diff -u clamav-0.91.2/debian/control clamav-0.91.2/debian/control --- clamav-0.91.2/debian/control +++ clamav-0.91.2/debian/control @@ -1,9 +1,10 @@ Source: clamav Section: utils Priority: optional -Maintainer: Stephen Gran +Maintainer: Ubuntu MOTU Developers +XSBC-Original-Maintainer: Stephen Gran Uploaders: Thomas Lamy -Build-Depends: dpkg-dev (>= 1.13.19), debhelper (>=5.0), zlib1g-dev (>=1:1.1.4), libbz2-dev, libmilter-dev, libgmp3-dev, libwrap0-dev, dpatch, perl, bc +Build-Depends: dpkg-dev (>= 1.13.19), debhelper (>=5.0), zlib1g-dev (>=1:1.1.4), libbz2-dev, libmilter-dev, libgmp3-dev, libwrap0-dev, libcurl4-gnutls-dev, dpatch, perl, bc Standards-Version: 3.7.2 Package: clamav-base @@ -44,7 +45,7 @@ Package: clamav Architecture: any -Depends: ${shlibs:Depends}, clamav-freshclam | clamav-data +Depends: ${shlibs:Depends}, clamav-freshclam | clamav-data, libcurl3-gnutls Recommends: arj, unzoo, clamav-base Suggests: unrar (>=3.0-1), lha, clamav-docs Description: antivirus scanner for Unix @@ -75,7 +76,7 @@ Package: libclamav-dev Section: libdevel Architecture: any -Depends: libclamav2 (= ${binary:Version}), libcurl3-dev, libssl-dev, libidn11-dev, libc6-dev | libc-dev, zlib1g-dev (>=1:1.1.4), libbz2-dev, libgmp3-dev +Depends: libclamav2 (= ${binary:Version}), libcurl4-gnutls-dev, libssl-dev, libidn11-dev, libc6-dev | libc-dev, zlib1g-dev (>=1:1.1.4), libbz2-dev, libgmp3-dev Description: clam Antivirus library development files Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The @@ -108,7 +109,7 @@ Package: clamav-daemon Architecture: any -Depends: ${shlibs:Depends}, clamav-base(>= ${source:Version}), clamav-freshclam | clamav-data, lsb-base (>> 3.0), ucf +Depends: ${shlibs:Depends}, clamav-base(>= ${source:Version}), clamav-freshclam | clamav-data, lsb-base (>> 3.0), ucf, libcurl3-gnutls Suggests: daemon, clamav-docs Description: antivirus scanner daemon Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this @@ -145,7 +146,7 @@ Conflicts: clamav-data Provides: clamav-data Suggests: clamav-docs -Depends: ${misc:Depends}, clamav-base (>= ${source:Version}), ${shlibs:Depends} , debianutils (>= 1.6), ucf (>= 0.28), logrotate, lsb-base (>> 3.0) +Depends: ${misc:Depends}, clamav-base (>= ${source:Version}), ${shlibs:Depends} , debianutils (>= 1.6), ucf (>= 0.28), logrotate, lsb-base (>> 3.0), libcurl3-gnutls Description: downloads clamav virus databases from the Internet Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The @@ -163,7 +164,7 @@ Suggests: daemon, clamav-docs Priority: extra Recommends: clamav-daemon -Depends: ${shlibs:Depends}, clamav-base (>= ${source:Version}), clamav-freshclam | clamav-data, lsb-base (>> 3.0) +Depends: ${shlibs:Depends}, clamav-base (>= ${source:Version}), clamav-freshclam | clamav-data, lsb-base (>> 3.0), libcurl3-gnutls Description: antivirus scanner for sendmail Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The diff -u clamav-0.91.2/debian/clamav-base.postinst.in clamav-0.91.2/debian/clamav-base.postinst.in --- clamav-0.91.2/debian/clamav-base.postinst.in +++ clamav-0.91.2/debian/clamav-base.postinst.in @@ -72,6 +72,11 @@ else rundir="$RUNDIR" fi + # Since /var/run is tempfs, make sure /var/run/clamav exists: + if [ ! -d ${RUNDIR} ] ; then + install -o ${USER} -g ${USER} -m 755 -d ${RUNDIR} || return 2 + fi + data="$(grep '^DatabaseDirectory ' $clamconf | awk '{print $2}')" if [ -n "$data" ]; then datadir="$(dirname "${data}/.")" @@ -251,7 +256,6 @@ [ -z "$PhishingAlwaysBlockCloak" ] && PhishingAlwaysBlockCloak=false [ -z "$DetectPUA" ] && DetectPUA=false - cat >> $DEBCONFFILE << EOF User $user AllowSupplementaryGroups $AllowSupplementaryGroups diff -u clamav-0.91.2/debian/watch clamav-0.91.2/debian/watch --- clamav-0.91.2/debian/watch +++ clamav-0.91.2/debian/watch @@ -2 +2 @@ -http://prdownloads.sourceforge.net/clamav/clamav-(.*).tar.gz debian uupdate +http://qa.debian.org/watch/sf.php?project=clamav/clamav-(.*).tar.gz debian uupdate diff -u clamav-0.91.2/debian/changelog clamav-0.91.2/debian/changelog --- clamav-0.91.2/debian/changelog +++ clamav-0.91.2/debian/changelog @@ -1,3 +1,19 @@ +clamav (0.91.2-1ubuntu1) gutsy; urgency=low + + * Merge from Debian unstable (LP: #135846). Remaining Ubuntu changes: + - Update debian/watch so it works + - Add libcurl3-gnutls depends for clamav-freshclam, clamav-milter, + clamav-daemon + - In debian/clamav-base.postinst.in add test on upgrade to create + /var/run/clamav if it does not exist + - debian/control: Maintainers updated for Ubuntu. + - debian/clamav-freshclam.init.in specify pidfile when starting. + * Add an explicit Build-Depends on libcurl4-gnutls-dev (was libcurl-dev). + * Change Build-Depends in libclamav-dev to libcurl4-gnutls-dev + (was libcurl3-dev). + + -- Cesare Tirabassi Thu, 30 Aug 2007 16:28:07 +0200 + clamav (0.91.2-1) unstable; urgency=low * New upstream version @@ -9,6 +25,25 @@ -- Stephen Gran Tue, 21 Aug 2007 11:17:01 +0100 +clamav (0.91.2-0ubuntu1) gutsy; urgency=low + + * New upstream release + - Update debian/postinst.in to deal with new DetectPUA feature. + * Update debian/watch so it works + + -- Scott Kitterman Tue, 21 Aug 2007 08:36:04 -0400 + +clamav (0.91.1-2ubuntu1) gutsy; urgency=low + + * Merge from Debian unstable. Remaining Ubuntu changes: + - Add libcurl3 depends for clamav-freshclam, clamav-milter, clamav-daemon + - In debian/clamav-base.postinst.in add test on upgrade to create + /var/run/clamav if it does not exist + - debian/control: Maintainers updated for Ubuntu. + - debian/clamav-freshclam.init.in specify pidfile when starting. + + -- Scott Kitterman Mon, 13 Aug 2007 14:14:02 -0400 + clamav (0.91.1-2) unstable; urgency=low * Move database files to -base package (closes: #434505) @@ -17,6 +52,28 @@ -- Stephen Gran Sat, 11 Aug 2007 12:53:03 +0100 +clamav (0.91.1-1ubuntu3) gutsy; urgency=low + + * Add libcurl3 depends for clamav-freshclam, clamav-milter, clamav-daemon + - Upstream README that claim libcurl dependency was removed is wrong. + + -- Scott Kitterman Wed, 01 Aug 2007 22:18:44 -0400 + +clamav (0.91.1-1ubuntu2) gutsy; urgency=low + + * In debian/clamav-base.postinst.in add test on upgrade to