeout> so we can drop
unit_tests-increment -test-timeout- from-40secs- to-5mi from the patch queue.
* add 0013-tfm-fix-compile- errors. patch and
0014-tfm-duct- tape-misscompil e-on-armhf. patch to get it built on armhf
with gcc-5.[ Andreas Cadhalpun ]
* Prevent the logrotate scripts from aborting if reloading/restarting fails.
Thanks to John Zaitseff. (Closes: #788652) - 60. By Sebastian Andrzej Siewior <email address hidden>
-
[ Andreas Cadhalpun ]
* Increase MaxRecursion to the upstream default of 16. (Closes: #787249)
* Bump the version for the PidFile removal check in the clamav-daemon and
clamav-freshclam postinst scripts (Closes: #767353)
* Add database existence check also to clamav-daemon. socket.
This works around systemd bug #775458. (Closes: #775112)[ Sebastian Andrzej Siewior ]
* also remove debian/clamav- freshclam. prerm clean - 59. By Scott Kitterman
-
[ Andreas Cadhalpun ]
* Use SocketUser, SocketGroup and RemoveOnStop systemd socket options
instead of using ExecStartPost and ExecStopPost for that.
* Respect clamav-daemon's LocalSocket* options with the systemd unit by
extending the clamav-daemon. socket file appropriately, when running
dpkg-reconfigure clamav-daemon. (Closes: #783720)
* Disable this extendend configuration, when handling the configuration
file with debconf is disabled.
* Disable clamav-daemon. socket in prerm script. [ Sebastian Andrzej Siewior ]
* Import new upstream:
- Improvements to PDF processing: decryption, escape sequence
handling, and file property collection.
- Scanning/analysis of additional Microsoft Office 2003 XML format.
- Fix infinite loop condition on crafted y0da cryptor file. Identified
and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221.
- Fix crash on crafted petite packed file. Reported and patch
supplied by Sebastian Andrzej Siewior. CVE-2015-2222.
- Fix false negatives on files within iso9660 containers. This issue
was reported by Minzhuan Gong.
- Fix a couple crashes on crafted upack packed file. Identified and
patches supplied by Sebastian Andrzej Siewior.
- Fix a crash during algorithmic detection on crafted PE file.
Identified and patch supplied by Sebastian Andrzej Siewior.
- Fix an infinite loop condition on a crafted "xz" archive file.
This was reported by Dimitri Kirchner and Goulven Guiheux.
CVE-2015-2668.
- Fix compilation error after ./configure --disable-pthreads.
Reported and fix suggested by John E. Krokes.
- Apply upstream patch for possible heap overflow in Henry Spencer's
regex library. CVE-2015-2305 (Closes: #778406).
- Fix crash in upx decoder with crafted file. Discovered and patch
supplied by Sebastian Andrzej Siewior. CVE-2015-2170.
- Fix segfault scanning certain HTML files. Reported with sample by
Kai Risku.
- Improve detections within xar/pkg files.
* update GPG key used to verify releases to get uscan/get_orig.sh working
again.
* update symbol version for cl_retflevel due to CL_FLEVEL change. - 58. By Andreas Cadhalpun
-
* Fix syntax errors in clamav-
freshclam. postinst. Thanks piuparts!
* Fix cleanup on purge in clamav-base.postrm. - 57. By Andreas Cadhalpun
-
[ Andreas Cadhalpun ]
* Fix variable name mismatch in clamav-milter. postinst in order to
make preseeding work correctly. (Closes: #778445)
* Fix clamav-daemon installability with custom PidFile.
Thanks to Andy Dorman for the bug report and patch. (Closes: #778507)
* Rename DEBCONFILE to DEBCONFFILE in clamav-freshclam. postinst making it
consistent with the other postinst scripts.
* Build against libsystemd-dev. (Closes: #779758)
* Drop 'XS-Testsuite: autopkgtest' from debian/control.
Debhelper automatically adds the Testsuite field.
This fixes the lintian warning xs-testsuite-header- in-debian- control.
* Shorten debian/copyright. This fixes some lintian warnings:
- dep5-copyright-license- name-not- unique
- wildcard-matches- nothing- in-dep5- copyright
- unused-file-paragraph- in-dep5- copyright
* Use pathfind to avoid hardcoding paths.
