Change log for clamav package in Debian
1 → 75 of 173 results | First • Previous • Next • Last |
Published in sid-release |
clamav (1.0.5+dfsg-1.1) unstable; urgency=medium * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. Closes: #1062072 -- Steve Langasek <email address hidden> Wed, 28 Feb 2024 15:44:10 +0000
Published in sid-release |
clamav (1.0.5+dfsg-1) unstable; urgency=medium * Import 1.0.4 (Closes: #1063479). - Update symbols. - CVE-2024-20290 (Fixed a possible heap overflow read bug in the OLE2 file parser that could cause a denial-of-service (DoS) condition.) - CVE-2024-20328 (Fixed a possible command injection vulnerability in the "VirusEvent" feature of ClamAV's ClamD service. -- Sebastian Andrzej Siewior <email address hidden> Thu, 08 Feb 2024 21:38:51 +0100
Published in experimental-release |
clamav (1.2.1+dfsg-3) experimental; urgency=medium * Add proper Breaks/Replaces for the docs vs clamav. Rightfully reported by Andreas Beckmann (Closes: #1055494). * Update Swedish translation. Updated by Martin Bagge and Anders Jonsson (Closes: #1062665). * Rename libraries for 64-bit time_t transition. Based on NMU from Steve Langasek (Closes: #1062072). -- Sebastian Andrzej Siewior <email address hidden> Sat, 03 Feb 2024 12:27:16 +0100
Superseded in sid-release |
clamav (1.0.4+dfsg-1) unstable; urgency=medium * Import 1.0.4 - Update symbols. * Add systemd-dev to Build-Depends (Closes: #1060559). * Mark clamav-base as foreign (Closes: #1060889). -- Sebastian Andrzej Siewior <email address hidden> Sat, 20 Jan 2024 11:57:33 +0100
Superseded in experimental-release |
clamav (1.2.1+dfsg-2) experimental; urgency=medium * Drop the PE patches, an alternative patch went upstream. * Add proper Breaks/Replaces for the docs transitional packages. Rightfully reported by Andreas Beckmann (Closes: #1055494). -- Sebastian Andrzej Siewior <email address hidden> Tue, 07 Nov 2023 22:03:07 +0100
Superseded in experimental-release |
clamav (1.2.1+dfsg-1) experimental; urgency=medium * Import 1.2.1 * Add libclamav12 after so bump. * Move documentation to clamav-doc. -- Sebastian Andrzej Siewior <email address hidden> Sun, 05 Nov 2023 21:29:59 +0100
Published in bullseye-release |
clamav (0.103.10+dfsg-0+deb11u1) bullseye; urgency=medium * Import 0.103.10 -- Sebastian Andrzej Siewior <email address hidden> Sat, 09 Sep 2023 17:25:07 +0200
Published in bookworm-release |
clamav (1.0.3+dfsg-1~deb12u1) bookworm; urgency=medium * Import 1.0.3 * Remove unnecessary warning messages in freshclam during update. -- Sebastian Andrzej Siewior <email address hidden> Sat, 09 Sep 2023 16:36:13 +0200
Superseded in sid-release |
clamav (1.0.3+dfsg-2) unstable; urgency=medium * Remove unnecessary warning messages in freshclam during update. -- Sebastian Andrzej Siewior <email address hidden> Sat, 09 Sep 2023 12:49:40 +0200
Superseded in sid-release |
clamav (1.0.2+dfsg-1) unstable; urgency=medium * Import 1.0.2 (Closes: #1050057) - CVE-2023-20197 (Possible DoS in HFS+ file parser). - CVE-2023-20212 (Possible DoS in AutoIt file parser). * Use cmake for xml2 detection (Closes: #949100). * Replace tomsfastmath with OpenSSL's BN. * Don't enable clamonacc by default (Closes: #1030171). * Let the clamav-daemon.socket depend on the service file again (Closes: #1044136). -- Sebastian Andrzej Siewior <email address hidden> Sat, 19 Aug 2023 19:07:32 +0200
Superseded in bullseye-release |
clamav (0.103.8+dfsg-0+deb11u1) bullseye; urgency=medium * Import 0.103.8 (Closes: #1031509) - CVE-2023-20032 (Possible RCE in the HFS+ file parser). - CVE-2023-20052 (Possible information leak in the DMG file parser). -- Sebastian Andrzej Siewior <email address hidden> Fri, 17 Feb 2023 21:43:57 +0100
clamav (1.0.1+dfsg-2) unstable; urgency=medium * Depend on latest libtfm1 (Closes: #1031896, #1027010). -- Sebastian Andrzej Siewior <email address hidden> Sun, 26 Feb 2023 17:39:06 +0100
Superseded in sid-release |
