[packages/clamav] - up to 0.99.4; fixes CVE-2012-6706, CVE-2017-6419, CVE-2017-11423, CVE-2018-0202, and CVE-201
arekm
arekm at pld-linux.org
Tue Mar 20 12:05:00 CET 2018
commit 6eda919e16e0fce01e17288524743e311f9e306d
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Tue Mar 20 12:04:52 2018 +0100
- up to 0.99.4; fixes CVE-2012-6706, CVE-2017-6419,
CVE-2017-11423, CVE-2018-0202, and CVE-2018-1000085.
clamav-0.99.2-temp-cleanup.patch | 137 ---------------------------------------
clamav.spec | 6 +-
2 files changed, 2 insertions(+), 141 deletions(-)
---
diff --git a/clamav.spec b/clamav.spec
index 6c658d6..aafdd55 100644
--- a/clamav.spec
+++ b/clamav.spec
@@ -19,12 +19,12 @@
Summary: An anti-virus utility for Unix
Summary(pl.UTF-8): Narzędzie antywirusowe dla Uniksów
Name: clamav
-Version: 0.99.3
+Version: 0.99.4
Release: 1
License: GPL v2+
Group: Daemons
Source0: http://www.clamav.net/downloads/production/%{name}-%{version}.tar.gz
-# Source0-md5: 5272f127312e987b3e10c155cf1d84df
+# Source0-md5: b9359b90086948b3c4eb97c84cf4b400
Source1: %{name}.init
Source2: %{name}.sysconfig
Source3: %{name}-milter.init
@@ -45,7 +45,6 @@ Patch3: ac2.68.patch
Patch4: %{name}-openssl.patch
Patch5: %{name}-major.patch
Patch6: x32.patch
-Patch7: clamav-0.99.2-temp-cleanup.patch
URL: http://www.clamav.net/
BuildRequires: autoconf
BuildRequires: automake
@@ -190,7 +189,6 @@ Biblioteki statyczne clamav.
#%patch4 -p1
%patch5 -p1
%patch6 -p1
-%patch7 -p1
%build
export CFLAGS="%{rpmcflags} -Wall -W -Wmissing-prototypes -Wmissing-declarations -std=gnu99"
diff --git a/clamav-0.99.2-temp-cleanup.patch b/clamav-0.99.2-temp-cleanup.patch
deleted file mode 100644
index 1b01341..0000000
--- a/clamav-0.99.2-temp-cleanup.patch
+++ /dev/null
@@ -1,137 +0,0 @@
-https://github.com/vrtadmin/clamav-devel/commit/f5bc94cf01e6a19d5255c0e5f9a5bc2336f5a2b1
-backported (re-merge). See also:
-
- - https://bugzilla.clamav.net/show_bug.cgi?id=11549
- - https://github.com/e2guardian/e2guardian/issues/159
-
---- clamav-0.99.2/libclamav/scanners.c 2016-04-22 17:02:19.000000000 +0200
-+++ clamav-0.99.2/libclamav/scanners.c.temp-cleanup 2017-11-17 00:59:14.295670694 +0100
-@@ -1342,37 +1342,33 @@
- return CL_CLEAN;
- }
-
-- /* dump to disk only if explicitly asked to
-- * or if necessary to check relative offsets,
-- * otherwise we can process just in-memory */
-- if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) {
-- if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) {
-- cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n");
-- return ret;
-- }
-- if (ctx->engine->keeptmp)
-- cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname);
-- }
--
- if(!(normalized = cli_malloc(SCANBUFF + maxpatlen))) {
- cli_dbgmsg("cli_scanscript: Unable to malloc %u bytes\n", SCANBUFF);
-- free(tmpname);
- return CL_EMEM;
- }
--
- text_normalize_init(&state, normalized, SCANBUFF + maxpatlen);
-- ret = CL_CLEAN;
--
-
- if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0, troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0, CLI_DEFAULT_AC_TRACKLEN))) {
-- free(tmpname);
-- return ret;
-+ free(normalized);
-+ return ret;
- }
-
- if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) {
-- cli_ac_freedata(&tmdata);
-- free(tmpname);
-- return ret;
-+ cli_ac_freedata(&tmdata);
-+ free(normalized);
-+ return ret;
-+ }
-+
-+ /* dump to disk only if explicitly asked to
-+ * or if necessary to check relative offsets,
-+ * otherwise we can process just in-memory */
-+ if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) {
-+ if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) {
-+ cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n");
-+ goto done;
-+ }
-+ if (ctx->engine->keeptmp)
-+ cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname);
- }
-
- mdata[0] = &tmdata;
-@@ -1387,10 +1383,9 @@
- map_off += written;
-
- if (write(ofd, state.out, state.out_pos) == -1) {
-- cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname);
-- close(ofd);
-- free(tmpname);
-- return CL_EWRITE;
-+ cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname);
-+ ret = CL_EWRITE;
-+ goto done;
- }
- text_normalize_reset(&state);
- }
-@@ -1409,11 +1404,6 @@
- funmap(*ctx->fmap);
- }
- *ctx->fmap = map;
--
-- /* If we aren't keeping temps, delete the normalized file after scan. */
-- if(!(ctx->engine->keeptmp))
-- if (cli_unlink(tmpname)) ret = CL_EUNLINK;
--
- } else {
- /* Since the above is moderately costly all in all,
- * do the old stuff if there's no relative offsets. */
-@@ -1421,11 +1411,8 @@
- if (troot) {
- cli_targetinfo(&info, 7, map);
- ret = cli_ac_caloff(troot, &tmdata, &info);
-- if (ret) {
-- cli_ac_freedata(&tmdata);
-- free(tmpname);
-- return ret;
-- }
-+ if (ret)
-+ goto done;
- }
-
- while(1) {
-@@ -1466,13 +1453,6 @@
-
- }
-
-- if(ctx->engine->keeptmp) {
-- free(tmpname);
-- if (ofd >= 0)
-- close(ofd);
-- }
-- free(normalized);
--
- if(ret != CL_VIRUS || SCAN_ALL) {
- if ((ret = cli_exp_eval(ctx, troot, &tmdata, NULL, NULL)) == CL_VIRUS)
- viruses_found++;
-@@ -1481,9 +1461,19 @@
- viruses_found++;
- }
-
-+done:
-+ free(normalized);
- cli_ac_freedata(&tmdata);
- cli_ac_freedata(&gmdata);
-
-+ if (ofd != -1)
-+ close(ofd);
-+ if (tmpname != NULL) {
-+ if (!ctx->engine->keeptmp)
-+ cli_unlink(tmpname);
-+ free(tmpname);
-+ }
-+
- if (SCAN_ALL && viruses_found)
- return CL_VIRUS;
-
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/clamav.git/commitdiff/6eda919e16e0fce01e17288524743e311f9e306d
More information about the pld-cvs-commit
mailing list