diff -Nru clamav-0.102.2+dfsg/configure clamav-0.102.3+dfsg/configure
--- clamav-0.102.2+dfsg/configure 2020-02-04 14:59:26.000000000 +0000
+++ clamav-0.102.3+dfsg/configure 2020-05-12 01:54:49.000000000 +0000
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for ClamAV 0.102.2.
+# Generated by GNU Autoconf 2.69 for ClamAV 0.102.3.
#
# Report bugs to .
#
@@ -592,8 +592,8 @@
# Identity of this package.
PACKAGE_NAME='ClamAV'
PACKAGE_TARNAME='clamav'
-PACKAGE_VERSION='0.102.2'
-PACKAGE_STRING='ClamAV 0.102.2'
+PACKAGE_VERSION='0.102.3'
+PACKAGE_STRING='ClamAV 0.102.3'
PACKAGE_BUGREPORT='https://bugzilla.clamav.net/'
PACKAGE_URL='https://www.clamav.net/'
@@ -1601,7 +1601,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures ClamAV 0.102.2 to adapt to many kinds of systems.
+\`configure' configures ClamAV 0.102.3 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1682,7 +1682,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of ClamAV 0.102.2:";;
+ short | recursive ) echo "Configuration of ClamAV 0.102.3:";;
esac
cat <<\_ACEOF
--enable-dependency-tracking
@@ -1911,7 +1911,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-ClamAV configure 0.102.2
+ClamAV configure 0.102.3
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2539,7 +2539,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by ClamAV $as_me 0.102.2, which was
+It was created by ClamAV $as_me 0.102.3, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -4297,7 +4297,7 @@
# Define the identity of the package.
PACKAGE='clamav'
- VERSION='0.102.2'
+ VERSION='0.102.3'
# Some tools Automake needs.
@@ -6025,7 +6025,7 @@
$as_echo "#define PACKAGE PACKAGE_NAME" >>confdefs.h
-VERSION="0.102.2"
+VERSION="0.102.3"
major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/^0-9//g"`
minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/^0-9//g"`
@@ -31630,7 +31630,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by ClamAV $as_me 0.102.2, which was
+This file was extended by ClamAV $as_me 0.102.3, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -31697,7 +31697,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-ClamAV config.status 0.102.2
+ClamAV config.status 0.102.3
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
@@ -34548,7 +34548,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by ClamAV $as_me 0.102.2, which was
+This file was extended by ClamAV $as_me 0.102.3, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -34615,7 +34615,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-ClamAV config.status 0.102.2
+ClamAV config.status 0.102.3
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -Nru clamav-0.102.2+dfsg/configure.ac clamav-0.102.3+dfsg/configure.ac
--- clamav-0.102.2+dfsg/configure.ac 2020-02-09 13:13:06.000000000 +0000
+++ clamav-0.102.3+dfsg/configure.ac 2020-05-16 09:23:53.000000000 +0000
@@ -22,7 +22,7 @@
dnl For a release change [devel] to the real version [0.xy]
dnl also change VERSION below
-AC_INIT([ClamAV], [0.102.2], [https://bugzilla.clamav.net/], [clamav], [https://www.clamav.net/])
+AC_INIT([ClamAV], [0.102.3], [https://bugzilla.clamav.net/], [clamav], [https://www.clamav.net/])
dnl put configure auxiliary into config
AC_CONFIG_AUX_DIR([config])
diff -Nru clamav-0.102.2+dfsg/debian/changelog clamav-0.102.3+dfsg/debian/changelog
--- clamav-0.102.2+dfsg/debian/changelog 2020-02-11 13:45:45.000000000 +0000
+++ clamav-0.102.3+dfsg/debian/changelog 2020-05-19 18:24:37.000000000 +0000
@@ -1,3 +1,13 @@
+clamav (0.102.3+dfsg-0ubuntu0.19.10.1) eoan-security; urgency=medium
+
+ * Updated to 0.102.2 to fix security issues
+ - debian/libclamav9.symbols: updated for new version.
+ - debian/rules: bumped CL_FLEVEL to 114.
+ - CVE-2020-3327
+ - CVE-2020-3341
+
+ -- Marc Deslauriers Tue, 19 May 2020 14:24:37 -0400
+
clamav (0.102.2+dfsg-0ubuntu0.19.10.1) eoan-security; urgency=medium
* Updated to 0.102.2 to fix security issue (CVE-2020-3123)
diff -Nru clamav-0.102.2+dfsg/debian/libclamav9.symbols clamav-0.102.3+dfsg/debian/libclamav9.symbols
--- clamav-0.102.2+dfsg/debian/libclamav9.symbols 2020-02-09 19:21:56.000000000 +0000
+++ clamav-0.102.3+dfsg/debian/libclamav9.symbols 2020-05-19 18:24:37.000000000 +0000
@@ -1,20 +1,20 @@
libclamav.so.9 libclamav9 #MINVER#
* Build-Depends-Package: libclamav-dev
- CLAMAV_PRIVATE@CLAMAV_PRIVATE 0.102.2
+ CLAMAV_PRIVATE@CLAMAV_PRIVATE 0.102.3
CLAMAV_PUBLIC@CLAMAV_PUBLIC 0.101.0
- __cli_strcasestr@CLAMAV_PRIVATE 0.102.2
- __cli_strndup@CLAMAV_PRIVATE 0.102.2
- __cli_strnlen@CLAMAV_PRIVATE 0.102.2
- __cli_strnstr@CLAMAV_PRIVATE 0.102.2
- base64Flush@CLAMAV_PRIVATE 0.102.2
- blobAddData@CLAMAV_PRIVATE 0.102.2
- blobCreate@CLAMAV_PRIVATE 0.102.2
- blobDestroy@CLAMAV_PRIVATE 0.102.2
- cl_ASN1_GetTimeT@CLAMAV_PRIVATE 0.102.2
+ __cli_strcasestr@CLAMAV_PRIVATE 0.102.3
+ __cli_strndup@CLAMAV_PRIVATE 0.102.3
+ __cli_strnlen@CLAMAV_PRIVATE 0.102.3
+ __cli_strnstr@CLAMAV_PRIVATE 0.102.3