create + /var/run/clamav if it does not exist (LP: #117932) + + -- Scott Kitterman Mon, 23 Jul 2007 10:26:35 -0400 + +clamav (0.91.1-1ubuntu1) gutsy; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/control: Maintainers updated for Ubuntu. + - debian/clamav-freshclam.init.in specify pidfile when starting. + + -- Scott Kitterman Tue, 17 Jul 2007 13:36:29 -0400 + clamav (0.91.1-1) unstable; urgency=low * New upstream version @@ -25,6 +82,12 @@ -- Stephen Gran Mon, 16 Jul 2007 23:47:27 +0100 +clamav (0.91.1-0ubuntu1) gutsy; urgency=low + + * New upstream release + + -- Scott Kitterman Mon, 16 Jul 2007 21:27:04 -0400 + clamav (0.91-2) unstable; urgency=low * Pull 25_phishcheck-crash.dpatch from upstream svn to fix a possible crash @@ -50,6 +113,23 @@ -- Stephen Gran Sun, 15 Jul 2007 16:48:06 +0100 +clamav (0.91-0ubuntu1) gutsy; urgency=low + + * New upstream release + - Freshen 02_milter_sendmail_version_patch + - Freshen 03_etc_files_patch + - Freshen 20_clamscan-manpage-update.dpatch + + -- Scott Kitterman Sun, 15 Jul 2007 01:30:03 -0400 + +clamav (0.90.3-2ubuntu1) gutsy; urgency=low + + * Merge from Debian unstable. Remaining Ubuntu changes: + - debian/control: Maintainers updated for Ubuntu. + - debian/clamav-freshclam.init.in specify pidfile when starting. + + -- Scott Kitterman Tue, 10 Jul 2007 13:30:20 -0400 + clamav (0.90.3-2) unstable; urgency=low * Fix newaliases test to not fail when newaliases isn't present @@ -58,6 +138,27 @@ -- Stephen Gran Sat, 07 Jul 2007 09:21:20 +0100 +clamav (0.90.3-1ubuntu3) gutsy; urgency=low + + * Rebuild for the libcurl transition mess. + + -- Steve Kowalik Thu, 5 Jul 2007 00:14:33 +1000 + +clamav (0.90.3-1ubuntu2) gutsy; urgency=low + + * Stop clamav-base postinst from bailing out when which newaliases + doesn't return anything (fix from Soren Hansen) (LP: #39853) + + -- Scott Kitterman Wed, 27 Jun 2007 13:22:01 -0400 + +clamav (0.90.3-1ubuntu1) gutsy; urgency=low + + * Merge from Debian unstable. Remaining Ubuntu changes: + - debian/control: Maintainers updated for Ubuntu. + - debian/clamav-freshclam.init.in specify pidfile when starting. + + -- Efrain Valles Sat, 2 Jun 2007 09:29:00 -0400 + clamav (0.90.3-1) unstable; urgency=low * New upstream version @@ -69,6 +170,14 @@ -- Stephen Gran Thu, 31 May 2007 01:02:05 +0100 +clamav (0.90.2-4ubuntu1) gutsy; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/control: Maintainers updated for Ubuntu. + - debian/clamav-freshclam.init.in specify pidfile when starting. + + -- Scott Kitterman Sat, 19 May 2007 15:45:11 -0400 + clamav (0.90.2-4) unstable; urgency=low * Make sure su gets a shell (closes: #424772) @@ -98,6 +207,16 @@ -- Stephen Gran Mon, 14 May 2007 23:16:27 +0100 +clamav (0.90.2-1ubuntu1) gutsy; urgency=low + + * Merge from Debian unstable. Remaining Ubuntu changes: + - debian/clamav-base.init-stub, debian/clamav-daemon.init, + debian/rules: init script stub for common setup functions. + - debian/control: Maintainers updated for Ubuntu. + - debian/clamav-freshclam.init.in specify pidfile when starting. + + -- Scott Kitterman