Makefile cleanup since then), feedback giovanni@
- better performance and reduced memory use
- various other fixes and minor enhancements
- new pdf parser
"This version improves handling of archives, adds support for --file-list
in clamscan and clamdscan, and fixes various issues found in previous
releases."
libltdl no longer needs be used, so switch back to the usual one and add
the dependency on ports-tree libltdl.
prompted by a diff from Mikolaj Kucharski, ok with mbalmer (maintainer).
- A vulnerability in ClamAV's chm-parser allowed remote attackers to
cause a denial of service (application crash) via a malformed CHM file
(CVE-2008-1389).
- A vulnerability in libclamav would allow attackers to cause a
denial of service via vectors related to an out-of-memory condition
(CVE-2008-3912).
- Multiple memory leaks were found in ClamAV that could possibly allow
attackers to cause a denial of service via excessive memory consumption
(CVE-2008-3913).
- A number of unspecified vulnerabilities in ClamAV were reported that
have an unknown impact and attack vectors related to file descriptor
leaks (CVE-2008-3914).
various OpenBSD patches rolled in upstream. thanks to sturm@
for looking over systrace.filter (needed for the test of sendmsg()
in configure to enable FD passing).
- fixes DoS with MailFollowURLs (CVE-2008-2713)
- improves handling of PDF, CAB, RTF, OLE2 and HTML files
and includes various bugfixes for 0.93 issues.
"if it works" mbalmer@
least one highly critical (remote). See http://secunia.com/advisories/29000
for details.
Thanks to kurt@ for helping analyzing the threaded code issues.
Note to -stable ports maintainers: This should probably be put into -stable
since the ClamAV people do not provide virus data to outdated scan engines.
ok simon
fixes:
- ClamAV CAB File Unstore Buffer Overflow Vulnerability
- File descriptor leak in CHM handler
- PDF fd leak
From the original annoucement:
**Important note**: on April 16th CHM, CAB and PDF handlers will be
disabled for 0.90 and 0.90.1 users through the dynamic engine
configuration module (DCONF). Please upgrade to 0.90.2 immediately.
- Build a new version even if the old one is still installed
- Only chmod 700 the /var/clamav/quantine directory
From Jeremy Evans <jeremyevans0@gmail.com>
This release improves virus detection and fixes zip handling on 64-bit
architectures.
SECURITY
This release fixes a possible security problem in freshclam.
See http://www.clamav.net/security/0.88.2.html for a full security report.