+ base64Flush@CLAMAV_PRIVATE 0.102.3
+ blobAddData@CLAMAV_PRIVATE 0.102.3
+ blobCreate@CLAMAV_PRIVATE 0.102.3
+ blobDestroy@CLAMAV_PRIVATE 0.102.3
+ cl_ASN1_GetTimeT@CLAMAV_PRIVATE 0.102.3
cl_always_gen_section_hash@CLAMAV_PUBLIC 0.101.0
- cl_base64_decode@CLAMAV_PRIVATE 0.102.2
- cl_base64_encode@CLAMAV_PRIVATE 0.102.2
- cl_cleanup_crypto@CLAMAV_PRIVATE 0.102.2
+ cl_base64_decode@CLAMAV_PRIVATE 0.102.3
+ cl_base64_encode@CLAMAV_PRIVATE 0.102.3
+ cl_cleanup_crypto@CLAMAV_PRIVATE 0.102.3
cl_countsigs@CLAMAV_PUBLIC 0.101.0
cl_cvdfree@CLAMAV_PUBLIC 0.101.0
cl_cvdhead@CLAMAV_PUBLIC 0.101.0
@@ -54,21 +54,21 @@
cl_fmap_close@CLAMAV_PUBLIC 0.101.0
cl_fmap_open_handle@CLAMAV_PUBLIC 0.101.0
cl_fmap_open_memory@CLAMAV_PUBLIC 0.101.0
- cl_get_pkey_file@CLAMAV_PRIVATE 0.102.2
- cl_get_x509_from_mem@CLAMAV_PRIVATE 0.102.2
- cl_hash_data@CLAMAV_PRIVATE 0.102.2
+ cl_get_pkey_file@CLAMAV_PRIVATE 0.102.3
+ cl_get_x509_from_mem@CLAMAV_PRIVATE 0.102.3
+ cl_hash_data@CLAMAV_PRIVATE 0.102.3
cl_hash_destroy@CLAMAV_PUBLIC 0.101.0
- cl_hash_file_fd@CLAMAV_PRIVATE 0.102.2
- cl_hash_file_fd_ctx@CLAMAV_PRIVATE 0.102.2
- cl_hash_file_fp@CLAMAV_PRIVATE 0.102.2
+ cl_hash_file_fd@CLAMAV_PRIVATE 0.102.3
+ cl_hash_file_fd_ctx@CLAMAV_PRIVATE 0.102.3
+ cl_hash_file_fp@CLAMAV_PRIVATE 0.102.3
cl_hash_init@CLAMAV_PUBLIC 0.101.0
cl_init@CLAMAV_PUBLIC 0.101.0
- cl_initialize_crypto@CLAMAV_PRIVATE 0.102.2
+ cl_initialize_crypto@CLAMAV_PRIVATE 0.102.3
cl_load@CLAMAV_PUBLIC 0.101.0
- cl_load_cert@CLAMAV_PRIVATE 0.102.2
- cl_load_crl@CLAMAV_PRIVATE 0.102.2
+ cl_load_cert@CLAMAV_PRIVATE 0.102.3
+ cl_load_crl@CLAMAV_PRIVATE 0.102.3
cl_retdbdir@CLAMAV_PUBLIC 0.101.0
- cl_retflevel@CLAMAV_PUBLIC 0.102.2
+ cl_retflevel@CLAMAV_PUBLIC 0.102.3
cl_retver@CLAMAV_PUBLIC 0.101.0
cl_scandesc@CLAMAV_PUBLIC 0.101.0
cl_scandesc_callback@CLAMAV_PUBLIC 0.101.0
@@ -76,188 +76,188 @@
cl_scanfile_callback@CLAMAV_PUBLIC 0.101.0
cl_scanmap_callback@CLAMAV_PUBLIC 0.101.0
cl_set_clcb_msg@CLAMAV_PUBLIC 0.101.0
- cl_sha1@CLAMAV_PRIVATE 0.102.2
- cl_sha256@CLAMAV_PRIVATE 0.102.2
- cl_sign_data@CLAMAV_PRIVATE 0.102.2
- cl_sign_data_keyfile@CLAMAV_PRIVATE 0.102.2
- cl_sign_file_fd@CLAMAV_PRIVATE 0.102.2
- cl_sign_file_fp@CLAMAV_PRIVATE 0.102.2
+ cl_sha1@CLAMAV_PRIVATE 0.102.3
+ cl_sha256@CLAMAV_PRIVATE 0.102.3
+ cl_sign_data@CLAMAV_PRIVATE 0.102.3
+ cl_sign_data_keyfile@CLAMAV_PRIVATE 0.102.3
+ cl_sign_file_fd@CLAMAV_PRIVATE 0.102.3
+ cl_sign_file_fp@CLAMAV_PRIVATE 0.102.3
cl_statchkdir@CLAMAV_PUBLIC 0.101.0
cl_statfree@CLAMAV_PUBLIC 0.101.0
cl_statinidir@CLAMAV_PUBLIC 0.101.0
cl_strerror@CLAMAV_PUBLIC 0.101.0
cl_update_hash@CLAMAV_PUBLIC 0.101.0
- cl_validate_certificate_chain@CLAMAV_PRIVATE 0.102.2
- cl_validate_certificate_chain_ts_dir@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_fd@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_fd_x509@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_fd_x509_keyfile@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_hash@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_hash_x509@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_hash_x509_keyfile@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_x509@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_x509_keyfile@CLAMAV_PRIVATE 0.102.2
- cli_ac_buildtrie@CLAMAV_PRIVATE 0.102.2
- cli_ac_chklsig@CLAMAV_PRIVATE 0.102.2
- cli_ac_free@CLAMAV_PRIVATE 0.102.2
- cli_ac_freedata@CLAMAV_PRIVATE 0.102.2
- cli_ac_init@CLAMAV_PRIVATE 0.102.2
- cli_ac_initdata@CLAMAV_PRIVATE 0.102.2
- cli_ac_scanbuff@CLAMAV_PRIVATE 0.102.2
- cli_bm_free@CLAMAV_PRIVATE 0.102.2
- cli_bm_init@CLAMAV_PRIVATE 0.102.2
- cli_bm_scanbuff@CLAMAV_PRIVATE 0.102.2
- cli_build_regex_list@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_alloc@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_clear@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_destroy@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_getresult_int@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_set_trace@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_setfile@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_setfuncid@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_setparam_int@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_setparam_ptr@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_debug@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_debug_printsrc@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_describe@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_destroy@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_done@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_init@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_load@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_prepare2@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_printversion@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_run@CLAMAV_PRIVATE 0.102.2
