lp:ubuntu/hardy-security/clamav

Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/hardy-security/clamav
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

56. By Scott Kitterman

[ Seth Arnold ]
* SECURITY UPDATE: Updated to 0.97.8 to fix multiple security issues.
  - CVE-2013-2020 and CVE-2013-2021

[ Scott Kitterman ]
* Merge from Debian unstable (LP: #1172981). Remaining changes:
  - Drop build-dep on electric-fence (in Universe)
  - Add apparmor profiles for clamd and freshclam along with maintainer
    script changes
* Changes to adapt to Hardy:
  - Build without llvm support on lpia to fix FTBFS (not a regression as
    llvm has never built on hardy lpia)
  - Drop -T -W from apparmor_parser calls in clamav-daemon and freshclam
    postinsts since it is not supported in Hardy's apparmor
  - Drop deny rule in freshclam apparmor profile since deny is not
    supported in Hardy's apparmor
  - Drop dh_lintian from debian/rules and adjust version of debhelper
    build-dep
  - Drop build-dep and libclamav-dev depends on non-existent libtommath-dev
  - Changed Section to 'utils' for clamav-dbg package
  - Ignore test suite errors on hppa
  - Build-depend on libltdl3-dev instead of libltdl-dev
  - Drop hardening flags changes
  - Drop unneeded versioning on lsb-base (clamav ships it's own status
    function)

55. By Scott Kitterman

[ Marc Deslauriers ]
* SECURITY UPDATE: Updated to 0.97.7 to fix multiple security issues.
  (LP: #1157385)
  - CVE numbers pending

[ Scott Kitterman ]
* Changes to adapt to Hardy:
  - Build without llvm support on lpia to fix FTBFS (not a regression as
    llvm has never built on hardy lpia)
  - Drop -T -W from apparmor_parser calls in clamav-daemon and freshclam
    postinsts since it is not supported in Hardy's apparmor
  - Drop deny rule in freshclam apparmor profile since deny is not
    supported in Hardy's apparmor
  - Drop dh_lintian from debian/rules and adjust version of debhelper
    build-dep
  - Drop build-dep and libclamav-dev depends on non-existent libtommath-dev
  - Changed Section to 'utils' for clamav-dbg package
  - Ignore test suite errors on hppa
  - Build-depend on libltdl3-dev instead of libltdl-dev
  - Drop hardening flags changes
  - Drop unneeded versioning on lsb-base (clamav ships it's own status
    function)

54. By Marc Deslauriers

* SECURITY UPDATE: denial of service via double free in vba processing
  - libclamav/vba_extract.c: set buf to NULL when it gets freed.
  - http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=d21fb8d975f8c9688894a8cef4d50d977022e09f
  - CVE-2011-1003

53. By Jamie Strandboge

* SECURITY UPDATE: fix integer overflow in BZ2_decompress()
  - libclamav/nsis/bzlib.c: return error if N is larger than 2*1024^2 which
    keeps us from overflowing but leaves enough room for the 900k maximum
    value of the RUNA/RUNB encoding
  - patch based on upstream bzip2
  - CVE-2010-0405

52. By Jamie Strandboge

* SECURITY UPDATE: fix crash via heap overflow when processing malformed
  PDF file
  - libclamav/pdf.c: make sure enough space is allocated for tmpbuf in
    cli_pdf()
  - https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2016
  - clamav git f0eb394501ec21b9fe67f36cbf5db788711d4236

51. By Scott Kitterman

* SECURITY UPDATE: (LP: #553266)
* References clamav bugs #1771 and #1826
* libclamav/mspack.c: fix Quantum decompressor (bb#1771)
  - clamav git 224fee54dd6cd8933d7007331ec2bfca0398d4b4
* libclamav/mspack.c: improve unpacking of malformed cabinets (bb#1826)
  - clamav git 31b77b3fb589ab07e7b4d84f8b3825178864ee51

50. By Jamie Strandboge

No change rebuild from hardy-backports per microrelease exception

49. By Jamie Strandboge

No change rebuild from backports for use with ClamAV 0.94

48. By Scott Kitterman

* SECURITY UPDATE: re-enable modules disabled due to resolved security
  deficiencies:
* References
* Clamav svn commit 4550 LP: #317923

47. By Leonel Nunez

* SECURITY UPDATE: denial of service via out-of-memory null dereferences,
  memory leaks, and file descriptor leaks:
  - 29_CVE-2008-3912.dpatch: backported upstream fixes.
  - 30_CVE-2008-3913.dpatch: backported upstream fixes.
  - 31_CVE-2008-3914.dpatch: backported upstream fixes.
  - LP: #271546
* SECURITY UPDATE: denial of service via crafted JPEG file
  - 32_cli_check_jpeg_exploit.dpatch: backported upstream fixes.
  - CVE-2008-5314, LP: #304017

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/natty/clamav
This branch contains Public information 
Everyone can see this information.

Subscribers