This bug was fixed in the package clamav - 0.99+dfsg-1ubuntu1 --------------- clamav (0.99+dfsg-1ubuntu1) xenial; urgency=medium
Merge from Debian. Remaining changes (LP: #1540491) : * Explicitly build using llvm-3.6. * Ignore test results on armhf. * debian/rules: Restore --with-llvm-linking=dynamic to avoid underlinkage causing FTBS * d/p/llvm-don-t-use-system-libs.patch: Do not use system libraries for linking : We are not linking the .a files so we don't care about the libs llvm links against (like -ledit) Dropping this patch will cause FTBS on Ubuntu with unresolvable -ledit Dropped changes : * debian/control : libsystemd-dev no longer renamed since it has been changed upstream. * d/p/0005-libclamav-use-libmspack.patch : Now part of upstream release. * d/p/0007-fix-ssize_t-size_t-off_t-printf-modifier.patch : Now part of upstream release to the exception of the sigtool/sigtool.c cast identified previously. d/p/0008-hardcode-LLVM-linker-flag-because-llvm-config-return.patch : Now part of upstream release. d/p/0012-remove-AC_CONFIG_SRCDIR-llvm-configure-from-libclama.patch * d/clamav-daemon.postinst.in: Fix typo which causes a crash while installing this package over any previous version (upgrading). Fixed upstream. * Explicitly build using llvm-3.5. Now build using llvm-3.6. clamav (0.99+dfsg-1) unstable; urgency=medium * Import final release of 0.99 * suggest libclamunrar7 instead of libclamunrar6 clamav (0.99~rc2+dfsg-2) experimental; urgency=medium * Drop LLVM usage on powerpc (it is broken since the v3.6 switch). clamav (0.99~rc2+dfsg-1) experimental; urgency=medium [ Andreas Cadhalpun ] * Import first upstream release candidate for 0.99. * Drop patches included upstream: - Avoid-emitting-incremental-progress-messages.patch - bb-10731-Allow-to-specificy-a-group-for-the-socket.patch - clamav-milter-add-additinal-SMFIF_-flags.patch - remove-unnecessary-harmful-flags-from-libclamav.pc.patch - hardcode-LLVM-linker-flag.patch * Disable Large File Support because it is incompatible with fts.h, which is required by the new upstream release. * Drop patches needing LFS: - libclamav-use-libmspack.patch - fix-ssize_t-size_t-off_t-printf-modifier.patch * Disable valgrind in the test suite again. It is too flaky. * Print all new options in one build attempt. * Preserve new OnAccessMountPath, OnAccessDisableDDD and OnAccessPrevention options in clamd.conf. * Rename libclamav6 to libclamav7 and update symbols file. * Add -Wl,--as-needed to LDFLAGS to avoid useless dependencies. * Remove unused lintian overrides. * Update debian/copyright. [ Sebastian Andrzej Siewior ] * add a LFS safe fts() implementation from glibc * bring back libmspack related patches (libclamav-use-libmspack.patch + fix-ssize_t-size_t-off_t-printf-modifier.patch) and -D_FILE_OFFSET_BITS=64 * fix a crash in clamdscan if file is passed via fd * Import second upstream release candidate for 0.99. clamav (0.99~beta1+dfsg-1) experimental; urgency=medium * use T=<timeout> so we can drop unit_tests-increment-test-timeout-from-40secs-to-5mi from the patch queue. * import new beta from upstream * depend on libpcre3-dev, required for YARA support * add new PCRE related options postist script for clamd * record new symbols in libclamav6.symbols * enable valgrind in the test suite and see how well it works across all architecures. * Update debian/copyright. clamav (0.98.7+dfsg-5) unstable; urgency=medium [ Andreas Cadhalpun ] * Drop patch numbers, because they cause too much diff noise. * Fix use-pkg-config-to-determine-CHECK_LIBS.patch so that the tests actually get run again. [ Sebastian Andrzej Siewior ] * Drop LLVM usage on powerpc (it is broken since the v3.6 switch). clamav (0.98.7+dfsg-4) unstable; urgency=medium * Add patch to support LLVM 3.6. * debian/clamav-milter.postinst.in: Update to reflect the change from examples/clamav-milter.conf to examples/clamav-milter.conf.sample. Thanks to Christian Schrötter. (Closes: #795190) * Use 'grep -a' instead of grep in maintainer scripts. (Closes: #799808) * Restore the SE Linux context when creating /var/lib/ucf/cache. Thanks to Russell Coker for the patch. (Closes: #802311) * Adapt debian/watch to new download location www.clamav.net/download.html. * Add patch to use pkg-config to determine CHECK_LIBS. The linker flags for check changed making the hardcoded flags useless. clamav (0.98.7+dfsg-3) unstable; urgency=medium [ Sebastian Andrzej Siewior ] * use T=<timeout> so we can drop unit_tests-increment-test-timeout-from-40secs-to-5mi from the patch queue. * add 0013-tfm-fix-compile-errors.patch and 0014-tfm-duct-tape-misscompile-on-armhf.patch to get it built on armhf with gcc-5. [ Andreas Cadhalpun ] * Prevent the logrotate scripts from aborting if reloading/restarting fails. Thanks to John Zaitseff. (Closes: #788652) clamav (0.98.7+dfsg-2) unstable; urgency=medium [ Andreas Cadhalpun ] * Increase MaxRecursion to the upstream default of 16. (Closes: #787249) * Bump the version for the PidFile removal check in the clamav-daemon and clamav-freshclam postinst scripts (Closes: #767353) * Add database existence check also to clamav-daemon.socket. This works around systemd bug #775458. (Closes: #775112) [ Sebastian Andrzej Siewior ] * also remove debian/clamav-freshclam.prerm clean clamav (0.98.7+dfsg-1) unstable; urgency=high [ Andreas Cadhalpun ] * Use SocketUser, SocketGroup and RemoveOnStop systemd socket options instead of using ExecStartPost and ExecStopPost for that. * Respect clamav-daemon's LocalSocket* options with the systemd unit by extending the clamav-daemon.socket file appropriately, when running dpkg-reconfigure clamav-daemon. (Closes: #783720) * Disable this extendend configuration, when handling the configuration file with debconf is disabled. * Disable clamav-daemon.socket in prerm script. [ Sebastian Andrzej Siewior ] * Import new upstream: - Improvements to PDF processing: decryption, escape sequence handling, and file property collection. - Scanning/analysis of additional Microsoft Office 2003 XML format. - Fix infinite loop condition on crafted y0da cryptor file. Identified and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221. - Fix crash on crafted petite packed file. Reported and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2222. - Fix false negatives on files within iso9660 containers. This issue was reported by Minzhuan Gong. - Fix a couple crashes on crafted upack packed file. Identified and patches supplied by Sebastian Andrzej Siewior. - Fix a crash during algorithmic detection on crafted PE file. Identified and patch supplied by Sebastian Andrzej Siewior. - Fix an infinite loop condition on a crafted "xz" archive file. This was reported by Dimitri Kirchner and Goulven Guiheux. CVE-2015-2668. - Fix compilation error after ./configure --disable-pthreads. Reported and fix suggested by John E. Krokes. - Apply upstream patch for possible heap overflow in Henry Spencer's regex library. CVE-2015-2305 (Closes: #778406). - Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2170. - Fix segfault scanning certain HTML files. Reported with sample by Kai Risku. - Improve detections within xar/pkg files. * update GPG key used to verify releases to get uscan/get_orig.sh working again. * update symbol version for cl_retflevel due to CL_FLEVEL change. -- Louis Bouchard <louis.bouch...@ubuntu.com> Mon, 15 Feb 2016 17:32:43 +0100 ** Changed in: clamav (Ubuntu) Status: Confirmed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-2170 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-2221 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-2222 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-2305 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-2668 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to clamav in Ubuntu. https://bugs.launchpad.net/bugs/1540491 Title: Please merge clamav 0.99+dfsg-1 (main) from Debian stable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/1540491/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs