From nobody@FreeBSD.org  Sat Sep 17 20:26:54 2005
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 071B616A41F
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 17 Sep 2005 20:26:54 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id BF47E43D45
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 17 Sep 2005 20:26:53 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id j8HKQrmk074799
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 17 Sep 2005 20:26:53 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id j8HKQrSW074798;
	Sat, 17 Sep 2005 20:26:53 GMT
	(envelope-from nobody)
Message-Id: <200509172026.j8HKQrSW074798@www.freebsd.org>
Date: Sat, 17 Sep 2005 20:26:53 GMT
From: dawnshade <h-k@mail.ru>
To: freebsd-gnats-submit@FreeBSD.org
Subject: UPDATE security/clamav to 0.87
X-Send-Pr-Version: www-2.3

>Number:         86276
>Category:       ports
>Synopsis:       UPDATE security/clamav to 0.87
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pav
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Sat Sep 17 20:30:05 GMT 2005
>Closed-Date:    Tue Sep 20 08:09:28 GMT 2005
>Last-Modified:  Tue Sep 20 08:09:28 GMT 2005
>Originator:     dawnshade
>Release:        5.4-RELEASE
>Organization:
-
>Environment:
FreeBSD serv.*.ru 5.4-RELEASE-p3 FreeBSD 5.4-RELEASE-p3 #0: Mon Jul  4 19:06:03 MSD 2005     root@serv.*.ru:/usr/obj/usr/src/sys/9  i386
>Description:
Update security/clamav to 0.87. Version 0.82 have some vulnerabilites in
unpacker code: http://sourceforge.net/project/shownotes.php?release_id=356974.
Draw attention - some files/patches removed because it fixed in sources by
developers.
>How-To-Repeat:
      -
>Fix:
      diff -ruN clamav.orig clamav     
diff -ruN clamav.orig/Makefile clamav/Makefile
--- clamav.orig/Makefile        Sun Sep 18 00:21:58 2005
+++ clamav/Makefile     Sat Sep 17 23:54:09 2005
@@ -6,8 +6,8 @@
 #
 
 PORTNAME=      clamav
-PORTVERSION=   0.86.2
-PORTREVISION=  1
+PORTVERSION=   0.87
+PORTREVISION=  0
 CATEGORIES=    security
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE_EXTENDED}
 MASTER_SITE_SUBDIR=    clamav
diff -ruN clamav.orig/distinfo clamav/distinfo
--- clamav.orig/distinfo        Sun Sep 18 00:21:58 2005
+++ clamav/distinfo     Sun Sep 18 00:00:22 2005
@@ -1,2 +1,2 @@
-MD5 (clamav-0.86.2.tar.gz) = 870de14ba123d6e9cba9850498c49f5d
-SIZE (clamav-0.86.2.tar.gz) = 4094829
+MD5 (clamav-0.87.tar.gz) = dd0a12deb4f48f760fa1fcd378ae7c24
+SIZE (clamav-0.87.tar.gz) = 4273714
diff -ruN clamav.orig/files/patch-Makefile.in clamav/files/patch-Makefile.in
--- clamav.orig/files/patch-Makefile.in Sun Sep 18 00:21:58 2005
+++ clamav/files/patch-Makefile.in      Sun Sep 18 00:08:59 2005
@@ -2,7 +2,7 @@
 +++ Makefile.in        Wed Oct 13 15:26:43 2004
 @@ -210,7 +210,7 @@
  SUBDIRS = libclamav clamscan clamd clamdscan freshclam sigtool database docs etc clamav-milter
- EXTRA_DIST = FAQ contrib test examples BUGS shared libclamav.pc.in
+ EXTRA_DIST = FAQ contrib test examples BUGS shared libclamav.pc.in UPGRADE
  bin_SCRIPTS = clamav-config
 -pkgconfigdir = $(libdir)/pkgconfig
 +pkgconfigdir = $(prefix)/libdata/pkgconfig
diff -ruN clamav.orig/files/patch-libclamav_mspack_mspack.h clamav/files/patch-libclamav_mspack_mspack.h
--- clamav.orig/files/patch-libclamav_mspack_mspack.h   Sun Sep 18 00:21:58 2005
+++ clamav/files/patch-libclamav_mspack_mspack.h        Thu Jan  1 03:00:00 1970
@@ -1,11 +0,0 @@
---- libclamav/mspack/mspack.h.orig     Fri May 13 09:10:53 2005
-+++ libclamav/mspack/mspack.h  Fri May 13 09:10:57 2005
-@@ -1488,7 +1488,7 @@
- };
- 
- #ifdef __cplusplus
--};
-+}
- #endif
- 
- #endif
diff -ruN clamav.orig/files/patch-libclamav_zziplib_zzip-io.h clamav/files/patch-libclamav_zziplib_zzip-io.h
--- clamav.orig/files/patch-libclamav_zziplib_zzip-io.h Sun Sep 18 00:21:58 2005
+++ clamav/files/patch-libclamav_zziplib_zzip-io.h      Thu Jan  1 03:00:00 1970
@@ -1,11 +0,0 @@
---- libclamav/zziplib/zzip-io.h.orig   Fri May 13 09:08:36 2005
-+++ libclamav/zziplib/zzip-io.h        Fri May 13 09:08:44 2005
-@@ -68,7 +68,7 @@
- # define ZZIP_IO_USE_MMAP 1
- 
- #ifdef __cplusplus
--};
-+}
- #endif
- 
- #endif
diff -ruN clamav.orig/files/patch-libclamav_zziplib_zziplib.h clamav/files/patch-libclamav_zziplib_zziplib.h
--- clamav.orig/files/patch-libclamav_zziplib_zziplib.h Sun Sep 18 00:21:58 2005
+++ clamav/files/patch-libclamav_zziplib_zziplib.h      Thu Jan  1 03:00:00 1970
@@ -1,11 +0,0 @@
---- libclamav/zziplib/zziplib.h.orig   Fri May 13 09:08:57 2005
-+++ libclamav/zziplib/zziplib.h        Fri May 13 09:09:09 2005
-@@ -325,7 +325,7 @@
- #endif /* _ZZIP_WRITE_SOURCE */
- 
- #ifdef __cplusplus
--};
-+}
- #endif
- 
- #endif /* _ZZIPLIB_H */
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: pav 
State-Changed-When: Sat Sep 17 20:38:18 GMT 2005 
State-Changed-Why:  
Asked maintainer for approval 