clamav (1.0.1+dfsg-1) unstable; urgency=medium * Import 1.0.1 (Closes: #1031509) - CVE-2023-20032 (Possible RCE in the HFS+ file parser). - CVE-2023-20052 (Possible information leak in the DMG file parser). -- Sebastian Andrzej Siewior <email address hidden> Fri, 17 Feb 2023 20:29:05 +0100
Superseded in sid-release |
clamav (1.0.0+dfsg-6) unstable; urgency=medium [ Sebastian Andrzej Siewior ] * Add d/p/Add-an-option-to-avoid-setting-RPATH-on-unix-systems.patch to fix rpath issues [ Scott Kitterman ] * Remove obsolete usr/share/doc/*/NEWS.gz links from debian/*.links, no longer provided in the package (Thanks to Paul Wise for reporting) (Closes: #1029173) * Complete update of d/copyright for upstream file removal/reorganization * Restore and update clamav-freshclam and libclamav lintian-overrides for current lintian * Drop depends on obsolete package lsb-base -- Scott Kitterman <email address hidden> Sat, 21 Jan 2023 18:02:12 -0500
Superseded in sid-release |
clamav (1.0.0+dfsg-5) unstable; urgency=medium [ Scott Kitterman ] * Update paths in d/tests/clamd for new source layout * Add misc:Pre-Depends to clamav-daemon and clamav-milter for init-system-helpers * Remove obsolete debian/NEWS file * More lintian override corrections * Start of removing obsolete d/copyright entries [ Sebastian Andrzej Siewior ] * Fix testsuite on big endian architecures. -- Scott Kitterman <email address hidden> Fri, 06 Jan 2023 12:33:39 -0500
Superseded in sid-release |
clamav (1.0.0+dfsg-4) unstable; urgency=medium * Drop unneeded build-depends on rust-lldb (Closes: #1027948). -- Scott Kitterman <email address hidden> Wed, 04 Jan 2023 18:32:47 -0500
Superseded in sid-release |
clamav (1.0.0+dfsg-3) unstable; urgency=medium * Upload to unstable * Directly trigger html docs build to fix lack of html docs and update clamav-docs.install * Fixup duplicate globs in d/copyright * Update paths for new source layout in lintian overrides * Update clean rule for new tests * Add debian/source/options to ignore changes in Cargo.lock when regenerated during build * Remove obsolete overrides from d/rules -- Scott Kitterman <email address hidden> Wed, 04 Jan 2023 15:06:03 -0500
Deleted in experimental-release (Reason: None provided.) |
clamav (1.0.0+dfsg-2) experimental; urgency=medium [ Scott Kitterman ] * Add libclamav11 replaces libclamav9 since the libfreshclam so name did not change (Closes: #1027698). [ Sebastian Andrzej Siewior ] * Use a version-script and limit the exported symbols of libclamav and libfreshclam. -- Sebastian Andrzej Siewior <email address hidden> Mon, 02 Jan 2023 18:38:42 +0100
Superseded in experimental-release |
clamav (1.0.0+dfsg-1) experimental; urgency=medium * Update to 1.0.0 (Closes: #1006179). -- Sebastian Andrzej Siewior <email address hidden> Sat, 31 Dec 2022 13:44:59 +0100
Published in buster-release |
clamav (0.103.6+dfsg-0+deb10u1) buster; urgency=medium * Import 0.103.6 - CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file parser). - CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan verdict cache check). - CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file parser). - CVE-2022-20785 (Possible memory leak in the HTML file parser/ Javascript normalizer). - CVE-2022-20792 (Possible multi-byte heap buffer overflow write vulnerability in the signature database load module. - Update symbol file. -- Sebastian Andrzej Siewior <email address hidden> Thu, 26 May 2022 10:19:13 +0200
Superseded in bullseye-release |
clamav (0.103.7+dfsg-0+deb11u1) bullseye; urgency=medium * Import 0.103.7 - Update symbol file. -- Sebastian Andrzej Siewior <email address hidden> Sun, 21 Aug 2022 21:28:52 +0200
Superseded in sid-release |
clamav (0.103.7+dfsg-1) unstable; urgency=medium * Import 0.103.7 - Update symbol file. -- Sebastian Andrzej Siewior <email address hidden> Sun, 14 Aug 2022 21:33:51 +0200
Superseded in bullseye-release |