- cli_bytefunc_describe@CLAMAV_PRIVATE 0.102.2
- cli_byteinst_describe@CLAMAV_PRIVATE 0.102.2
- cli_bytetype_describe@CLAMAV_PRIVATE 0.102.2
- cli_bytevalue_describe@CLAMAV_PRIVATE 0.102.2
- cli_calloc@CLAMAV_PRIVATE 0.102.2
- cli_check_auth_header@CLAMAV_PRIVATE 0.102.2
- cli_chomp@CLAMAV_PRIVATE 0.102.2
- cli_ctime@CLAMAV_PRIVATE 0.102.2
- cli_cvdunpack@CLAMAV_PRIVATE 0.102.2
- cli_dbgmsg_internal@CLAMAV_PRIVATE 0.102.2
- cli_dconf_init@CLAMAV_PRIVATE 0.102.2
- cli_debug_flag@CLAMAV_PRIVATE 0.102.2
- cli_detect_environment@CLAMAV_PRIVATE 0.102.2
- cli_disasm_one@CLAMAV_PRIVATE 0.102.2
- cli_errmsg@CLAMAV_PRIVATE 0.102.2
- cli_filecopy@CLAMAV_PRIVATE 0.102.2
- cli_fmap_scandesc@CLAMAV_PRIVATE 0.102.2
- cli_free_vba_project@CLAMAV_PRIVATE 0.102.2
- cli_ftw@CLAMAV_PRIVATE 0.102.2
- cli_genhash_pe@CLAMAV_PRIVATE 0.102.2
- cli_gentemp@CLAMAV_PRIVATE 0.102.2
- cli_gentemp_with_prefix@CLAMAV_PRIVATE 0.102.2
- cli_gentempfd@CLAMAV_PRIVATE 0.102.2
- cli_gettmpdir@CLAMAV_PRIVATE 0.102.2
- cli_hashfile@CLAMAV_PRIVATE 0.102.2
- cli_hashset_destroy@CLAMAV_PRIVATE 0.102.2
- cli_hashstream@CLAMAV_PRIVATE 0.102.2
- cli_hex2str@CLAMAV_PRIVATE 0.102.2
- cli_hex2ui@CLAMAV_PRIVATE 0.102.2
- cli_initroots@CLAMAV_PRIVATE 0.102.2
- cli_isnumber@CLAMAV_PRIVATE 0.102.2
- cli_js_destroy@CLAMAV_PRIVATE 0.102.2
- cli_js_init@CLAMAV_PRIVATE 0.102.2
- cli_js_output@CLAMAV_PRIVATE 0.102.2
- cli_js_parse_done@CLAMAV_PRIVATE 0.102.2
- cli_js_process_buffer@CLAMAV_PRIVATE 0.102.2
- cli_ldbtokenize@CLAMAV_PRIVATE 0.102.2
- cli_malloc@CLAMAV_PRIVATE 0.102.2
- cli_memstr@CLAMAV_PRIVATE 0.102.2
- cli_ole2_extract@CLAMAV_PRIVATE 0.102.2
- cli_parse_add@CLAMAV_PRIVATE 0.102.2
- cli_pcre_build@CLAMAV_PRIVATE 0.102.2
- cli_pcre_freeoff@CLAMAV_PRIVATE 0.102.2
- cli_pcre_init@CLAMAV_PRIVATE 0.102.2
- cli_pcre_perf_events_destroy@CLAMAV_PRIVATE 0.102.2
- cli_pcre_perf_print@CLAMAV_PRIVATE 0.102.2
- cli_pcre_recaloff@CLAMAV_PRIVATE 0.102.2
- cli_pcre_scanbuf@CLAMAV_PRIVATE 0.102.2
- cli_ppt_vba_read@CLAMAV_PRIVATE 0.102.2
- cli_printcxxver@CLAMAV_PRIVATE 0.102.2
- cli_readn@CLAMAV_PRIVATE 0.102.2
- cli_realloc@CLAMAV_PRIVATE 0.102.2
- cli_regcomp@CLAMAV_PRIVATE 0.102.2
- cli_regex2suffix@CLAMAV_PRIVATE 0.102.2
- cli_regexec@CLAMAV_PRIVATE 0.102.2
- cli_regfree@CLAMAV_PRIVATE 0.102.2
- cli_rmdirs@CLAMAV_PRIVATE 0.102.2
- cli_rndnum@CLAMAV_PRIVATE 0.102.2
- cli_sanitize_filepath@CLAMAV_PRIVATE 0.102.2
- cli_scanbuff@CLAMAV_PRIVATE 0.102.2
- cli_sigopts_handler@CLAMAV_PRIVATE 0.102.2
- cli_sigperf_events_destroy@CLAMAV_PRIVATE 0.102.2
- cli_sigperf_print@CLAMAV_PRIVATE 0.102.2
- cli_str2hex@CLAMAV_PRIVATE 0.102.2
- cli_strbcasestr@CLAMAV_PRIVATE 0.102.2
- cli_strdup@CLAMAV_PRIVATE 0.102.2
- cli_strerror@CLAMAV_PRIVATE 0.102.2
- cli_strlcat@CLAMAV_PRIVATE 0.102.2
- cli_strlcpy@CLAMAV_PRIVATE 0.102.2
- cli_strrcpy@CLAMAV_PRIVATE 0.102.2
- cli_strtok@CLAMAV_PRIVATE 0.102.2
- cli_strtokbuf@CLAMAV_PRIVATE 0.102.2
- cli_strtokenize@CLAMAV_PRIVATE 0.102.2
- cli_textbuffer_append_normalize@CLAMAV_PRIVATE 0.102.2
- cli_unescape@CLAMAV_PRIVATE 0.102.2
- cli_unlink@CLAMAV_PRIVATE 0.102.2
- cli_url_canon@CLAMAV_PRIVATE 0.102.2
- cli_utf16_to_utf8@CLAMAV_PRIVATE 0.102.2
- cli_utf16toascii@CLAMAV_PRIVATE 0.102.2
- cli_vba_inflate@CLAMAV_PRIVATE 0.102.2
- cli_vba_readdir@CLAMAV_PRIVATE 0.102.2
- cli_versig2@CLAMAV_PRIVATE 0.102.2
- cli_versig@CLAMAV_PRIVATE 0.102.2
- cli_warnmsg@CLAMAV_PRIVATE 0.102.2
- cli_wm_decrypt_macro@CLAMAV_PRIVATE 0.102.2
- cli_wm_readdir@CLAMAV_PRIVATE 0.102.2
- cli_writen@CLAMAV_PRIVATE 0.102.2
- decodeLine@CLAMAV_PRIVATE 0.102.2
- disasmbuf@CLAMAV_PRIVATE 0.102.2
- fmap@CLAMAV_PRIVATE 0.102.2
- get_fpu_endian@CLAMAV_PRIVATE 0.102.2
- have_clamjit@CLAMAV_PRIVATE 0.102.2
- have_rar@CLAMAV_PRIVATE 0.102.2
- html_normalise_map@CLAMAV_PRIVATE 0.102.2
- html_normalise_mem@CLAMAV_PRIVATE 0.102.2
- html_screnc_decode@CLAMAV_PRIVATE 0.102.2
- html_tag_arg_free@CLAMAV_PRIVATE 0.102.2
- init_domainlist@CLAMAV_PRIVATE 0.102.2
- init_regex_list@CLAMAV_PRIVATE 0.102.2
- init_whitelist@CLAMAV_PRIVATE 0.102.2
- is_regex_ok@CLAMAV_PRIVATE 0.102.2
- load_regex_matcher@CLAMAV_PRIVATE 0.102.2
+ cl_validate_certificate_chain@CLAMAV_PRIVATE 0.102.3
+ cl_validate_certificate_chain_ts_dir@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_fd@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_fd_x509@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_fd_x509_keyfile@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_hash@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_hash_x509@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_hash_x509_keyfile@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_x509@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_x509_keyfile@CLAMAV_PRIVATE 0.102.3
+ cli_ac_buildtrie@CLAMAV_PRIVATE 0.102.3
+ cli_ac_chklsig@CLAMAV_PRIVATE 0.102.3
+ cli_ac_free@CLAMAV_PRIVATE 0.102.3
+ cli_ac_freedata@CLAMAV_PRIVATE 0.102.3
+ cli_ac_init@CLAMAV_PRIVATE 0.102.3
+ cli_ac_initdata@CLAMAV_PRIVATE 0.102.3
+ cli_ac_scanbuff@CLAMAV_PRIVATE 0.102.3
+ cli_bm_free@CLAMAV_PRIVATE 0.102.3
+ cli_bm_init@CLAMAV_PRIVATE 0.102.3
+ cli_bm_scanbuff@CLAMAV_PRIVATE 0.102.3
+ cli_build_regex_list@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_alloc@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_clear@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_destroy@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_getresult_int@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_set_trace@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_setfile@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_setfuncid@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_setparam_int@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_setparam_ptr@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_debug@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_debug_printsrc@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_describe@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_destroy@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_done@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_init@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_load@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_prepare2@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_printversion@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_run@CLAMAV_PRIVATE 0.102.3
+ cli_bytefunc_describe@CLAMAV_PRIVATE 0.102.3
+ cli_byteinst_describe@CLAMAV_PRIVATE 0.102.3
+ cli_bytetype_describe@CLAMAV_PRIVATE 0.102.3
+ cli_bytevalue_describe@CLAMAV_PRIVATE 0.102.3
+ cli_calloc@CLAMAV_PRIVATE 0.102.3
+ cli_check_auth_header@CLAMAV_PRIVATE 0.102.3
+ cli_chomp@CLAMAV_PRIVATE 0.102.3
+ cli_ctime@CLAMAV_PRIVATE 0.102.3
+ cli_cvdunpack@CLAMAV_PRIVATE 0.102.3
+ cli_dbgmsg_internal@CLAMAV_PRIVATE 0.102.3
+ cli_dconf_init@CLAMAV_PRIVATE 0.102.3
+ cli_debug_flag@CLAMAV_PRIVATE 0.102.3
+ cli_detect_environment@CLAMAV_PRIVATE 0.102.3
+ cli_disasm_one@CLAMAV_PRIVATE 0.102.3
+ cli_errmsg@CLAMAV_PRIVATE 0.102.3
+ cli_filecopy@CLAMAV_PRIVATE 0.102.3
+ cli_fmap_scandesc@CLAMAV_PRIVATE 0.102.3
+ cli_free_vba_project@CLAMAV_PRIVATE 0.102.3
+ cli_ftw@CLAMAV_PRIVATE 0.102.3
+ cli_genhash_pe@CLAMAV_PRIVATE 0.102.3
+ cli_gentemp@CLAMAV_PRIVATE 0.102.3
+ cli_gentemp_with_prefix@CLAMAV_PRIVATE 0.102.3
+ cli_gentempfd@CLAMAV_PRIVATE 0.102.3
+ cli_gettmpdir@CLAMAV_PRIVATE 0.102.3
+ cli_hashfile@CLAMAV_PRIVATE 0.102.3
+ cli_hashset_destroy@CLAMAV_PRIVATE 0.102.3
+ cli_hashstream@CLAMAV_PRIVATE 0.102.3
+ cli_hex2str@CLAMAV_PRIVATE 0.102.3
+ cli_hex2ui@CLAMAV_PRIVATE 0.102.3
+ cli_initroots@CLAMAV_PRIVATE 0.102.3
+ cli_isnumber@CLAMAV_PRIVATE 0.102.3
+ cli_js_destroy@CLAMAV_PRIVATE 0.102.3
+ cli_js_init@CLAMAV_PRIVATE 0.102.3
+ cli_js_output@CLAMAV_PRIVATE 0.102.3
+ cli_js_parse_done@CLAMAV_PRIVATE 0.102.3
+ cli_js_process_buffer@CLAMAV_PRIVATE 0.102.3
+ cli_ldbtokenize@CLAMAV_PRIVATE 0.102.3
+ cli_malloc@CLAMAV_PRIVATE 0.102.3
+ cli_memstr@CLAMAV_PRIVATE 0.102.3
+ cli_ole2_extract@CLAMAV_PRIVATE 0.102.3
+ cli_parse_add@CLAMAV_PRIVATE 0.102.3
+ cli_pcre_build@CLAMAV_PRIVATE 0.102.3
+ cli_pcre_freeoff@CLAMAV_PRIVATE 0.102.3
+ cli_pcre_init@CLAMAV_PRIVATE 0.102.3
+ cli_pcre_perf_events_destroy@CLAMAV_PRIVATE 0.102.3
+ cli_pcre_perf_print@CLAMAV_PRIVATE 0.102.3
+ cli_pcre_recaloff@CLAMAV_PRIVATE 0.102.3
+ cli_pcre_scanbuf@CLAMAV_PRIVATE 0.102.3
+ cli_ppt_vba_read@CLAMAV_PRIVATE 0.102.3
+ cli_printcxxver@CLAMAV_PRIVATE 0.102.3
+ cli_readn@CLAMAV_PRIVATE 0.102.3
+ cli_realloc@CLAMAV_PRIVATE 0.102.3
+ cli_regcomp@CLAMAV_PRIVATE 0.102.3
+ cli_regex2suffix@CLAMAV_PRIVATE 0.102.3
+ cli_regexec@CLAMAV_PRIVATE 0.102.3
+ cli_regfree@CLAMAV_PRIVATE 0.102.3
+ cli_rmdirs@CLAMAV_PRIVATE 0.102.3
+ cli_rndnum@CLAMAV_PRIVATE 0.102.3
+ cli_sanitize_filepath@CLAMAV_PRIVATE 0.102.3
+ cli_scanbuff@CLAMAV_PRIVATE 0.102.3
+ cli_sigopts_handler@CLAMAV_PRIVATE 0.102.3
+ cli_sigperf_events_destroy@CLAMAV_PRIVATE 0.102.3
+ cli_sigperf_print@CLAMAV_PRIVATE 0.102.3
+ cli_str2hex@CLAMAV_PRIVATE 0.102.3
+ cli_strbcasestr@CLAMAV_PRIVATE 0.102.3
+ cli_strdup@CLAMAV_PRIVATE 0.102.3
+ cli_strerror@CLAMAV_PRIVATE 0.102.3
+ cli_strlcat@CLAMAV_PRIVATE 0.102.3
+ cli_strlcpy@CLAMAV_PRIVATE 0.102.3
+ cli_strrcpy@CLAMAV_PRIVATE 0.102.3
+ cli_strtok@CLAMAV_PRIVATE 0.102.3
+ cli_strtokbuf@CLAMAV_PRIVATE 0.102.3
+ cli_strtokenize@CLAMAV_PRIVATE 0.102.3
+ cli_textbuffer_append_normalize@CLAMAV_PRIVATE 0.102.3
+ cli_unescape@CLAMAV_PRIVATE 0.102.3
+ cli_unlink@CLAMAV_PRIVATE 0.102.3
+ cli_url_canon@CLAMAV_PRIVATE 0.102.3
+ cli_utf16_to_utf8@CLAMAV_PRIVATE 0.102.3
+ cli_utf16toascii@CLAMAV_PRIVATE 0.102.3
+ cli_vba_inflate@CLAMAV_PRIVATE 0.102.3
+ cli_vba_readdir@CLAMAV_PRIVATE 0.102.3
+ cli_versig2@CLAMAV_PRIVATE 0.102.3
+ cli_versig@CLAMAV_PRIVATE 0.102.3
+ cli_warnmsg@CLAMAV_PRIVATE 0.102.3
+ cli_wm_decrypt_macro@CLAMAV_PRIVATE 0.102.3
