can possibly be used (there is an internal lib for unzip) and in the event
I missed a call to use them, users can make their own decision if they
want to have unmaintained decompression tools on their system.
patching to work there, and ports/devel/llvm is unsuitable (halfway between
versions and files moved). Reported/tested by Markus Lude, thank you -
some other arch may also need this.
updated to GPLv2 + openssl exemptions.
notably: "Change to circumvent possible denial of service when processing
icons within specially crafted PE files. Icon limits are now in place with
corresponding clamd and clamscan configuration parameters."
also:
- support for common raw disk image formats
- experimental support of OpenIOC files in the signature database location
("No OpenIOC files will be delivered through freshclam")
- IPv6 now supported on all network sockets
- use OpenSSL file hash functions
- improved detection of malware scripts within image files
- pattern matcher improvements
- opt-in collection of statistics (--enable-stats / StatsEnabled) - NOT default
- various other fixes and improvements
libclamav major bump.
is broken on !amd64 64-bit arch which invalidates assumptions in the code.
Workaround by taking a diff from clamav upstream. This fixes a problem reported
by Markus Lude where freshclam signature checks fail - researched by him and
port diff from him (I just added a bit of commentary to the patch file).
- signature improvements, performance improvements, support for new file
types including ISO9660, Flash, self-extracting 7z files
- more configurable limits
- callbacks added to API
while there, drop run dependency on zoo; clamav actually switched from zoo
to unzoo (which we don't have in ports) in 0.60(!) so this was doing nothing.
"ClamAV 0.97.8 addresses several reported potential security bugs.
Thanks to Felix Groebert of the Google Security Team for finding and
reporting these issues."
- fixes in PE and autoit decoding
- off by one malloc in SIS format handler
- minor changes to freshclam
- add error checking in md5 (memcpy etc.)
"addresses several reported potential security bugs." (full details not
available yet, but there are some added checks for pointer out of bounds
in WWPack decompression).
ClamAV 0.97.5 addresses possible evasion cases in some archive formats
(CVE-2012-1457, CVE-2012-1458, CVE-2012-1459). It also addresses stability
issues in portions of the bytecode engine. This release is recommended for all
users.
parameter to daemonize, move the parameter from daemon to daemon_flags,
so that the user cannot inadvertently prevent it from daemonizing by
adjusting the flags.
Discussed with ajacoutot and schwarze, this method was suggested
by schwarze@ as a simpler alternative to my diff. ok aja@
in typical clamav tradition, release notes say "ClamAV 0.97.3 is a
minor bugfix release and is recommended for all users", secunia says:
A vulnerability has been reported in ClamAV, which can be exploited by
malicious people to cause a DoS (Denial of Service) and potentially
compromise a vulnerable system.
The vulnerability is caused due to errors related to the handling of
recursion levels within the "cli_bcapi_extract_new()"
(libclamav/bytecode_api.c) and "cli_bytecode_runhook()"
(libclamav/bytecode.c) functions, which can be exploited to e.g. cause
a crash via specially crafted files.
PLIST and delete everything under the @sample'd directory instead of the
directory itself to prevent a warning from pkg_delete(1) trying to
remove a non existing directory and to help preventing left-over files
and directories.