clamav (0.103.6+dfsg-0+deb11u1) bullseye; urgency=medium * Import 0.103.6 - CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file parser). - CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan verdict cache check). - CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file parser). - CVE-2022-20785 (Possible memory leak in the HTML file parser/ Javascript normalizer). - CVE-2022-20792 (Possible multi-byte heap buffer overflow write vulnerability in the signature database load module. - Update symbol file. -- Sebastian Andrzej Siewior <email address hidden> Thu, 26 May 2022 10:17:16 +0200
Superseded in sid-release |
clamav (0.103.6+dfsg-1) unstable; urgency=medium * Import 0.103.6 - CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file parser). - CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan verdict cache check). - CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file parser). - CVE-2022-20785 (Possible memory leak in the HTML file parser/ Javascript normalizer). - CVE-2022-20792 (Possible multi-byte heap buffer overflow write vulnerability in the signature database load module. - Update symbol file. -- Sebastian Andrzej Siewior <email address hidden> Thu, 12 May 2022 18:55:59 +0200
Available diffs
Superseded in buster-release |
clamav (0.103.5+dfsg-0+deb10u1) buster; urgency=medium * Import 0.103.5 - CVE-2022-20698 (Fix for invalid pointer read that may cause a crash). - Update symbol file. -- Sebastian Andrzej Siewior <email address hidden> Thu, 13 Jan 2022 21:51:03 +0100
Superseded in bullseye-release |
clamav (0.103.5+dfsg-0+deb11u1) bullseye; urgency=medium * Import 0.103.5 - CVE-2022-20698 (Fix for invalid pointer read that may cause a crash). - Update symbol file. -- Sebastian Andrzej Siewior <email address hidden> Thu, 13 Jan 2022 21:49:00 +0100
Superseded in sid-release |
clamav (0.103.5+dfsg-1) unstable; urgency=medium * Import 0.103.5 - CVE-2022-20698 (Fix for invalid pointer read that may cause a crash). - Update symbol file. -- Sebastian Andrzej Siewior <email address hidden> Wed, 12 Jan 2022 21:31:23 +0100
Available diffs
Superseded in sid-release |
clamav (0.103.4+dfsg-1) unstable; urgency=medium * Import 0.103.4 - Update symbol file. * Add clamonacc.8. * Install clamonacc only on Linux. Patch by Laurent Bigonvill (Closes: #992776). * Drop unused libidn11-dev dependency, suggested by Simon Josefsson (Closes: #991976). -- Sebastian Andrzej Siewior <email address hidden> Tue, 16 Nov 2021 22:03:15 +0100
Available diffs
Superseded in buster-release |
clamav (0.103.3+dfsg-0+deb10u1) buster; urgency=medium * Import 0.103.3 - Update symbol file. - Regression: clamdscan segfaults with --fdpass --multipass and ExcludePath (Closes: #988218). * Remove clamav user on purge (Closes: #987861). * Remove freshclam.dat on purge. -- Sebastian Andrzej Siewior <email address hidden> Sat, 04 Sep 2021 15:51:26 +0200
Superseded in bullseye-release |
clamav (0.103.3+dfsg-0+deb11u1) bullseye; urgency=medium * Import 0.103.3 - Update symbol file. - Regression: clamdscan segfaults with --fdpass --multipass and ExcludePath (Closes: #988218). * Remove clamav user on purge (Closes: #987861). * Remove freshclam.dat on purge. -- Sebastian Andrzej Siewior <email address hidden> Sat, 04 Sep 2021 16:48:13 +0200
Superseded in sid-release |
clamav (0.103.3+dfsg-1) unstable; urgency=medium * Import 0.103.2 - Update symbol file. - Regression: clamdscan segfaults with --fdpass --multipass and ExcludePath (Closes: #988218). * Remove clamav user on purge (Closes: #987861). * Remove freshclam.dat on purge. -- Sebastian Andrzej Siewior <email address hidden> Fri, 02 Jul 2021 00:06:16 +0200
Available diffs
- diff from 0.103.2+dfsg-2 to 0.103.3+dfsg-1 (20.1 KiB)
Superseded in buster-release |