Sat, 5 May 2007 16:25:28 -0400 + clamav (0.90.2-1) unstable; urgency=low * New upstream version @@ -121,6 +240,34 @@ -- Stephen Gran Mon, 12 Mar 2007 23:00:42 +0000 +clamav (0.90.2-0ubuntu1) feisty; urgency=low + + * New upstream release not in Debian yet. + - Current patchset still applies + * No /debian changes. + * UVF Exception granted (LP: #106357) + - Upstream is disabling virus definition support for 0.90.0/1 will + be disabled starting on April 16 2007. + + -- Scott Kitterman Sat, 14 Apr 2007 05:24:09 -0400 + +clamav (0.90.1-1ubuntu2) feisty; urgency=low + + * Change clamav-freshclam.init.in to specify pidfile when starting. + - Fixes LP: #85573 + + -- Scott Kitterman Sat, 31 Mar 2007 16:06:16 -0400 + +clamav (0.90.1-1ubuntu1) feisty; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/clamav-base.init-stub, debian/clamav-daemon.init, + debian/rules: init script stub for common setup functions. + - debian/control: Maintainers updated for Ubuntu. + * UVF exception: LP: #89208 + + -- Michael Bienia Mon, 5 Mar 2007 12:59:32 +0100 + clamav (0.90.1-1) unstable; urgency=low * New upstream version. @@ -144,6 +291,15 @@ -- Stephen Gran Fri, 2 Mar 2007 03:18:31 +0000 +clamav (0.90-1ubuntu1) feisty; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/clamav-base.init-stub, debian/clamav-daemon.init, + debian/rules: init script stub for common setup functions. + - debian/control: Maintainers updated for Ubuntu. + + -- Kees Cook Tue, 20 Feb 2007 10:33:44 -0800 + clamav (0.90-1) unstable; urgency=medium * New upstream version (closes: #410966) @@ -166,6 +322,14 @@ -- Stephen Gran Thu, 15 Feb 2007 01:28:37 +0000 +clamav (0.90~rc3-1ubuntu1) feisty; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/clamav-base.init-stub, debian/clamav-daemon.init, + debian/rules: init script stub for common setup functions. + + -- Kees Cook Mon, 5 Feb 2007 18:09:04 -0800 + clamav (0.90~rc3-1) unstable; urgency=low * New upstream version @@ -216,6 +380,31 @@ -- Stephen Gran Mon, 11 Dec 2006 13:44:54 +0000 +clamav (0.88.7-1ubuntu1) feisty; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/clamav-base.init-stub, debian/clamav-daemon.init, + debian/rules: init script stub for common setup functions. + + -- Kees Cook Tue, 12 Dec 2006 16:04:26 -0800 + +clamav (0.88.7-1) unstable; urgency=medium + + * New upstream version + [ CVE-2006-6406 ] MIME encoding scan bypass (closes: #401873) + [ CVE unavailable ] Nested multipart recursion DoS (closes: #401874) + + -- Stephen Gran Tue, 12 Dec 2006 00:38:02 +0000 + +clamav (0.88.6-1ubuntu1) feisty; urgency=low + + * Merge from debian unstable. + * Remaining Ubuntu changes: + - debian/clamav-base.init-stub, debian/clamav-daemon.init, + debian/rules: init script stub for common setup functions. + + -- Kees Cook Tue, 28 Nov 2006 21:22:48 -0800 + clamav (0.88.6-1) unstable; urgency=low * New upstream version @@ -282,6 +471,22 @@ -- Stephen Gran Tue, 8 Aug 2006 21:38:43 +0100 +clamav (0.88.4-1ubuntu2) edgy; urgency=low + + * SECURITY UPDATE: multiple denial of service attacks in file processors. + * Add 