+ cli_wm_readdir@CLAMAV_PRIVATE 0.102.3
+ cli_writen@CLAMAV_PRIVATE 0.102.3
+ decodeLine@CLAMAV_PRIVATE 0.102.3
+ disasmbuf@CLAMAV_PRIVATE 0.102.3
+ fmap@CLAMAV_PRIVATE 0.102.3
+ get_fpu_endian@CLAMAV_PRIVATE 0.102.3
+ have_clamjit@CLAMAV_PRIVATE 0.102.3
+ have_rar@CLAMAV_PRIVATE 0.102.3
+ html_normalise_map@CLAMAV_PRIVATE 0.102.3
+ html_normalise_mem@CLAMAV_PRIVATE 0.102.3
+ html_screnc_decode@CLAMAV_PRIVATE 0.102.3
+ html_tag_arg_free@CLAMAV_PRIVATE 0.102.3
+ init_domainlist@CLAMAV_PRIVATE 0.102.3
+ init_regex_list@CLAMAV_PRIVATE 0.102.3
+ init_whitelist@CLAMAV_PRIVATE 0.102.3
+ is_regex_ok@CLAMAV_PRIVATE 0.102.3
+ load_regex_matcher@CLAMAV_PRIVATE 0.102.3
lsig_sub_matched@CLAMAV_PUBLIC 0.101.0
- messageCreate@CLAMAV_PRIVATE 0.102.2
- messageDestroy@CLAMAV_PRIVATE 0.102.2
- mpool_calloc@CLAMAV_PRIVATE 0.102.2
- mpool_create@CLAMAV_PRIVATE 0.102.2
- mpool_destroy@CLAMAV_PRIVATE 0.102.2
- mpool_free@CLAMAV_PRIVATE 0.102.2
- mpool_getstats@CLAMAV_PRIVATE 0.102.2
- phishingScan@CLAMAV_PRIVATE 0.102.2
- phishing_done@CLAMAV_PRIVATE 0.102.2
- phishing_init@CLAMAV_PRIVATE 0.102.2
- regex_list_add_pattern@CLAMAV_PRIVATE 0.102.2
- regex_list_done@CLAMAV_PRIVATE 0.102.2
- regex_list_match@CLAMAV_PRIVATE 0.102.2
- tableCreate@CLAMAV_PRIVATE 0.102.2
- tableDestroy@CLAMAV_PRIVATE 0.102.2
- tableFind@CLAMAV_PRIVATE 0.102.2
- tableInsert@CLAMAV_PRIVATE 0.102.2
- tableIterate@CLAMAV_PRIVATE 0.102.2
- tableRemove@CLAMAV_PRIVATE 0.102.2
- tableUpdate@CLAMAV_PRIVATE 0.102.2
- text_normalize_init@CLAMAV_PRIVATE 0.102.2
- text_normalize_map@CLAMAV_PRIVATE 0.102.2
- text_normalize_reset@CLAMAV_PRIVATE 0.102.2
- uniq_add@CLAMAV_PRIVATE 0.102.2
- uniq_free@CLAMAV_PRIVATE 0.102.2
- uniq_get@CLAMAV_PRIVATE 0.102.2
- uniq_init@CLAMAV_PRIVATE 0.102.2
+ messageCreate@CLAMAV_PRIVATE 0.102.3
+ messageDestroy@CLAMAV_PRIVATE 0.102.3
+ mpool_calloc@CLAMAV_PRIVATE 0.102.3
+ mpool_create@CLAMAV_PRIVATE 0.102.3
+ mpool_destroy@CLAMAV_PRIVATE 0.102.3
+ mpool_free@CLAMAV_PRIVATE 0.102.3
+ mpool_getstats@CLAMAV_PRIVATE 0.102.3
+ phishingScan@CLAMAV_PRIVATE 0.102.3
+ phishing_done@CLAMAV_PRIVATE 0.102.3
+ phishing_init@CLAMAV_PRIVATE 0.102.3
+ regex_list_add_pattern@CLAMAV_PRIVATE 0.102.3
+ regex_list_done@CLAMAV_PRIVATE 0.102.3
+ regex_list_match@CLAMAV_PRIVATE 0.102.3
+ tableCreate@CLAMAV_PRIVATE 0.102.3
+ tableDestroy@CLAMAV_PRIVATE 0.102.3
+ tableFind@CLAMAV_PRIVATE 0.102.3
+ tableInsert@CLAMAV_PRIVATE 0.102.3
+ tableIterate@CLAMAV_PRIVATE 0.102.3
+ tableRemove@CLAMAV_PRIVATE 0.102.3
+ tableUpdate@CLAMAV_PRIVATE 0.102.3
+ text_normalize_init@CLAMAV_PRIVATE 0.102.3
+ text_normalize_map@CLAMAV_PRIVATE 0.102.3
+ text_normalize_reset@CLAMAV_PRIVATE 0.102.3
+ uniq_add@CLAMAV_PRIVATE 0.102.3
+ uniq_free@CLAMAV_PRIVATE 0.102.3
+ uniq_get@CLAMAV_PRIVATE 0.102.3
+ uniq_init@CLAMAV_PRIVATE 0.102.3
libfreshclam.so.2 libclamav9 #MINVER#
FRESHCLAM_PRIVATE@FRESHCLAM_PRIVATE 0.102.1
FRESHCLAM_PUBLIC@FRESHCLAM_PUBLIC 0.102.1
diff -Nru clamav-0.102.2+dfsg/debian/rules clamav-0.102.3+dfsg/debian/rules
--- clamav-0.102.2+dfsg/debian/rules 2020-02-11 13:45:45.000000000 +0000
+++ clamav-0.102.3+dfsg/debian/rules 2020-05-19 18:24:37.000000000 +0000
@@ -88,7 +88,7 @@
fi;\
done; \
# Check for library features which may have been upgraded.
- if ! grep -q "CL_FLEVEL 113" libclamav/others.h ; then \
+ if ! grep -q "CL_FLEVEL 114" libclamav/others.h ; then \
echo "cl_retflevel needs boosting in symbol file"; \
touch debian/exit; \
fi;
diff -Nru clamav-0.102.2+dfsg/docs/html/UserManual/Installation-Unix.html clamav-0.102.3+dfsg/docs/html/UserManual/Installation-Unix.html
--- clamav-0.102.2+dfsg/docs/html/UserManual/Installation-Unix.html 2020-02-04 14:59:24.000000000 +0000
+++ clamav-0.102.3+dfsg/docs/html/UserManual/Installation-Unix.html 2020-05-12 01:54:59.000000000 +0000
@@ -70,8 +70,6 @@
- CentOS 6 32bit: zlib 1.2.3-29
- Solution: Update to newer version.
-- AIX 5.3: zlib 1.2.11-1
-- Solution: Try different version, downgrade may be required.
Installing ClamAV
diff -Nru clamav-0.102.2+dfsg/docs/html/UserManual/Installation-Windows.html clamav-0.102.3+dfsg/docs/html/UserManual/Installation-Windows.html
--- clamav-0.102.2+dfsg/docs/html/UserManual/Installation-Windows.html 2020-02-04 14:59:23.000000000 +0000
+++ clamav-0.102.3+dfsg/docs/html/UserManual/Installation-Windows.html 2020-05-12 01:54:58.000000000 +0000
@@ -15,9 +15,9 @@
Install using the ClamAV Windows Installer
Important: Installing ClamAV using the Installer will require Administrator privileges.
-- Download: http://www.clamav.net/downloads/production/ClamAV-0.102.1.exe
+- Download: http://www.clamav.net/downloads/production/ClamAV-0.102.2.exe
- Locate the file in your Downloads directory.
-- Right-click on
ClamAV-0.102.1.exe and select Run as administrator. You may receive a warning message along the lines of "Windows protected your PC". Select More info and then select Run anyway.