clamav (0.103.2+dfsg-0+deb10u1) buster; urgency=medium [ Sebastian Andrzej Siewior ] * Import 0.103.2 - CVE-2021-1252 (Fix for Excel XLM parser infinite loop.) - CVE-2021-1404 (Fix for PDF parser buffer over-read; possible crash.) - CVE-2021-1405 (Fix for mail parser NULL-dereference crash.) - Fix testsuite in an IPv6 only environment (Closes: #963853). - Update symbol file. - Drop CURL_CA_BUNDLE related patch, changes applied upstream. (Closes: #986622). * Rename NEWS.Debian to NEWS. * Update lintian overrides. * Update apparmor profile for freshclam. Thanks to Michael Borgelt. (Closes: #972974) * Update apparmor profile for clamd. Thanks to Stefano Callegari. (Closes: #973619). * Remove deprecated option SafeBrowsing from debconf templates. [ Helmut Grohne ] * Honour DEB_BUILD_OPTIONS=nocheck again. (Closes: #960843) -- Sebastian Andrzej Siewior <email address hidden> Wed, 14 Apr 2021 08:38:52 +0200
clamav (0.103.2+dfsg-2) unstable; urgency=medium * Remove deprecated option SafeBrowsing from debconf templates. -- Sebastian Andrzej Siewior <email address hidden> Thu, 15 Apr 2021 21:59:11 +0200
Available diffs
- diff from 0.103.2+dfsg-1 to 0.103.2+dfsg-2 (23.8 KiB)
Superseded in sid-release |
clamav (0.103.2+dfsg-1) unstable; urgency=medium * Import 0.103.2 - CVE-2021-1252 (Fix for Excel XLM parser infinite loop.) - CVE-2021-1404 (Fix for PDF parser buffer over-read; possible crash.) - CVE-2021-1405 (Fix for mail parser NULL-dereference crash.) - Update symbol file. (Closes: #986622). -- Sebastian Andrzej Siewior <email address hidden> Mon, 12 Apr 2021 21:31:08 +0200
Available diffs
- diff from 0.103.0+dfsg-3.1 to 0.103.2+dfsg-1 (137.9 KiB)
Superseded in sid-release |
clamav (0.103.0+dfsg-3.1) unstable; urgency=medium * Non-maintainer upload. * debian/patches: Apply upstream patch to fix call of ck_assert_msg (Closes: #980592) -- Sebastian Ramacher <email address hidden> Sun, 21 Feb 2021 16:00:07 +0100
Available diffs
- diff from 0.103.0+dfsg-3 to 0.103.0+dfsg-3.1 (16.5 KiB)
Superseded in sid-release |
clamav (0.103.0+dfsg-3) unstable; urgency=medium * Update apparmor profile for clamd. Thanks to Stefano Callegari. (Closes: #973619). -- Sebastian Andrzej Siewior <email address hidden> Tue, 03 Nov 2020 22:03:19 +0100
Available diffs
Superseded in sid-release |
clamav (0.103.0+dfsg-2) unstable; urgency=medium * Update apparmor profile for freshclam. Thanks to Michael Borgelt. (Closes: #972974) * Fix testsuite in an IPv6 only environment (Closes: #963853). -- Sebastian Andrzej Siewior <email address hidden> Sun, 01 Nov 2020 20:29:46 +0100
Available diffs
Superseded in sid-release |
clamav (0.103.0+dfsg-1) unstable; urgency=medium * Import 0.103.0 - Drop CURL_CA_BUNDLE related patch, changes applied upstream. - Update symbol file. * Rename NEWS.Debian to NEWS. * Update lintian overrides. -- Sebastian Andrzej Siewior <email address hidden> Sat, 24 Oct 2020 18:05:10 +0200
Superseded in buster-release |
clamav (0.102.4+dfsg-0+deb10u1) buster; urgency=medium * Import 0.102.4 - CVE-2020-3350 (A malicious user trick clamav into moving a different file). - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module). - CVE-2020-3481 (A vulnerability in the EGG archive module). * Update symbol file. -- Sebastian Andrzej Siewior <email address hidden> Sat, 18 Jul 2020 00:22:32 +0200
Published in stretch-release |
clamav (0.102.3+dfsg-0~deb9u1) stretch; urgency=medium [ Sebastian Andrzej Siewior ] * Import 0.102.3 - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module) - CVE-2020-3341 (A vulnerability in the PDF parsing module) * Update symbol file. [ Scott Kitterman ] * Add Suggests for unversioned libclamunrar package on clamav-daemon and clamav binaries -- Sebastian Andrzej Siewior <email address hidden> Sat, 30 May 2020 00:12:26 +0200
Superseded in sid-release |
clamav (0.102.4+dfsg-1) unstable; urgency=medium [ Helmut Grohne ] * Honour DEB_BUILD_OPTIONS=nocheck again. (Closes: #960843) [ Scott Kitterman ] * Add Suggests for unversioned libclamunrar package on clamav-daemon and clamav binaries [ Sebastian Andrzej Siewior ] * Import 0.102.4 - CVE-2020-3350 (A malicious user trick clamav into moving a different file). - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module). - CVE-2020-3481 (A vulnerability in the EGG archive module). * Update symbol file. -- Sebastian Andrzej Siewior <email address hidden> Fri, 17 Jul 2020 20:30:03 +0200
