Ubuntu
clamav package

Merge clamav from Debian unstable for oracular

Bug #2064394 reported by Bryce Harrington
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
clamav (Ubuntu)
New
Undecided
Bryce Harrington
Ubuntu ubuntu-24.05

Bug Description

Upstream: tbd
Debian: 1.0.5+dfsg-1.1 1.2.1+dfsg-3
Ubuntu: 1.0.5+dfsg-1.1ubuntu3

Debian new has 1.2.1+dfsg-3, which may be available for merge soon.

If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired.

If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38

### New Debian Changes ###

clamav (1.0.5+dfsg-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Rename libraries for 64-bit time_t transition. Closes: #1062072

 -- Steve Langasek <email address hidden> Wed, 28 Feb 2024 15:44:10 +0000

clamav (1.0.5+dfsg-1) unstable; urgency=medium

  * Import 1.0.4 (Closes: #1063479).
    - Update symbols.
    - CVE-2024-20290 (Fixed a possible heap overflow read bug in the OLE2 file
      parser that could cause a denial-of-service (DoS) condition.)
    - CVE-2024-20328 (Fixed a possible command injection vulnerability in the
      'VirusEvent' feature of ClamAV's ClamD service.

 -- Sebastian Andrzej Siewior <email address hidden> Thu, 08 Feb 2024 21:38:51 +0100

clamav (1.0.4+dfsg-1) unstable; urgency=medium

  * Import 1.0.4
    - Update symbols.
  * Add systemd-dev to Build-Depends (Closes: #1060559).
  * Mark clamav-base as foreign (Closes: #1060889).

 -- Sebastian Andrzej Siewior <email address hidden> Sat, 20 Jan 2024 11:57:33 +0100

clamav (1.0.3+dfsg-2) unstable; urgency=medium

  * Remove unnecessary warning messages in freshclam during update.

 -- Sebastian Andrzej Siewior <email address hidden> Sat, 09 Sep 2023 12:49:40 +0200

clamav (1.0.3+dfsg-1) unstable; urgency=medium

  * Import 1.0.3

 -- Sebastian Andrzej Siewior <email address hidden> Sat, 09 Sep 2023 10:18:34 +0200

clamav (1.0.2+dfsg-1) unstable; urgency=medium

  * Import 1.0.2 (Closes: #1050057)
    - CVE-2023-20197 (Possible DoS in HFS+ file parser).
    - CVE-2023-20212 (Possible DoS in AutoIt file parser).
  * Use cmake for xml2 detection (Closes: #949100).
  * Replace tomsfastmath with OpenSSL's BN.
  * Don't enable clamonacc by default (Closes: #1030171).
  * Let the clamav-daemon.socket depend on the service file again
    (Closes: #1044136).

 -- Sebastian Andrzej Siewior <email address hidden> Sat, 19 Aug 2023 19:07:32 +0200

clamav (1.0.1+dfsg-2) unstable; urgency=medium

  * Depend on latest libtfm1 (Closes: #1031896, #1027010).

 -- Sebastian Andrzej Siewior <email address hidden> Sun, 26 Feb 2023 17:39:06 +0100

clamav (1.0.1+dfsg-1) unstable; urgency=medium

  * Import 1.0.1 (Closes: #1031509)
    - CVE-2023-20032 (Possible RCE in the HFS+ file parser).
    - CVE-2023-20052 (Possible information leak in the DMG file parser).

 -- Sebastian Andrzej Siewior <email address hidden> Fri, 17 Feb 2023 20:29:05 +0100

clamav (1.0.0+dfsg-6) unstable; urgency=medium

  [ Sebastian Andrzej Siewior ]
  * Add d/p/Add-an-option-to-avoid-setting-RPATH-on-unix-systems.patch to fix
    rpath issues

  [ Scott Kitterman ]
  * Remove obsolete usr/share/doc/*/NEWS.gz links from debian/*.links, no
    longer provided in the package (Thanks to Paul Wise for reporting)
    (Closes: #1029173)
  * Complete update of d/copyright for upstream file removal/reorganization
  * Restore and update clamav-freshclam and libclamav lintian-overrides for
    current lintian
  * Drop depends on obsolete package lsb-base

 -- Scott Kitterman <email address hidden> Sat, 21 Jan 2023 18:02:12 -0500

clamav (1.0.0+dfsg-5) unstable; urgency=medium

  [ Scott Kitterman ]
  * Update paths in d/tests/clamd for new source layout
  * Add misc:Pre-Depends to clamav-daemon and clamav-milter for
    init-system-helpers
  * Remove obsolete debian/NEWS file
  * More lintian override corrections
  * Start of removing obsolete d/copyright entries

  [ Sebastian Andrzej Siewior ]
  * Fix testsuite on big endian architectures.

 -- Scott Kitterman <email address hidden> Fri, 06 Jan 2023 12:33:39 -0500

clamav (1.0.0+dfsg-4) unstable; urgency=medium

### Old Ubuntu Delta ###

clamav (1.0.5+dfsg-1.1ubuntu3) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 17:48:52 +0000

clamav (1.0.5+dfsg-1.1ubuntu2) noble; urgency=medium

  * No-change rebuild against libcurl4t64

 -- Steve Langasek <email address hidden> Sat, 16 Mar 2024 06:09:48 +0000

clamav (1.0.5+dfsg-1.1ubuntu1) noble; urgency=medium

  * Merge with Debian unstable. Remaining changes:
     - d/p/resolve-armhf-ftbfs.patch: resolve armhf failure to build from
       source.
    - clamav-base.postinst.in: Quell warning from check for clamav user
      (LP 1920217).
    - Extend ifupdown script to support networkd-dispatcher.
      + d/clamav-freshclam-ifupdown: Modernize some parts of
        the script. Implement support for networkd-dispatcher.
      + d/clamav-freshclam.links: Install the
        clamav-freshclam-ifupdown script inside the proper
        /usr/lib/networkd-dispatcher/{off,routable}.d/
        directories. (LP 1718227)
  * Dropped:
    - po files update
      [previously undocumented]
      [causes merge conflict on rebase]

 -- Bryce Harrington <email address hidden> Tue, 05 Mar 2024 11:00:58 -0800

Bryce Harrington (bryce)
Changed in clamav (Ubuntu):
milestone: none → ubuntu-24.06
Bryce Harrington (bryce)
Changed in clamav (Ubuntu):
assignee: nobody → Bryce Harrington (bryce)
Bryce Harrington (bryce)
Changed in clamav (Ubuntu):
milestone: ubuntu-24.06 → ubuntu-24.05
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.