Ubuntu
clamav package

Merge with debian: 0.99.3~beta1+dfsg-2

Bug #1732439 reported by Andreas Hasenack
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
clamav (Ubuntu)
Fix Released
Low
Andreas Hasenack

Bug Description

clamav (0.99.3~beta1+dfsg-2) unstable; urgency=medium

  * Build again against system's libmspack (dropped by accident)
    (Closes: #872594).
  * Don't replace config file with sample config after debconf gets disabled
    (in milter and daemon (Closes: #870253).
  * Update standards to 4.0.1
    - use invoke-rc.d instead of /etc/init.d.
    - drop priority extra from clamav-milter.
  * Add bytecode.c(l|v)d to log clamav-freshclam.logcheck.ignore.server. Patch
    by Václav Ovsík (Closes: #868766).

 -- Sebastian Andrzej Siewior Sat, 02 Sep 2017 21:26:33 +0200

clamav (0.99.3~beta1+dfsg-1) unstable; urgency=medium

  * Upload to unstable
  * update to official beta1 release:
    - drop fts-no-use-AC_TRY_RUN.patch, applied upstream.

 -- Sebastian Andrzej Siewior Sun, 06 Aug 2017 22:13:23 +0200

clamav (0.99.3~snapshot20170704+dfsg-1) experimental; urgency=medium

  * Update to upstream snapshot (commit
    144ef69462427b63a650294257c892b047601aac):
    - add config options
    - boost symbol file
    - drop applied patches:
      - Allow-M-suffix-for-PCREMaxFileSize.patch
      - bb11549-fix-temp-file-cleanup-issue.patch
      - clamav_add_private_fts_implementation.patch
      - drop-AllowSupplementaryGroups-option-and-make-it-def.patch
      - fix-ssize_t-size_t-off_t-printf-modifier.patch
      - libclamav-use-libmspack.patch
      - make_it_compile_against_openssl_1_1_0.patch
    - add new ones:
      - fts-no-use-AC_TRY_RUN.patch
      - clamsubmit-add-JSON-libs-to-clamsubmit.patch

 -- Sebastian Andrzej Siewior Mon, 10 Jul 2017 00:06:32 +0200

CVE References

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package clamav - 0.99.3~beta1+dfsg-2ubuntu1

---------------
clamav (0.99.3~beta1+dfsg-2ubuntu1) bionic; urgency=medium

  * Merge with Debian unstable (LP: #1732439). Remaining changes:
    - Fix build by forcing llvm 3.9
      (testsuite seems to be failing)
    - debian/patches/fix_newer_zlib.patch: fix compatibility with zlib
      1.2.9 and newer (LP #1692073).
      [DEP3 header updated to indicate it was incorporated upstream]
  * Drop:
    * debian/patches/zlib-check.patch:
      + cherry-pick upstream fix for wrong zlib version check
        [Fixed upstream]
    - SECURITY UPDATE: DoS via crafted e-mail message
      + debian/patches/CVE-2017-6418.patch: fix invalid read in
        libclamav/message.c.
      + CVE-2017-6418
        [Fixed upstream]
    - SECURITY UPDATE: DoS via WWPack compression
      + debian/patches/CVE-2017-6420.patch: add bounds checks to
        libclamav/wwunpack.c.
      + debian/patches/CVE-2017-6420-2.patch: fix unit tests in
        libclamav/wwunpack.c, unit_tests/check_jsnorm.c.
      + CVE-2017-6420
        [Fixed upstream]

clamav (0.99.3~beta1+dfsg-2) unstable; urgency=medium

  * Build again against system's libmspack (dropped by accident)
    (Closes: #872594).
  * Don't replace config file with sample config after debconf gets disabled
    (in milter and daemon (Closes: #870253).
  * Update standards to 4.0.1
    - use invoke-rc.d instead of /etc/init.d.
    - drop priority extra from clamav-milter.
  * Add bytecode.c(l|v)d to log clamav-freshclam.logcheck.ignore.server. Patch
    by Václav Ovsík <email address hidden> (Closes: #868766).

clamav (0.99.3~beta1+dfsg-1) unstable; urgency=medium

  * Upload to unstable
  * update to official beta1 release:
    - drop fts-no-use-AC_TRY_RUN.patch, applied upstream.

clamav (0.99.3~snapshot20170704+dfsg-1) experimental; urgency=medium

  * Update to upstream snapshot (commit
    144ef69462427b63a650294257c892b047601aac):
    - add config options
    - boost symbol file
    - drop applied patches:
      - Allow-M-suffix-for-PCREMaxFileSize.patch
      - bb11549-fix-temp-file-cleanup-issue.patch
      - clamav_add_private_fts_implementation.patch
      - drop-AllowSupplementaryGroups-option-and-make-it-def.patch
      - fix-ssize_t-size_t-off_t-printf-modifier.patch
      - libclamav-use-libmspack.patch
      - make_it_compile_against_openssl_1_1_0.patch
    - add new ones:
      - fts-no-use-AC_TRY_RUN.patch
      - clamsubmit-add-JSON-libs-to-clamsubmit.patch

 -- Andreas Hasenack <email address hidden> Wed, 22 Nov 2017 19:56:26 -0200

Changed in clamav (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.