Available diffs
- diff from 0.102.3+dfsg-1 to 0.102.4+dfsg-1 (19.4 KiB)
Superseded in sid-release |
clamav (0.102.3+dfsg-1) unstable; urgency=medium * Import 0.102.3 - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module) - CVE-2020-3341 (A vulnerability in the PDF parsing module) * Update symbol file. -- Sebastian Andrzej Siewior <email address hidden> Sat, 16 May 2020 17:12:04 +0200
Available diffs
Superseded in buster-release |
clamav (0.102.2+dfsg-0+deb10u1) buster; urgency=medium * Import 0.102.2 - CVE-2020-3123 (DoS may occur in the optional DLP feature) (Closes: 950944). * Update symbol file. * Set ReceiveTimeout to 0 which is upstream default. * Add a patch to let freshclam consider CURL_CA_BUNDLE environment variable to set the CA bundle (like curl does) (Closes: #951057). * Recommend ca-certificates, new freshclash uses https by default. -- Sebastian Andrzej Siewior <email address hidden> Sat, 22 Feb 2020 14:39:45 +0100
Superseded in sid-release |
clamav (0.102.2+dfsg-2) unstable; urgency=medium * Add a patch to let freshclam consider CURL_CA_BUNDLE environment variable to set the CA bundle (like curl does) (Closes: #951057). * Recommend ca-certificates, new freshclash uses https by default. * Bump standards-version to 4.5.0 without further change * Use dh-compat level 12. -- Sebastian Andrzej Siewior <email address hidden> Sat, 22 Feb 2020 13:41:02 +0100
Superseded in sid-release |
clamav (0.102.2+dfsg-1) unstable; urgency=medium * Import 0.102.2 - CVE-2020-3123 (DoS may occur in the optional DLP feature) (Closes: 950944). * Update symbol file. * Set ReceiveTimeout to 0 which is upstream default. -- Sebastian Andrzej Siewior <email address hidden> Sun, 09 Feb 2020 20:24:46 +0100
Superseded in stretch-release |
clamav (0.102.1+dfsg-0+deb9u2) stretch; urgency=medium * clamav-daemon: Correct error from ScanOnAccess option removal so that setting LogFile options via DebConf works again (Closes: #950296) -- Scott Kitterman <email address hidden> Fri, 31 Jan 2020 16:49:37 -0500
Superseded in buster-release |
clamav (0.102.1+dfsg-0+deb10u2) buster; urgency=medium * clamav-daemon: Correct error from ScanOnAccess option removal so that setting LogFile options via DebConf works again (Closes: #950296) -- Scott Kitterman <email address hidden> Fri, 31 Jan 2020 16:49:37 -0500
Superseded in sid-release |
clamav (0.102.1+dfsg-3) unstable; urgency=medium * clamav-daemon: Do not cause an error on start if /run/clamav already exists * clamav-daemon: Correct error from ScanOnAccess option removal so that setting LogFile options via DebConf works again (Closes: #950296) (LP: #1861497) -- Scott Kitterman <email address hidden> Fri, 31 Jan 2020 16:49:37 -0500
Superseded in sid-release |
clamav (0.102.1+dfsg-2) unstable; urgency=medium * Add the clamonacc binary to the clamav-daemon package. * Drop ScanOnAccess option. The clamonacc provides this functionality. -- Sebastian Andrzej Siewior <email address hidden> Mon, 23 Dec 2019 20:54:21 +0100
Superseded in sid-release |
clamav (0.102.1+dfsg-1) unstable; urgency=medium * Import 0.102.1 (Closes: #945265) - CVE-2019-15961 (A Denial-of-Service as a result of excessively long scan times). - Let freshclam show progress during download (Closes: #690789). * Update symbol file. * Add libfreshclam to the libclamav9 package. -- Sebastian Andrzej Siewior <email address hidden> Sat, 30 Nov 2019 19:22:15 +0100
Superseded in stretch-release |
clamav (0.101.4+dfsg-0+deb9u1) stretch; urgency=medium * Import 0.101.4 (Closes: 921190) - CVE-2019-12625 (Add scan time limit to limit the processing zip-bombs) (Closes:934359) - CVE-2019-12900 (An out of bounds write was possible within ClamAV's NSIS bzip) - update symbols file (bump to 101.4 and drop unused cli_strnstr). -- Sebastian Andrzej Siewior <email address hidden> Sun, 25 Aug 2019 14:08:40 +0200