+- Right-click on
ClamAV-0.102.2.exe and select Run as administrator. You may receive a warning message along the lines of "Windows protected your PC". Select More info and then select Run anyway.
- Select
I accept the agreement and click Next.
- Click
Next again. If you've removed a previous installation of ClamAV, you may receive the prompt "The folder ... already exists...". If you do, select Yes.
- Click
Install.
@@ -36,9 +36,9 @@
Install using the ClamAV Portable Install Package
-- Download: https://www.clamav.net/downloads/production/clamav-0.102.1-win-x64-portable.zip
+- Download: https://www.clamav.net/downloads/production/clamav-0.102.2-win-x64-portable.zip
- Unzip it.
-- Open the
clamav-0.102.1-win-x64-portable directory.
+- Open the
clamav-0.102.2-win-x64-portable directory.
- Hold down Shift and then right-click on the background in the current directory (but not on one of the files). Select
"Open PowerShell window here". If that option doesn't appear, try again.
Continue on to "First Time Set-Up"...
diff -Nru clamav-0.102.2+dfsg/libclamav/7z/XzDec.c clamav-0.102.3+dfsg/libclamav/7z/XzDec.c
--- clamav-0.102.2+dfsg/libclamav/7z/XzDec.c 2020-02-04 14:59:26.000000000 +0000
+++ clamav-0.102.3+dfsg/libclamav/7z/XzDec.c 2020-05-12 01:54:49.000000000 +0000
@@ -425,7 +425,7 @@
const Byte *srcCur;
int srcFinishedCur;
int encodingWasFinished;
-
+
if (i == 0)
{
srcCur = src;
@@ -438,7 +438,7 @@
srcLenCur = p->size[i - 1] - p->pos[i - 1];
srcFinishedCur = p->finished[i - 1];
}
-
+
if (i == p->numCoders - 1)
{
destCur = dest;
@@ -451,7 +451,7 @@
destCur = p->buf + (CODER_BUF_SIZE * i);
destLenCur = CODER_BUF_SIZE;
}
-
+
res = coder->Code(coder->p, destCur, &destLenCur, srcCur, &srcLenCur, srcFinishedCur, finishMode, &encodingWasFinished);
if (!encodingWasFinished)
@@ -478,7 +478,7 @@
p->pos[i] = 0;
p->finished[i] = encodingWasFinished;
}
-
+
if (res != SZ_OK)
return res;
@@ -617,6 +617,7 @@
if (!p)
return;
MixCoder_Free(&p->decoder);
+ cl_hash_destroy(p->check.sha);
cl_hash_destroy(p->sha);
p->sha = NULL;
}
@@ -643,20 +644,20 @@
*status = CODER_STATUS_NOT_FINISHED;
return SZ_OK;
}
-
+
res = MixCoder_Code(&p->decoder, dest, &destLen2, src, &srcLen2, False, finishMode, status);
XzCheck_Update(&p->check, dest, destLen2);
-
+
(*srcLen) += srcLen2;
src += srcLen2;
p->packSize += srcLen2;
-
+
(*destLen) += destLen2;
dest += destLen2;
p->unpackSize += destLen2;
-
+
RINOK(res);
-
+
if (*status == CODER_STATUS_FINISHED_WITH_MARK)
{
Byte temp[32];
@@ -666,14 +667,14 @@
cl_update_hash(p->sha, temp, num);
p->indexSize += num;
p->numBlocks++;
-
+
p->state = XZ_STATE_BLOCK_FOOTER;
p->pos = 0;
p->alignPos = 0;
}
else if (srcLen2 == 0 && destLen2 == 0)
return SZ_OK;
-
+
continue;
}
@@ -887,7 +888,7 @@
}
break;
}
-
+
case XZ_STATE_BLOCK: break; /* to disable GCC warning */
}
}
diff -Nru clamav-0.102.2+dfsg/libclamav/arc4.c clamav-0.102.3+dfsg/libclamav/arc4.c
--- clamav-0.102.2+dfsg/libclamav/arc4.c 2020-02-04 14:59:26.000000000 +0000
+++ clamav-0.102.3+dfsg/libclamav/arc4.c 2020-05-12 01:54:49.000000000 +0000
@@ -27,11 +27,16 @@
#include "arc4.h"
#include
-void arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength)
+bool arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength)
{
unsigned i;
uint8_t j;
- uint32_t *S = &a->S[0];
+ uint32_t *S;
+
+ if (NULL == a || NULL == key || 0 == keylength)
+ return false;
+
+ S = &a->S[0];
for (i = 0; i < 256; i++)
S[i] = i;
@@ -42,6 +47,7 @@
S[j] = tmp;
}
a->i = a->j = 0;
+ return true;
}
void arc4_apply(struct arc4_state *s, uint8_t *data, unsigned len)
diff -Nru clamav-0.102.2+dfsg/libclamav/arc4.h clamav-0.102.3+dfsg/libclamav/arc4.h
--- clamav-0.102.2+dfsg/libclamav/arc4.h 2020-02-04 14:59:26.000000000 +0000
+++ clamav-0.102.3+dfsg/libclamav/arc4.h 2020-05-12 01:54:49.000000000 +0000
@@ -19,6 +19,8 @@
* MA 02110-1301, USA.
*/
+#include
+
#include "clamav-types.h"
struct arc4_state {
/* really just 8 bit, but it is faster if reads are aligned */
@@ -26,5 +28,5 @@
uint8_t i, j;
};
-void arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength);
+bool arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength);
void arc4_apply(struct arc4_state *s, uint8_t *data, unsigned len);
diff -Nru clamav-0.102.2+dfsg/libclamav/bytecode_api.h clamav-0.102.3+dfsg/libclamav/bytecode_api.h
--- clamav-0.102.2+dfsg/libclamav/bytecode_api.h 2020-02-04 14:59:26.000000000 +0000
+++ clamav-0.102.3+dfsg/libclamav/bytecode_api.h 2020-05-12 01:54:49.000000000 +0000
@@ -144,6 +144,7 @@
FUNC_LEVEL_0102 = 111, /**< LibClamAV release 0.102.0 */
FUNC_LEVEL_0102_1 = 112, /**< LibClamAV release 0.102.1 */
FUNC_LEVEL_0102_2 = 113, /**< LibClamAV release 0.102.2 */
+ FUNC_LEVEL_0102_3 = 114, /**< LibClamAV release 0.102.3 */
};
/**
diff -Nru clamav-0.102.2+dfsg/libclamav/egg.c clamav-0.102.3+dfsg/libclamav/egg.c
--- clamav-0.102.2+dfsg/libclamav/egg.c 2020-02-04 14:59:26.000000000 +0000
+++ clamav-0.102.3+dfsg/libclamav/egg.c 2020-05-12 01:54:49.000000000 +0000
@@ -2846,10 +2846,6 @@
}
handle = (egg_handle*)hArchive;
- if (CL_SUCCESS != EGG_VALIDATE_HANDLE(handle)) {
- cli_errmsg("cli_egg_close: Invalid handle values!\n");
- return;
- }
egg_free_egg_handle(handle);
diff -Nru clamav-0.102.2+dfsg/libclamav/others.h clamav-0.102.3+dfsg/libclamav/others.h
--- clamav-0.102.2+dfsg/libclamav/others.h 2020-02-04 14:59:26.000000000 +0000
+++ clamav-0.102.3+dfsg/libclamav/others.h 2020-05-12 01:54:49.000000000 +0000
@@ -71,7 +71,7 @@
* in re-enabling affected modules.
