ClamAV 0.98.6 security update for Lucid

Thanks, I'm working on this now. I updated the changelog slightly to add a reference to this bug report.

Hi Chris,

Did you do a test build on powerpc? Even with not using llvm, I got a build failure in the unit tests on powerpc. I'll retry the build as sometimes things can be flaky on the powerpc buildds, but the relevant bits from the log are as follows:

make[3]: Entering directory `/build/buildd/clamav-0.98.6+dfsg/unit_tests'
cp input/clamav.hdb clamav.hdb
  CC check_clamav-check_clamav.o
check_clamav.c: In function 'test_cli_readint16':
check_clamav.c:708: warning: pointer targets in passing argument 1 of 'cli_readint16' differ in signedness
../libclamav/others.h:519: note: expected 'const char *' but argument is of type 'uint8_t *'
check_clamav.c:713: warning: pointer targets in passing argument 1 of 'cli_readint16' differ in signedness
../libclamav/others.h:519: note: expected 'const char *' but argument is of type 'uint8_t *'
check_clamav.c: In function 'test_cli_readint32':
check_clamav.c:725: warning: pointer targets in passing argument 1 of 'cli_readint32' differ in signedness
../libclamav/others.h:509: note: expected 'const char *' but argument is of type 'uint8_t *'
check_clamav.c:730: warning: pointer targets in passing argument 1 of 'cli_readint32' differ in signedness
../libclamav/others.h:509: note: expected 'const char *' but argument is of type 'uint8_t *'
check_clamav.c: In function 'test_cli_writeint32':
check_clamav.c:741: warning: pointer targets in passing argument 1 of 'cli_writeint32' differ in signedness
../libclamav/others.h:527: note: expected 'char *' but argument is of type 'uint8_t *'
check_clamav.c:744: warning: pointer targets in passing argument 1 of 'cli_readint32' differ in signedness
../libclamav/others.h:509: note: expected 'const char *' but argument is of type 'uint8_t *'
check_clamav.c:748: warning: pointer targets in passing argument 1 of 'cli_writeint32' differ in signedness
../libclamav/others.h:527: note: expected 'char *' but argument is of type 'uint8_t *'
check_clamav.c:751: warning: pointer targets in passing argument 1 of 'cli_readint32' differ in signedness
../libclamav/others.h:509: note: expected 'const char *' but argument is of type 'uint8_t *'
  CC check_clamav-check_jsnorm.o
  CC check_clamav-check_str.o
  CC check_clamav-check_regex.o
  CC check_clamav-check_disasm.o
  CC check_clamav-check_uniq.o
  CC check_clamav-check_matchers.o
  CC check_clamav-check_htmlnorm.o
  CC check_clamav-check_bytecode.o
check_bytecode.c: In function 'test_matchwithread_jit':
check_bytecode.c:255: warning: passing argument 1 of 'cli_writeint32' from incompatible pointer type
../libclamav/others.h:527: note: expected 'char *' but argument is of type 'uint32_t *'
check_bytecode.c: In function 'test_matchwithread_int':
check_bytecode.c:278: warning: passing argument 1 of 'cli_writeint32' from incompatible pointer type
../libclamav/others.h:527: note: expected 'char *' but argument is of type 'uint32_t *'
check_bytecode.c: At top level:
check_bytecode.c:463: warning: 'test_retmagic_7_int' defined but not used
  CCLD check_clamav
  CC check_clamd-check_clamd.o
  CCLD check_clamd
  CC check_fpu_endian-check_fpu_endian.o
  CCLD check_fpu_...

This bug was fixed in the package clamav - 0.98.6+dfsg-0ubuntu0.10.04.1

---------------
clamav (0.98.6+dfsg-0ubuntu0.10.04.1) lucid-security; urgency=medium

  [ Marc Deslauriers ]
  * Updated to 0.98.6 to fix security issues, including CVE-2014-9328.
    (LP: #1420819)
  * Removed upstreamed patches:
    - d/p/0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch
    - d/p/0017-Bump-.so-version-number.patch

  [ Chris Pollock ]
  * Drop dh_autoreconf from build-depends
  * Remove use of dh_autoreconf from debian/rules
  * Adjust list of no LLVM architectures in debian/rules to include powerpc
    to avoid FTBFS on lucid

clamav (0.98.5+addedllvm-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to 0.98.5 to fix security issues, including CVE-2013-6497.
  * Removed patches no longer needed:
    - d/p/0002-Sebastian-Andrzej-Siewior.patch
    - d/p/0003-configure-use-pkg-config-for-check-so-test-is-detect.patch
    - d/p/0004-Stop-using-a-cargo-culted-syscall-table-and-trust-th.patch
    - d/p/0005-configure.ac-patches-to-got-with-autoreconf-and-auto.patch
    - d/p/0006-Fix-STAT64-definition-and-add-missing-includes.patch
  * Added patches from vivid to fix FTBFS, .so version and other issues:
    - d/p/0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch
    - d/p/0003-unit_tests-increment-test-timeout-from-40secs-to-5mi.patch
    - d/p/0006-remove-unnecessary-harmful-flags-from-libclamav.pc.patch
    - d/p/0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - d/p/0017-Bump-.so-version-number.patch
    - d/p/0018-llvm-don-t-use-system-libs.patch
  * debian/clamav-docs.docs: use wildcards, as some docs have changed.
  * debian/clamav-base.postinst.in: added new options.
  * debian/clamav-base.config.in: added new options.
  * debian/clamav-base.templates: added new options.
  * debian/control: added libssl-dev BuildDepends.
  * clamav-testfiles.install: removed rar files.
 -- Chris <email address hidden> Sun, 08 Feb 2015 07:54:07 -0600