Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package clamav for openSUSE:Factory checked
in at 2023-02-16 16:57:09
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/clamav (Old)
and /work/SRC/openSUSE:Factory/.clamav.new.22824 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "clamav"
Thu Feb 16 16:57:09 2023 rev:120 rq:1066149 version:0.103.8
Changes:
--------
--- /work/SRC/openSUSE:Factory/clamav/clamav.changes 2022-08-09
15:28:11.765598393 +0200
+++ /work/SRC/openSUSE:Factory/.clamav.new.22824/clamav.changes 2023-02-16
16:57:14.904301690 +0100
@@ -1,0 +2,14 @@
+Wed Feb 15 17:26:43 UTC 2023 - Arjen de Korte <suse+bu...@de-korte.org>
+
+- Update to 0.103.8
+ * CVE-2023-20032: Fixed a possible remote code execution vulnerability
+ in the HFS+ file parser. Issue affects versions 1.0.0 and earlier,
+ 0.105.1 and earlier, and 0.103.7 and earlier. (bsc#1208363)
+ * CVE-2023-20052: Fixed a possible remote information leak
+ vulnerability in the DMG file parser. Issue affects versions 1.0.0
+ and earlier, 0.105.1 and earlier, and 0.103.7 and earlier.
+ (bsc#1208365)
+ * Update vendored libmspack library to version 0.11alpha.
+- Package huge .html documentation in a separate subpackage.
+
+-------------------------------------------------------------------
Old:
----
clamav-0.103.7.tar.gz
clamav-0.103.7.tar.gz.sig
New:
----
clamav-0.103.8.tar.gz
clamav-0.103.8.tar.gz.sig
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ clamav.spec ++++++
--- /var/tmp/diff_new_pack.acqbLL/_old 2023-02-16 16:57:15.752305378 +0100
+++ /var/tmp/diff_new_pack.acqbLL/_new 2023-02-16 16:57:15.756305395 +0100
@@ -1,7 +1,7 @@
#
# spec file for package clamav
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -19,7 +19,7 @@
%bcond_with clammspack
%bcond_with valgrind
Name: clamav
-Version: 0.103.7
+Version: 0.103.8
Release: 0
Summary: Antivirus Toolkit
License: GPL-2.0-only
@@ -90,6 +90,15 @@
support, archive support, and multiple signature languages for
detecting threats.
+%package docs-html
+Summary: Documentation for ClamAV in HTML format
+Group: Productivity/Security
+Requires: %{name} = %{version}
+BuildArch: noarch
+
+%description docs-html
+Optional HTML documentation for ClamAV antivirus engine
+
%package milter
Summary: ClamAV Milter compatible mail scanner
Group: Productivity/Security
@@ -148,6 +157,7 @@
%patch6
%patch12
%patch14 -p1
+chmod -x docs/html/images/flamegraph.svg
%build
%if 0%{?suse_version} <= 1500
@@ -272,7 +282,6 @@
%files
%license COPYING*
-%doc docs/html/*
%config(noreplace) %{_sysconfdir}/clamd.conf
%config(noreplace) %{_sysconfdir}/freshclam.conf
%{_bindir}/clamav-config
@@ -311,6 +320,9 @@
%endif
%ghost %attr(755,vscan,vscan) /run/clamav
+%files docs-html
+%doc docs/html/*
+
%files milter
%config(noreplace) %{_sysconfdir}/clamav-milter.conf
%{_unitdir}/clamav-milter.service
++++++ clamav-0.103.7.tar.gz -> clamav-0.103.8.tar.gz ++++++
/work/SRC/openSUSE:Factory/clamav/clamav-0.103.7.tar.gz
/work/SRC/openSUSE:Factory/.clamav.new.22824/clamav-0.103.8.tar.gz differ: char
5, line 1
++++++ clamav-rpmlintrc ++++++
--- /var/tmp/diff_new_pack.acqbLL/_old 2023-02-16 16:57:15.856305830 +0100
+++ /var/tmp/diff_new_pack.acqbLL/_new 2023-02-16 16:57:15.860305847 +0100
@@ -1,5 +1,5 @@
-addFilter("non-standard-uid.*")
-addFilter("devel-file-in-non-devel-package.*")
addFilter("obsolete-not-provided")
addFilter("systemd-service-without-service_.* freshclam.service")
+addFilter("missing-call-to-setgroups-before-setuid /usr/bin/clamscan")
+addFilter("files-duplicated-waste")