This fixes command-with-path- in-maintainer- script lintian warnings. [ Sebastian Andrzej Siewior ]
* Replace ” with " in debian/common_ functions (Closes: #781088)
* Drop __DATE__ from tfm to make the package build reproducible with
-Werror=date-time. With this change faketime is no longer required. - 56. By Scott Kitterman
-
[ Sebastian Andrzej Siewior ]
* update "fix-ssize_t-size_ t-off_t- printf- modifier" , include of misc.h was
missing but was pulled in via the systemd patch.
* Don't leak return codes from libmspack to clamav API. (Closes: #774686).[ Andreas Cadhalpun ]
* Add patch to avoid emitting incremental progress messages when not
outputting to a terminal. (Closes: #767350)
* Update lintian-overrides for unused-file-paragraph- in-dep5- copyright.
* clamav-base.postinst: always chown /var/log/clamav and /var/lib/clamav
to clamav:clamav, not only on fresh installations. (Closes: #775400)
* Adapt the clamav-daemon and clamav-freshclam logrotate scripts,
so that they correctly work under systemd.
* Move the PidFile variable from the clamd/freshclam configuration files
to the init scripts. This makes the init scripts more robust against
misconfiguration and avoids error messages with systemd. (Closes: #767353)
* debian/copyright: drop files from Files-Excluded only present in github
tarballs
* Drop Workaround-a-bug-in- libc-on- Hurd.patch, because hurd got fixed.
(see #752237)
* debian/rules: Remove useless --with-system- tommath --without- included- ltdl
configure options.[ Scott Kitterman ]
* Stop stripping llvm when repacking the tarball as the system llvm on some
releases is too old to use
* New upstream bugfix release
- Library shared object revisions.
- Includes a patch from Sebastian Andrzej Siewior making ClamAV pid files
compatible with systemd.
- Fix a heap out of bounds condition with crafted Yoda's crypter files.
This issue was discovered by Felix Groebert of the Google Security Team.
- Fix a heap out of bounds condition with crafted mew packer files. This
issue was discovered by Felix Groebert of the Google Security Team.
- Fix a heap out of bounds condition with crafted upx packer files. This
issue was discovered by Kevin Szkudlapski of Quarkslab.
- Fix a heap out of bounds condition with crafted upack packer files. This
issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328.
- Compensate a crash due to incorrect compiler optimization when handling
crafted petite packer files. This issue was discovered by Sebastian
Andrzej Siewior.
* Update lintian override for embedded zlib to match new so version[ Javier Fernández-Sanguino ]
* Updated Spanish Debconf template translation (Closes: #773563) - 54. By Andreas Cadhalpun
-
* Automatically extend the clamav-
daemon. socket systemd unit to create the
TCP socket, when clamd is configured to use TCP. (Closes: #771911)
* Also accept AF_INET6 sockets in clamd, as they are now supported.
Systemd uses AF_INET6 for TCP sockets without specified address. - 53. By Sebastian Andrzej Siewior <email address hidden>
-
[ Sebastian Andrzej Siewior ]
* import new upsstream version, refresh patches:
dropped:
- LLVM-3.5-version- check-update. patch
- add-support-for-LLVM- 3.5.patch
- fix-test-failure- on-powerpc- again.patch
updated:
- hardcode-LLVM-linker- flag-because- llvm-config- return
- added "bb-10731-Allow-to- specificy- a-group- for-the- socket- o" as
dependecy for "clamav-milter- add-additinal- SMFIF_- flags-before- invo"
(Closes: #763300)
* Add "Bump-.so-version- number" , likely the RPM version of 769384.
* Add "llvm-don-t-use-system- libs", since we don't link against .a libs, we
don't need the deps either.[ Scott Kitterman ]
* Update libclamav6: embedded-library lintian override for new libclamav6 so
version - 52. By Andreas Cadhalpun
-
Bump the version requirement for the cl_retflevel symbol to 0.98.5~rc1,
because the CL_FLEVEL, which this function returns, increased in that
version the last time.
This ensures that the functionality level of libclamav is always new
enough. (Closes: #769384)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)