Superseded in buster-release |
clamav (0.101.4+dfsg-0+deb10u1) buster; urgency=medium * Import 0.101.4 - CVE-2019-12625 (Add scan time limit to limit the processing zip-bombs) (Closes:934359) - CVE-2019-12900 (An out of bounds write was possible within ClamAV's NSIS bzip) - update symbols file (bump to 101.4 and drop unused cli_strnstr). -- Sebastian Andrzej Siewior <email address hidden> Sun, 25 Aug 2019 12:53:19 +0200
Superseded in sid-release |
clamav (0.101.4+dfsg-1) unstable; urgency=medium * Import 0.101.4 - CVE-2019-12625 (Add scan time limit to limit the processing zip-bombs) (Closes:934359) - CVE-2019-12900 (An out of bounds write was possible within ClamAV's NSIS bzip) - update symbols file (bump to 101.4 and drop unused cli_strnstr). -- Sebastian Andrzej Siewior <email address hidden> Sun, 25 Aug 2019 12:38:25 +0200
Superseded in sid-release |
clamav (0.101.2+dfsg-3) unstable; urgency=medium * Cherry-pick a fix from 0.101.3 to address a vulnerability to non-recursive zip bombs. -- Sebastian Andrzej Siewior <email address hidden> Tue, 06 Aug 2019 21:42:06 +0200
Superseded in sid-release |
clamav (0.101.2+dfsg-2) unstable; urgency=medium * Remove python from build-depends: - Only needed for llvm, which is currently (and probably permanently) disabled - Support python2 removal, if this comes back, it will need to be python3 -- Scott Kitterman <email address hidden> Fri, 02 Aug 2019 09:20:43 -0400
Superseded in stretch-release |
clamav (0.100.3+dfsg-0+deb9u1) stretch; urgency=medium * New upstream security release - Fixes for the following vulnerabilities: - [CVE-2019-1787]: An out-of-bounds heap read condition may occur when scanning PDF documents. The defect is a failure to correctly keep track of the number of bytes remaining in a buffer when indexing file data. - [CVE-2019-1789]: An out-of-bounds heap read condition may occur when scanning PE files (i.e. Windows EXE and DLL files) that have been packed using Aspack as a result of inadequate bound-checking. - [CVE-2019-1788]: An out-of-bounds heap write condition may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. The invalid write happens when an invalid pointer is mistakenly used to initialize a 32bit integer to zero. This is likely to crash the application. * Update debian/copyright * Update private symbols for new upstream release -- Scott Kitterman <email address hidden> Fri, 29 Mar 2019 19:40:34 -0400
clamav (0.101.2+dfsg-1) unstable; urgency=high * Import 0.101.2 - CVE-2019-1787 (An out-of-bounds heap read condition may occur when scanning PDF documents) - CVE-2019-1789 (An out-of-bounds heap read condition may occur when scanning PE files) - CVE-2019-1788 (An out-of-bounds heap write condition may occur when scanning OLE2 files) - CVE-2019-1786 (An out-of-bounds heap read condition may occur when scanning malformed PDF documents) - CVE-2019-1785 (A path-traversal write condition may occur as a result of improper input validation when scanning RAR archives) - CVE-2019-1798 (A use-after-free condition may occur as a result of improper error handling when scanning nested RAR archives) - update symbols file - Remove DetectBrokenExecutables option from clamd template, it is deprecated. * Drop the dbgsym migration line. * Bump standards-version to 4.3.0 without further change -- Sebastian Andrzej Siewior <email address hidden> Sat, 30 Mar 2019 16:25:48 +0100
clamav (0.101.1+dfsg-3) unstable; urgency=medium * Upload to unstable. -- Sebastian Andrzej Siewior <email address hidden> Thu, 28 Feb 2019 23:36:02 +0100
Deleted in experimental-release (Reason: None provided.) |
clamav (0.101.1+dfsg-2) experimental; urgency=medium [ Scott Kitterman ] * Add information to README.Debian on configuring clamav-milter's socket to work with postfix [ Sebastian Andrzej Siewior ] * debian/libclamav-dev.install: also install clamav-types.h -- Scott Kitterman <email address hidden> Mon, 04 Feb 2019 10:12:57 -0500
Superseded in experimental-release |
clamav (0.101.1+dfsg-1) experimental; urgency=medium [ Scott Kitterman ] * Update debian/copyright * Add Build-Depends-Package to libclamav9.symbols * Update clamav-docs.doc-base for re-organized documentation * Add lintian override for source-is-missing on test file that happens to have long line length * Drop build-depends on electric-fence, upstream no longer ships the relevant tests that used it [ Sebastian Andrzej Siewior ] * Import 0.101.1 - update symbol file - add back the json/curl configure options (don't rely on autodetect). * Add abstractions/openssl to apparmor's profile. Thanks to intrigeri for the help (Closes: #913020). * Load the apparmor profile before starting the daemon. Thanks to intrigeri for the help (Closes: #903834). * Add attach_disconnected to freshclam's apparmor profile to hopefully get it properly working in overlayfs enviroment. Thanks to Vincas Dargis (Closes: #917648). -- Sebastian Andrzej Siewior <email address hidden> Fri, 11 Jan 2019 23:00:17 +0100
Superseded in experimental-release |
clamav (0.101.0+dfsg-1) experimental; urgency=medium [ Scott Kitterman ] * Increase clamd socket command read timeout to 30 seconds (Closes: #915098) [ Sebastian Andrzej Siewior ] * Import new upstream release. - update symbol file. - add new options to the config file. - package libclamav9 -- Sebastian Andrzej Siewior <email address hidden> Wed, 19 Dec 2018 21:22:53 +0100
clamav (0.100.2+dfsg-2) unstable; urgency=medium * Increase clamd socket command read timeout to 30 seconds (Closes: #915098) -- Scott Kitterman <email address hidden> Fri, 07 Dec 2018 14:24:26 -0500
Superseded in stretch-release |
clamav (0.100.2+dfsg-0+deb9u1) stretch; urgency=medium * Import new upstream - Bump symbol version due to new version. - CVE-2018-15378 (Closes: #910430). * add NEWS.md and README.md from upstream * Fix infinite loop in dpkg-reconfigure, Patch by Santiago Ruano Rincón (Closes: #905044). -- Sebastian Andrzej Siewior <email address hidden> Fri, 12 Oct 2018 23:44:44 +0200
clamav (0.100.2+dfsg-1) unstable; urgency=medium * Import new upstream - Bump symbol version due to new version. - CVE-2018-15378 (Closes: #910430). * add NEWS.md and README.md from upstream * Fix infinite loop in dpkg-reconfigure, Patch by Santiago Ruano Rincón (Closes: #905044). -- Sebastian Andrzej Siewior <email address hidden> Wed, 10 Oct 2018 00:15:02 +0200
Superseded in stretch-release |
clamav (0.100.0+dfsg-0+deb9u2) stretch; urgency=medium * Don't fail on recently removed config options (Closes: #902290). -- Sebastian Andrzej Siewior <email address hidden> Wed, 04 Jul 2018 23:14:43 +0200
clamav (0.100.1+dfsg-1) unstable; urgency=medium [ Scott Kitterman ] * Only create clamav user during clamav-base install if it does not exist (LP: #121872) - Thanks to Shane Williams for the patch * Remove spurious debian/changelog entry for the above change from the 0.100.0~beta+dfsg-1 entry since the change was not actually included [ Sebastian Andrzej Siewior ] * Import new upstream. * Bump symbol version due to new version. * Add read permission for freshclam on /var/log in the apparmor profile. Thanks to Robie Basak (Closes: #902601). * Bump standards-version to 4.1.5 without further change -- Sebastian Andrzej Siewior <email address hidden> Wed, 11 Jul 2018 21:44:30 +0200
Published in jessie-release |
clamav (0.100.0+dfsg-0+deb8u1) jessie; urgency=medium [ Sebastian Andrzej Siewior ] * New upstream release. - remove various documentation files including Changelog from the file list because they are no longer included in upstream archive. - update symbol file * Don't replace config file with sample config after debconf gets disabled (in milter and daemon (Closes: #870253). * Add bytecode.c(l|v)d to log clamav-freshclam.logcheck.ignore.server. Patch by Václav Ovsík <email address hidden> (Closes: #868766). * Disable the freshclam service if changed to `manual' mode so it does not start again after system reboot with systemd (Closes: #881780). * Drop "demime = *" from Debian.README for clamav, this option is deprecated and will be removed from exim (Closes: #881634). * Point Vcs-* tags to salsa. [ Scott Kitterman ] * Update README.Debian to describe how to disable apparmor for clamav-daemon and clamav-freshclam (Closes: #884707) -- Sebastian Andrzej Siewior <email address hidden> Wed, 25 Apr 2018 21:58:31 +0200
clamav (0.100.0+dfsg-1) unstable; urgency=medium * New upstream release. - remove various documentation files including Changelog from the file list because they are no longer included in upstream archive. -- Sebastian Andrzej Siewior <email address hidden> Wed, 11 Apr 2018 23:49:43 +0200
clamav (0.100.0~beta+dfsg-2) unstable; urgency=medium * Switch to pcre2 which is newer (Closes: #891195). * Cherry pick patches referenced in bb#11973 and bb#11980 to fix CVE-2018-0202. * Use compat level 11. -- Sebastian Andrzej Siewior <email address hidden> Sat, 10 Mar 2018 14:43:43 +0100
Superseded in stretch-release |
clamav (0.99.4+dfsg-1+deb9u1) stretch; urgency=medium * Update to upstream 0.99.4: Fixes for CVE: CVE-2018-1000085, CVE-2018-0202. * Update the gpg signing key (the old DSA expired). * Update version of private symbols due to version change. * Bump symbol version of cl_retflevel because CL_FLEVEL changed. -- Sebastian Andrzej Siewior <email address hidden> Sat, 03 Mar 2018 12:15:58 +0100
clamav (0.100.0~beta+dfsg-1) unstable; urgency=medium [ Scott Kitterman ] * Only create clamav user during clamav-base install if it does not exist (LP: #121872) - Thanks to Shane Williams for the patch * Add lintian override for clamav-freshclam: duplicate-updaterc.d-calls-in- postinst clamav-freshclam * New upstream beta release * Bump standards-version to 4.1.3 without further change * Update README.Debian to describe how to disable apparmor for clamav-daemon and clamav-freshclam (Closes: #884707) [ Sebastian Andrzej Siewior ] * Point Vcs-* tags to salsa. -- Scott Kitterman <email address hidden> Fri, 09 Feb 2018 18:23:25 -0500
clamav (0.99.3~beta2+dfsg-1) unstable; urgency=medium * Update upstream's signing gpg key * Update to beta2: - freshclam does not complain that clamav is outdated (Closes: #873401). -- Sebastian Andrzej Siewior <email address hidden> Mon, 08 Jan 2018 23:13:06 +0100
clamav (0.99.3~beta1+dfsg-4) unstable; urgency=medium * Ignore errors from update-rc.d in freshclam postins (Closes: #882323). * Drop dh-systemd & autoreconf from B-D. -- Sebastian Andrzej Siewior <email address hidden> Wed, 22 Nov 2017 00:00:17 +0100
Superseded in sid-release |
clamav (0.99.3~beta1+dfsg-3) unstable; urgency=medium * Drop "demime = *" from Debian.README for clamav, this option is gone from exim (Closes: #881634). * Use "ucf" instead "ucp" in clamav-milter's postinst. * Disable LLVM support due to 3.8 removal (Closes: #873401). * Disable the freshclam service if changed to `manual' mode so it does start again after system reboot with systemd (Closes: #881780). * Bump standards version to 4.1.1 without further change. * Allow to build as non root user. * Update dh compat level 10 -- Sebastian Andrzej Siewior <email address hidden> Mon, 20 Nov 2017 21:52:34 +0100
clamav (0.99.3~beta1+dfsg-2) unstable; urgency=medium * Build again against system's libmspack (dropped by accident) (Closes: #872594). * Don't replace config file with sample config after debconf gets disabled (in milter and daemon (Closes: #870253). * Update standards to 4.0.1 - use invoke-rc.d instead of /etc/init.d. - drop priority extra from clamav-milter. * Add bytecode.c(l|v)d to log clamav-freshclam.logcheck.ignore.server. Patch by Václav Ovsík <email address hidden> (Closes: #868766). -- Sebastian Andrzej Siewior <email address hidden> Sat, 02 Sep 2017 21:26:33 +0200
1 → 75 of 173 results | First • Previous • Next • Last |