Hello community, here is the log from the commit of package clamav for openSUSE:Factory checked in at 2020-05-12 22:36:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/clamav (Old) and /work/SRC/openSUSE:Factory/.clamav.new.2738 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "clamav" Tue May 12 22:36:38 2020 rev:107 rq:803386 version:0.102.3 Changes: -------- --- /work/SRC/openSUSE:Factory/clamav/clamav.changes 2020-04-16 23:04:38.671749080 +0200 +++ /work/SRC/openSUSE:Factory/.clamav.new.2738/clamav.changes 2020-05-12 22:39:37.132781774 +0200 @@ -1,0 +2,18 @@ +Tue May 12 17:31:15 UTC 2020 - Arjen de Korte <suse+bu...@de-korte.org> + +- Update to 0.102.3 + * CVE-2020-3327: Fix a vulnerability in the ARJ archive parsing + module in ClamAV 0.102.2 that could cause a Denial-of-Service (DoS) + condition. Improper bounds checking of an unsigned variable results + in an out-of-bounds read which causes a crash. + * CVE-2020-3341: Fix a vulnerability in the PDF parsing module in + ClamAV 0.101 - 0.102.2 that could cause a Denial-of-Service (DoS) + condition. Improper size checking of a buffer used to initialize AES + decryption routines results in an out-of-bounds read which may cause + a crash. + * Fix "Attempt to allocate 0 bytes" error when parsing some PDF + documents. + * Fix a couple of minor memory leaks. + * Updated libclamunrar to UnRAR 5.9.2. + +------------------------------------------------------------------- Old: ---- clamav-0.102.2.tar.gz clamav-0.102.2.tar.gz.sig New: ---- clamav-0.102.3.tar.gz clamav-0.102.3.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ clamav.spec ++++++ --- /var/tmp/diff_new_pack.KYbdv3/_old 2020-05-12 22:39:44.564797284 +0200 +++ /var/tmp/diff_new_pack.KYbdv3/_new 2020-05-12 22:39:44.572797301 +0200 @@ -19,7 +19,7 @@ %define clamav_check --enable-check %bcond_with clammspack Name: clamav -Version: 0.102.2 +Version: 0.102.3 Release: 0 Summary: Antivirus Toolkit License: GPL-2.0-only ++++++ clamav-0.102.2.tar.gz -> clamav-0.102.3.tar.gz ++++++ /work/SRC/openSUSE:Factory/clamav/clamav-0.102.2.tar.gz /work/SRC/openSUSE:Factory/.clamav.new.2738/clamav-0.102.3.tar.gz differ: char 5, line 1 ++++++ clamav-conf.patch ++++++ --- /var/tmp/diff_new_pack.KYbdv3/_old 2020-05-12 22:39:44.628797418 +0200 +++ /var/tmp/diff_new_pack.KYbdv3/_new 2020-05-12 22:39:44.628797418 +0200 @@ -17,7 +17,7 @@ # Default: no default -#MilterSocket /tmp/clamav-milter.socket -#MilterSocket inet:7357 -+MilterSocket /var/run/clamav/clamav-milter-socket ++MilterSocket /run/clamav/clamav-milter-socket # Define the group ownership for the (unix) milter socket. # Default: disabled (the primary group of the user running clamd) @@ -35,7 +35,7 @@ # # Default: disabled -#PidFile /var/run/clamav-milter.pid -+PidFile /var/run/clamav/clamav-milter.pid ++PidFile /run/clamav/clamav-milter.pid # Optional path to the global temporary directory. # Default: system specific (usually /tmp or /var/tmp). @@ -44,7 +44,7 @@ # # Default: no default -#ClamdSocket tcp:scanner.mydomain:7357 -+ClamdSocket unix:/var/run/clamav/clamd-socket ++ClamdSocket unix:/run/clamav/clamd-socket ## @@ -100,7 +100,7 @@ # daemon (main thread). # Default: disabled -#PidFile /var/run/clamd.pid -+PidFile /var/run/clamav/clamd.pid ++PidFile /run/clamav/clamd.pid # Optional path to the global temporary directory. # Default: system specific (usually /tmp or /var/tmp). @@ -109,7 +109,7 @@ # Path to a local socket file the daemon will listen on. # Default: disabled (must be specified by a user) -#LocalSocket /tmp/clamd.socket -+LocalSocket /var/run/clamav/clamd-socket ++LocalSocket /run/clamav/clamd-socket # Sets the group ownership on the unix socket. # Default: disabled (the primary group of the user running clamd) @@ -176,7 +176,7 @@ # This option allows you to save the process identifier of the daemon # Default: disabled -#PidFile /var/run/freshclam.pid -+PidFile /var/run/clamav/freshclam.pid ++PidFile /run/clamav/freshclam.pid # By default when started freshclam drops privileges and switches to the # "clamav" user. This directive allows you to change the database owner. ++++++ clamav-disable-timestamps.patch ++++++ --- /var/tmp/diff_new_pack.KYbdv3/_old 2020-05-12 22:39:44.640797443 +0200 +++ /var/tmp/diff_new_pack.KYbdv3/_new 2020-05-12 22:39:44.640797443 +0200 @@ -82,4 +82,4 @@ +_ACEOF - VERSION="0.102.2" + VERSION="0.102.3" ++++++ service.clamd ++++++ --- /var/tmp/diff_new_pack.KYbdv3/_old 2020-05-12 22:39:44.720797609 +0200 +++ /var/tmp/diff_new_pack.KYbdv3/_new 2020-05-12 22:39:44.724797618 +0200 @@ -7,6 +7,7 @@ Type=forking ExecStart=/usr/sbin/clamd TimeoutStartSec=5min +ExecReload=/bin/kill -USR2 $MAINPID ;User=vscan ;Group=vscan ;PrivateTmp=yes