'debian/patches/30_pe_chm_overflows.dpatch' to close overflows. + Patch from Debian stable (Closes Malone #66510). + * References + CVE-2006-4182, CVE-2006-5295 + + -- Kees Cook Mon, 23 Oct 2006 12:09:30 -0700 + +clamav (0.88.4-1ubuntu1) edgy; urgency=low + + * Merge from debian unstable. + + -- Benjamin Montgomery Wed, 9 Aug 2006 21:46:03 -0500 + clamav (0.88.4-1) unstable; urgency=low * New upstream version @@ -294,6 +499,14 @@ -- Stephen Gran Tue, 8 Aug 2006 11:24:05 +0100 +clamav (0.88.3-1ubuntu1) edgy; urgency=low + + * Merge from debian unstable. + * Re-Added fixed from Martin Pitt (0.88.1-1ubuntu1) and + Chuck Short (0.88.1-1ubuntu2) + + -- Benjamin Montgomery Mon, 7 Aug 2006 20:13:45 -0500 + clamav (0.88.3-1) unstable; urgency=low * New upstream version @@ -311,6 +524,14 @@ -- Stephen Gran Thu, 18 May 2006 23:45:00 +0100 +clamav (0.88.2-1ubuntu1) dapper; urgency=low + + * Merged new (debian) upstream + * Re-Added fixed from Martin Pitt (0.88.1-1ubuntu1) + and Chuck Short (0.88.1-1ubuntu2) + + -- Stephan Hermann Sun, 14 May 2006 11:45:42 +0200 + clamav (0.88.2-1) unstable; urgency=high * New upstream version @@ -328,6 +549,25 @@ -- Stephen Gran Sun, 30 Apr 2006 12:35:19 +0100 +clamav (0.88.1-1ubuntu2) dapper; urgency=low + + * debian/clamav-daemon.init. + + Fixed init script. (Closes: Malone #39263) + + -- Chuck Short Thu, 4 May 2006 16:10:19 -0400 + +clamav (0.88.1-1ubuntu1) dapper; urgency=low + + * Synchronize to Debian to get new upstream microrelease (UVF exception + approved by Daniel Holbach). This fixes the following vulnerabilities: + - CVE-2006-1614: integer overflow in the PE header parser + - CVE-2006-1615: format string vulnerabilities in logging code + - CVE-2006-1630: DoS due to invalid memory access in cli_bitset_set() + * debian/clamav-base.init-stub: Protect 'x && y' with '|| true' to not break + init script if it's run under set -e. + + -- Martin Pitt Tue, 11 Apr 2006 10:27:47 +0200 + clamav (0.88.1-1) unstable; urgency=low * New upstream release @@ -355,6 +595,16 @@ -- Stephen Gran Tue, 24 Jan 2006 23:26:12 +0000 +clamav (0.88-2ubuntu1) dapper; urgency=low + + * Ship a new file, /etc/clamav/clamav-base.init, which is a stub + containing common setup functions required for each of the other + three init scripts. Currently, all it does is create the /var/run + directory that we need if /var/run is on tmpfs. + * Make all three of our init scripts source the above file. + + -- Adam Conrad Fri, 24 Feb 2006 19:07:26 +1100 + clamav (0.88-2) unstable; urgency=low * Actually rebuild ./configure with the magic to make pass_all work diff -u clamav-0.91.2/debian/clamav-freshclam.init.in clamav-0.91.2/debian/clamav-freshclam.init.in --- clamav-0.91.2/debian/clamav-freshclam.init.in +++ clamav-0.91.2/debian/clamav-freshclam.init.in @@ -98,7 +98,7 @@ log_end_msg 1 exit 0 fi - su "$DatabaseOwner" -p -s /bin/sh -c ". /lib/lsb/init-functions && start_daemon $DAEMON -d --quiet" + su "$DatabaseOwner" -p -s /bin/sh -c ". /lib/lsb/init-functions && start_daemon $DAEMON $PIDFILE -d --quiet" log_end_msg $? ;; stop)