Responsible-Changed-From-To: freebsd-ports-bugs->pav 
Responsible-Changed-By: pav 
Responsible-Changed-When: Sat Sep 17 20:38:18 GMT 2005 
Responsible-Changed-Why:  
Track 

http://www.freebsd.org/cgi/query-pr.cgi?pr=86276 

From: Pav Lucistnik <pav@FreeBSD.org>
To: rob@debank.tv, bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/86276: UPDATE security/clamav to 0.87
Date: Sat, 17 Sep 2005 22:38:16 +0200

 Dear maintainer of FreeBSD port security/clamav, please take a look at
 
 http://www.freebsd.org/cgi/query-pr.cgi?q=86276
 
 Do you approve this update?
 
 -- 
 Pav Lucistnik <pav@oook.cz>
               <pav@FreeBSD.org>
 

From: Sergey Matveychuk <sem@FreeBSD.org>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/86276: UPDATE security/clamav to 0.87
Date: Mon, 19 Sep 2005 17:37:17 +0400

 Should be vuxml'ed:
 http://secunia.com/advisories/16848/
 
 -- 
 Sem.

From: "Simon L. Nielsen" <simon@FreeBSD.org>
To: Pav Lucistnik <pav@FreeBSD.org>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: ports/86276: UPDATE security/clamav to 0.87
Date: Tue, 20 Sep 2005 08:08:04 +0200

 --7AUc2qLy4jB3hD7Z
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 Hey Pav,
 
 Since this is a serious security issue could you commit this update as
 soon as possible?  I approve the bypass of the normal maintainer
 timeout with my secteam hat.
 
 If you prefer, you can also throw the PR my way and I will commit it.
 
 --=20
 Simon L. Nielsen
 Deputy Security Officer
 
 --7AUc2qLy4jB3hD7Z
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.2 (FreeBSD)
 
 iD8DBQFDL6dDh9pcDSc1mlERAhq5AJ9ebcakP4FUyxEV8CTqFUs3suPuFwCfe81L
 BTIrYyy+DoYIcIZ8TrYk0Dc=
 =9zDd
 -----END PGP SIGNATURE-----
 
 --7AUc2qLy4jB3hD7Z--
State-Changed-From-To: feedback->closed 
State-Changed-By: pav 
State-Changed-When: Tue Sep 20 08:09:17 GMT 2005 
State-Changed-Why:  
Committed on security timeout. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=86276 
>Unformatted:
