- fixes for the following CVE's: CVE-2012-6706, CVE-2017-6419,
CVE-2017-11423, CVE-2018-0202, and CVE-2018-1000085.
- also included are 2 fixes for file descriptor leaks as well fixes for
a handful of other important bugs,
can possibly be used (there is an internal lib for unzip) and in the event
I missed a call to use them, users can make their own decision if they
want to have unmaintained decompression tools on their system.
patching to work there, and ports/devel/llvm is unsuitable (halfway between
versions and files moved). Reported/tested by Markus Lude, thank you -
some other arch may also need this.
updated to GPLv2 + openssl exemptions.
notably: "Change to circumvent possible denial of service when processing
icons within specially crafted PE files. Icon limits are now in place with
corresponding clamd and clamscan configuration parameters."
also:
- support for common raw disk image formats
- experimental support of OpenIOC files in the signature database location
("No OpenIOC files will be delivered through freshclam")
- IPv6 now supported on all network sockets
- use OpenSSL file hash functions
- improved detection of malware scripts within image files
- pattern matcher improvements
- opt-in collection of statistics (--enable-stats / StatsEnabled) - NOT default
- various other fixes and improvements
libclamav major bump.
is broken on !amd64 64-bit arch which invalidates assumptions in the code.
Workaround by taking a diff from clamav upstream. This fixes a problem reported
by Markus Lude where freshclam signature checks fail - researched by him and
port diff from him (I just added a bit of commentary to the patch file).
- signature improvements, performance improvements, support for new file
types including ISO9660, Flash, self-extracting 7z files
- more configurable limits
- callbacks added to API
while there, drop run dependency on zoo; clamav actually switched from zoo
to unzoo (which we don't have in ports) in 0.60(!) so this was doing nothing.
"ClamAV 0.97.8 addresses several reported potential security bugs.
Thanks to Felix Groebert of the Google Security Team for finding and
reporting these issues."
- fixes in PE and autoit decoding
- off by one malloc in SIS format handler
- minor changes to freshclam
- add error checking in md5 (memcpy etc.)
"addresses several reported potential security bugs." (full details not
available yet, but there are some added checks for pointer out of bounds
in WWPack decompression).
ClamAV 0.97.5 addresses possible evasion cases in some archive formats
(CVE-2012-1457, CVE-2012-1458, CVE-2012-1459). It also addresses stability
issues in portions of the bytecode engine. This release is recommended for all
users.