*/
-#define CL_FLEVEL 113
+#define CL_FLEVEL 114
#define CL_FLEVEL_DCONF CL_FLEVEL
#define CL_FLEVEL_SIGTOOL CL_FLEVEL
diff -Nru clamav-0.102.2+dfsg/libclamav/pdf.c clamav-0.102.3+dfsg/libclamav/pdf.c
--- clamav-0.102.2+dfsg/libclamav/pdf.c 2020-02-04 14:59:26.000000000 +0000
+++ clamav-0.102.3+dfsg/libclamav/pdf.c 2020-05-12 01:54:49.000000000 +0000
@@ -1089,8 +1089,9 @@
int nrounds;
cli_dbgmsg("aes_decrypt: key length: %d, data length: %zu\n", key_n, *length);
- if (key_n > 32) {
- cli_dbgmsg("aes_decrypt: key length is %d!\n", key_n * 8);
+ if (!(key_n == 16 || key_n == 24 || key_n == 32)) {
+ cli_dbgmsg("aes_decrypt: invalid key length: %u!\n", key_n * 8);
+ noisy_warnmsg("aes_decrypt: invalid key length: %u!\n", key_n * 8);
return;
}
@@ -1166,7 +1167,12 @@
struct arc4_state arc4;
if (!length || !*length || !in) {
- noisy_warnmsg("decrypt_any: decrypt failed for obj %u %u\n", id >> 8, id & 0xff);
+ noisy_warnmsg("decrypt_any: decrypt failed for obj %u %u: Invalid arguments.\n", id >> 8, id & 0xff);
+ return NULL;
+ }
+
+ if (NULL == pdf->key || 0 == pdf->keylen) {
+ noisy_warnmsg("decrypt_any: decrypt failed for obj %u %u: PDF key never identified.\n", id >> 8, id & 0xff);
return NULL;
}
@@ -1207,7 +1213,10 @@
case ENC_V2:
cli_dbgmsg("cli_pdf: enc is v2\n");
memcpy(q, in, *length);
- arc4_init(&arc4, result, n);
+ if (false == arc4_init(&arc4, result, n)) {
+ noisy_warnmsg("decrypt_any: failed to init arc4\n");
+ return NULL;
+ }
arc4_apply(&arc4, q, (unsigned)*length); /* TODO: may truncate for very large lengths */
noisy_msg(pdf, "decrypt_any: decrypted ARC4 data\n");
@@ -2802,7 +2811,10 @@
if (R == 2) {
/* 7.6.3.3 Algorithm 4 */
memcpy(data, key_padding, 32);
- arc4_init(&arc4, (const uint8_t *)(pdf->key), pdf->keylen);
+ if (false == arc4_init(&arc4, (const uint8_t *)(pdf->key), pdf->keylen)) {
+ noisy_warnmsg("decrypt_any: failed to init arc4\n");
+ return;
+ }
arc4_apply(&arc4, (uint8_t *)data, 32);
dbg_printhex("computed U (R2)", data, 32);
if (!memcmp(data, U, 32))
@@ -2821,7 +2833,10 @@
cl_hash_data("md5", d, 32 + pdf->fileIDlen, result, NULL);
memcpy(data, pdf->key, len);
- arc4_init(&arc4, (const uint8_t *)data, len);
+ if (false == arc4_init(&arc4, (const uint8_t *)data, len)) {
+ noisy_warnmsg("decrypt_any: failed to init arc4\n");
+ return;
+ }
arc4_apply(&arc4, result, 16);
for (i = 1; i <= 19; i++) {
unsigned j;
@@ -2829,7 +2844,10 @@
for (j = 0; j < len; j++)
data[j] = pdf->key[j] ^ i;
- arc4_init(&arc4, (const uint8_t *)data, len);
+ if (false == arc4_init(&arc4, (const uint8_t *)data, len)) {
+ noisy_warnmsg("decrypt_any: failed to init arc4\n");
+ return;
+ }
arc4_apply(&arc4, result, 16);
}
diff -Nru clamav-0.102.2+dfsg/libclamav/pdfdecode.c clamav-0.102.3+dfsg/libclamav/pdfdecode.c
--- clamav-0.102.2+dfsg/libclamav/pdfdecode.c 2020-02-04 14:59:26.000000000 +0000
+++ clamav-0.102.3+dfsg/libclamav/pdfdecode.c 2020-05-12 01:54:49.000000000 +0000
@@ -638,8 +638,11 @@
}
if (rc == CL_SUCCESS) {
- /* Shrink output buffer to final the decoded data length to minimize RAM usage */
- if (!(temp = cli_realloc(decoded, declen))) {
+ if (declen == 0) {
+ cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n");
+ rc = CL_BREAK;
+ } else if (!(temp = cli_realloc(decoded, declen))) {
+ /* Shrink output buffer to final the decoded data length to minimize RAM usage */
cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
rc = CL_EMEM;
} else {
@@ -647,7 +650,7 @@
}
}
- if (rc == CL_SUCCESS) {
+ if (rc == CL_SUCCESS || rc == CL_BREAK) {
free(token->content);
cli_dbgmsg("cli_pdf: decoded %lu bytes from %lu total bytes\n",
@@ -817,8 +820,11 @@
(void)inflateEnd(&stream);
if (rc == CL_SUCCESS) {
- /* Shrink output buffer to final the decoded data length to minimize RAM usage */
- if (!(temp = cli_realloc(decoded, declen))) {
+ if (declen == 0) {
+ cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n");
+ rc = CL_BREAK;
+ } else if (!(temp = cli_realloc(decoded, declen))) {
+ /* Shrink output buffer to final the decoded data length to minimize RAM usage */
cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
rc = CL_EMEM;
} else {
@@ -826,7 +832,7 @@
}
}
- if (rc == CL_SUCCESS) {
+ if (rc == CL_SUCCESS || rc == CL_BREAK) {
free(token->content);
token->content = decoded;
@@ -1099,8 +1105,11 @@
(void)lzwInflateEnd(&stream);
if (rc == CL_SUCCESS) {
- /* Shrink output buffer to final the decoded data length to minimize RAM usage */
- if (!(temp = cli_realloc(decoded, declen))) {
+ if (declen == 0) {
+ cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n");
+ rc = CL_BREAK;
+ } else if (!(temp = cli_realloc(decoded, declen))) {
+ /* Shrink output buffer to final the decoded data length to minimize RAM usage */
cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
rc = CL_EMEM;
} else {
@@ -1108,7 +1117,7 @@
}
}
- if (rc == CL_SUCCESS) {
+ if (rc == CL_SUCCESS || rc == CL_BREAK) {
free(token->content);
token->content = decoded;
diff -Nru clamav-0.102.2+dfsg/libclamav/unarj.c clamav-0.102.3+dfsg/libclamav/unarj.c
--- clamav-0.102.2+dfsg/libclamav/unarj.c 2020-02-04 14:59:26.000000000 +0000
+++ clamav-0.102.3+dfsg/libclamav/unarj.c 2020-05-12 01:54:49.000000000 +0000
@@ -834,18 +834,16 @@
uint16_t header_size, count;
arj_main_hdr_t main_hdr;
const char *filename = NULL;
- const char *comment = NULL;
- off_t header_offset;
+ const char *comment = NULL;
struct text_norm_state fnstate, comstate;
- unsigned char *fnnorm = NULL;
+ unsigned char *fnnorm = NULL;
unsigned char *comnorm = NULL;
- uint32_t ret = TRUE;
+ uint32_t ret = TRUE;
if (fmap_readn(metadata->map, &header_size, metadata->offset, 2) != 2)
