From scheidell@secnap.net  Thu May 31 00:39:47 2007
Return-Path: <scheidell@secnap.net>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id CF16516A469
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 31 May 2007 00:39:47 +0000 (UTC)
	(envelope-from scheidell@secnap.net)
Received: from scanner.secnap.net (corp.secnap.com [204.89.241.135])
	by mx1.freebsd.org (Postfix) with ESMTP id 9F87013C468
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 31 May 2007 00:39:47 +0000 (UTC)
	(envelope-from scheidell@secnap.net)
Received: by scanner.secnap.net (Postfix, from userid 1001)
	id 15ED71CD3E; Wed, 30 May 2007 20:39:47 -0400 (EDT)
Message-Id: <20070531003947.15ED71CD3E@scanner.secnap.net>
Date: Wed, 30 May 2007 20:39:47 -0400 (EDT)
From: Michael Scheidell <scheidell@secnap.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc: garga@FreeBSD.org,scheidell@secnap.net
Subject: Security update: clamav .90.2 to .90.3
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         113174
>Category:       ports
>Synopsis:       Security update: security/clamav .90.2 to .90.3
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    garga
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Thu May 31 00:40:04 GMT 2007
>Closed-Date:    Fri Jun 01 17:09:46 GMT 2007
>Last-Modified:  Fri Jun  1 17:10:01 GMT 2007
>Originator:     Michael Scheidell
>Release:        FreeBSD 5.5-RELEASE-p8 i386
>Organization:
SECNAP
>Environment:
System: FreeBSD scanner.secnap.net 5.5-RELEASE-p8 FreeBSD 5.5-RELEASE-p8 #2: Fri Dec 29 22:23:34 EST 2006 scheidell@scanner.secnap.net:/usr/obj/usr/src/sys/HACKERTRAP_750 i386

>Description:
Update clamav from .90.2 to .90.3
Includes support for FBSD7 in ../configure

This release fixes some security bugs in libclamav and improves 
stability under Solaris. Please see ChangeLog for complete list of 
changes.

If your system is suffering from long clamscan startup times, please
consider installing 0.91rc1 which is due to be released shortly
after 0.90.3.


Security updates in this release include:
#1: patch-libclamav__matcher-ac.c already patched (remove this file)
#2: I removed dependency on unzoo (it is not maintained and has DOS 
attacks against it) MAYBE, reenable support for ZOO if you apply 
security patch at:
http://www.guay-leroux.com/projects/zoo-infinite-advisory.txt
and enable that patch minimum dependency. MAYBE

- libclamav/unrar/unrar.c: improve handling of corrupted/handcrafted
      headers (bb#511, patch from Trog)
- libclamav/unsp.c: fix end of buffer calculation (bb#464, patch from 
      aCaB)
- libclamav/ole2_extract.c: detect block list loop (bb#466), patch from 
      Trog

(others, see README)

>How-To-Repeat:
make
>Fix:

this patch (also, please remove files/patch-libclamav__matcher-ac.c
seems to run fine clamd, clamdscan, clamscan, freshclam on FBSD 5.5

--- Makefile.orig       Mon Apr 16 07:18:26 2007
+++ Makefile    Wed May 30 20:05:30 2007
@@ -6,8 +6,7 @@
 #

 PORTNAME=      clamav
-PORTVERSION=   0.90.2
-PORTREVISION=  1
+PORTVERSION=   0.90.3
 CATEGORIES=    security
 MASTER_SITES=  SF

@@ -17,7 +16,6 @@
 LIB_DEPENDS=   gmp.7:${PORTSDIR}/math/libgmp4
 RUN_DEPENDS=   lha:${PORTSDIR}/archivers/lha \
                arj:${PORTSDIR}/archivers/arj \
-               unzoo:${PORTSDIR}/archivers/unzoo \
                arc:${PORTSDIR}/archivers/arc

 OPTIONS=       MILTER "Compile the milter interface" Off \
--- distinfo.orig       Fri Apr 13 14:25:19 2007
+++ distinfo    Wed May 30 20:11:29 2007
@@ -1,3 +1,3 @@
-MD5 (clamav-0.90.2.tar.gz) = 39d1f07a399b551b55096b6ec7325c33
-SHA256 (clamav-0.90.2.tar.gz) = 30df6a5d4a591dcd4acd7d4cce54dcfd260280fce6bbc9d19d240967bcdabbfa
-SIZE (clamav-0.90.2.tar.gz) = 12062886
+MD5 (clamav-0.90.3.tar.gz) = d42ccf7a32daeb7c7cc3c8c23a7793ea
+SHA256 (clamav-0.90.3.tar.gz) = 939913d15ad0dc583ba609274ae61a948f4fa18b848bd503d958feacdaab54a4
+SIZE (clamav-0.90.3.tar.gz) = 12496857


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->garga 
Responsible-Changed-By: edwin 
Responsible-Changed-When: Thu May 31 01:04:25 UTC 2007 
Responsible-Changed-Why:  
Over to maintainer 

http://www.freebsd.org/cgi/query-pr.cgi?pr=113174 
State-Changed-From-To: open->closed 
State-Changed-By: garga 
State-Changed-When: Fri Jun 1 17:09:44 UTC 2007 
State-Changed-Why:  
Committed, with changes. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=113174 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/113174: commit references a PR
Date: Fri,  1 Jun 2007 17:09:15 +0000 (UTC)

 garga       2007-06-01 17:09:09 UTC
 
   FreeBSD ports repository
 
   Modified files:
     security/clamav      Makefile distinfo 
   Removed files:
     security/clamav/files patch-libclamav__matcher-ac.c 
   Log:
   - Update to 0.90.3
   - Remove unzoo support (clam doesn't support it anymore)
   
   PR:             ports/113174
   Submitted by:   Michael Scheidell <scheidell@secnap.net>
   
   Revision  Changes    Path
   1.100     +1 -6      ports/security/clamav/Makefile
   1.40      +3 -3      ports/security/clamav/distinfo
   1.2       +0 -65     ports/security/clamav/files/patch-libclamav__matcher-ac.c (dead)
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
