"ClamAV 0.97.8 addresses several reported potential security bugs.
Thanks to Felix Groebert of the Google Security Team for finding and
reporting these issues."
- fixes in PE and autoit decoding
- off by one malloc in SIS format handler
- minor changes to freshclam
- add error checking in md5 (memcpy etc.)
"addresses several reported potential security bugs." (full details not
available yet, but there are some added checks for pointer out of bounds
in WWPack decompression).
ClamAV 0.97.5 addresses possible evasion cases in some archive formats
(CVE-2012-1457, CVE-2012-1458, CVE-2012-1459). It also addresses stability
issues in portions of the bytecode engine. This release is recommended for all
users.
parameter to daemonize, move the parameter from daemon to daemon_flags,
so that the user cannot inadvertently prevent it from daemonizing by
adjusting the flags.
Discussed with ajacoutot and schwarze, this method was suggested
by schwarze@ as a simpler alternative to my diff. ok aja@
in typical clamav tradition, release notes say "ClamAV 0.97.3 is a
minor bugfix release and is recommended for all users", secunia says:
A vulnerability has been reported in ClamAV, which can be exploited by
malicious people to cause a DoS (Denial of Service) and potentially
compromise a vulnerable system.
The vulnerability is caused due to errors related to the handling of
recursion levels within the "cli_bcapi_extract_new()"
(libclamav/bytecode_api.c) and "cli_bytecode_runhook()"
(libclamav/bytecode.c) functions, which can be exploited to e.g. cause
a crash via specially crafted files.
PLIST and delete everything under the @sample'd directory instead of the
directory itself to prevent a warning from pkg_delete(1) trying to
remove a non existing directory and to help preventing left-over files
and directories.
Makefile cleanup since then), feedback giovanni@
- better performance and reduced memory use
- various other fixes and minor enhancements
- new pdf parser
"This version improves handling of archives, adds support for --file-list
in clamscan and clamdscan, and fixes various issues found in previous
releases."
libltdl no longer needs be used, so switch back to the usual one and add
the dependency on ports-tree libltdl.
prompted by a diff from Mikolaj Kucharski, ok with mbalmer (maintainer).
- A vulnerability in ClamAV's chm-parser allowed remote attackers to
cause a denial of service (application crash) via a malformed CHM file
(CVE-2008-1389).
- A vulnerability in libclamav would allow attackers to cause a
denial of service via vectors related to an out-of-memory condition
(CVE-2008-3912).
- Multiple memory leaks were found in ClamAV that could possibly allow
attackers to cause a denial of service via excessive memory consumption
(CVE-2008-3913).
- A number of unspecified vulnerabilities in ClamAV were reported that
have an unknown impact and attack vectors related to file descriptor
leaks (CVE-2008-3914).
various OpenBSD patches rolled in upstream. thanks to sturm@
for looking over systrace.filter (needed for the test of sendmsg()
in configure to enable FD passing).
- fixes DoS with MailFollowURLs (CVE-2008-2713)
- improves handling of PDF, CAB, RTF, OLE2 and HTML files
and includes various bugfixes for 0.93 issues.
"if it works" mbalmer@
least one highly critical (remote). See http://secunia.com/advisories/29000
for details.
Thanks to kurt@ for helping analyzing the threaded code issues.