return FALSE;
metadata->offset += 2;
- header_offset = metadata->offset;
header_size = le16_to_host(header_size);
cli_dbgmsg("Header Size: %d\n", header_size);
if (header_size == 0) {
@@ -882,8 +880,8 @@
metadata->offset += main_hdr.first_hdr_size - 30;
}
- fnnorm = cli_calloc(sizeof(unsigned char), header_size + 1);
- filename = fmap_need_offstr(metadata->map, metadata->offset, header_size);
+ fnnorm = cli_calloc(sizeof(unsigned char), header_size + 1);
+ filename = fmap_need_offstr(metadata->map, metadata->offset, header_size + 1);
if (!filename) {
cli_dbgmsg("UNARJ: Unable to allocate memory for filename\n");
ret = FALSE;
@@ -892,7 +890,7 @@
metadata->offset += CLI_STRNLEN(filename, header_size) + 1;
comnorm = cli_calloc(sizeof(unsigned char), header_size + 1);
- comment = fmap_need_offstr(metadata->map, metadata->offset, header_size);
+ comment = fmap_need_offstr(metadata->map, metadata->offset, header_size + 1);
if (!comment || !comnorm) {
cli_dbgmsg("UNARJ: Unable to allocate memory for comment\n");
ret = FALSE;
@@ -903,8 +901,8 @@
text_normalize_init(&fnstate, fnnorm, header_size);
text_normalize_init(&comstate, comnorm, header_size);
- text_normalize_buffer(&fnstate, filename, metadata->offset);
- text_normalize_buffer(&comstate, comment, metadata->offset);
+ text_normalize_buffer(&fnstate, (const unsigned char *)filename, header_size);
+ text_normalize_buffer(&comstate, (const unsigned char *)comment, header_size);
cli_dbgmsg("Filename: %s\n", fnnorm);
cli_dbgmsg("Comment: %s\n", comnorm);
@@ -947,9 +945,9 @@
const char *filename, *comment;
arj_file_hdr_t file_hdr;
struct text_norm_state fnstate, comstate;
- unsigned char *fnnorm = NULL;
+ unsigned char *fnnorm = NULL;
unsigned char *comnorm = NULL;
- uint32_t ret = CL_SUCCESS;
+ uint32_t ret = CL_SUCCESS;
if (fmap_readn(metadata->map, &header_size, metadata->offset, 2) != 2)
return CL_EFORMAT;
@@ -999,8 +997,8 @@
metadata->offset += file_hdr.first_hdr_size - 30;
}
- fnnorm = cli_calloc(sizeof(unsigned char), header_size + 1);
- filename = fmap_need_offstr(metadata->map, metadata->offset, header_size);
+ fnnorm = cli_calloc(sizeof(unsigned char), header_size + 1);
+ filename = fmap_need_offstr(metadata->map, metadata->offset, header_size + 1);
if (!filename) {
cli_dbgmsg("UNARJ: Unable to allocate memory for filename\n");
ret = FALSE;
@@ -1009,7 +1007,7 @@
metadata->offset += CLI_STRNLEN(filename, header_size) + 1;
comnorm = cli_calloc(sizeof(unsigned char), header_size + 1);
- comment = fmap_need_offstr(metadata->map, metadata->offset, header_size);
+ comment = fmap_need_offstr(metadata->map, metadata->offset, header_size + 1);
if (!comment) {
cli_dbgmsg("UNARJ: Unable to allocate memory for comment\n");
ret = FALSE;
@@ -1020,8 +1018,8 @@
text_normalize_init(&fnstate, fnnorm, header_size);
text_normalize_init(&comstate, comnorm, header_size);
- text_normalize_buffer(&fnstate, filename, metadata->offset);
- text_normalize_buffer(&comstate, comment, metadata->offset);
+ text_normalize_buffer(&fnstate, (const unsigned char *)filename, header_size);
+ text_normalize_buffer(&comstate, (const unsigned char *)comment, header_size);
cli_dbgmsg("Filename: %s\n", fnnorm);
cli_dbgmsg("Comment: %s\n", comnorm);
@@ -1037,7 +1035,7 @@
if (metadata->filename)
free(metadata->filename);
metadata->filename = NULL;
- ret = CL_EFORMAT;
+ ret = CL_EFORMAT;
goto done;
}
count = cli_readint16(countp);
@@ -1055,11 +1053,11 @@
metadata->encrypted = ((file_hdr.flags & GARBLE_FLAG) != 0) ? TRUE : FALSE;
metadata->ofd = -1;
if (!metadata->filename) {
- ret = CL_EMEM;
+ ret = CL_EMEM;
goto done;
}
- done:
+done:
if (fnnorm) {
free(fnnorm);
diff -Nru clamav-0.102.2+dfsg/m4/reorganization/version.m4 clamav-0.102.3+dfsg/m4/reorganization/version.m4
--- clamav-0.102.2+dfsg/m4/reorganization/version.m4 2020-02-04 14:59:26.000000000 +0000
+++ clamav-0.102.3+dfsg/m4/reorganization/version.m4 2020-05-12 01:54:49.000000000 +0000
@@ -3,7 +3,7 @@
dnl For beta, set: VERSION="-beta"
dnl For release candidate, set: VERSION="-rc"
dnl For release, set: VERSION=""
-VERSION="0.102.2"
+VERSION="0.102.3"
major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/[^0-9]//g"`
minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/[^0-9]//g"`
diff -Nru clamav-0.102.2+dfsg/NEWS.md clamav-0.102.3+dfsg/NEWS.md
--- clamav-0.102.2+dfsg/NEWS.md 2020-02-04 14:59:26.000000000 +0000
+++ clamav-0.102.3+dfsg/NEWS.md 2020-05-12 01:54:49.000000000 +0000
@@ -3,6 +3,30 @@
Note: This file refers to the source tarball. Things described here may differ
slightly from the binary packages.
+## 0.102.3
+
+ClamAV 0.102.3 is a bug patch release to address the following issues.
+
+- [CVE-2020-3327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327):
+ Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that
+ could cause a Denial-of-Service (DoS) condition. Improper bounds checking of
+ an unsigned variable results in an out-of-bounds read which causes a crash.
+
+ Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ
+ parsing vulnerability.
+
+- [CVE-2020-3341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341):
+ Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that
+ could cause a Denial-of-Service (DoS) condition. Improper size checking of
+ a buffer used to initialize AES decryption routines results in an out-of-
+ bounds read which may cause a crash. Bug found by OSS-Fuzz.
+
+- Fix "Attempt to allocate 0 bytes" error when parsing some PDF documents.
+
+- Fix a couple of minor memory leaks.
+
+- Updated libclamunrar to UnRAR 5.9.2.
+
## 0.102.2
ClamAV 0.102.2 is a bug patch release to address the following issues.