cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
154,387 Commits 1 Branch 0 Tags
Commit Graph

146 Commits

Author SHA1 Message Date
sthen
e4d525dea1 update to clamav-0.103.1 2021-02-09 21:39:08 +00:00
sthen
c1856fb9b3 update to clamav-0.103.0. This version now supports reloading signatures 
without blocking scans, at the cost of higher memory use. This is enabled
by default; set ConcurrentDatabaseReload to No if this is a problem.
 2020-09-15 09:08:36 +00:00
sthen
955ba39131 update to clamav-0.102.4 2020-07-20 11:42:54 +00:00
sthen
6cc9779250 switch my maintainer email addresses to my own domain 2020-07-11 22:54:35 +00:00
sthen
ebb41ca4a5 clamav: remove stray \ which was masking FAKE_FLAGS 2020-05-23 21:26:08 +00:00
sthen
487d440729 clamav: set OBJC="${CC}" to use clang on clang arches, rather than 
trying to auto detect, which picks up gcc on those base-clang arches
which still install gcc (which I think is now causing more problems
than it solves).

Fixes a build problem reported by solene@ on i386 with old /usr/bin/gcc
present after the installer auto-removed old gcc-libs.
 2020-05-21 21:05:21 +00:00
sthen
6793a5e360 update to clamav-0.102.3 
- [CVE-2020-3327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327):
  Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that
  could cause a Denial-of-Service (DoS) condition. Improper bounds checking of
  an unsigned variable results in an out-of-bounds read which causes a crash.

  Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ
  parsing vulnerability.

- [CVE-2020-3341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341):
  Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that
  could cause a Denial-of-Service (DoS) condition. Improper size checking of
  a buffer used to initialize AES decryption routines results in an out-of-
  bounds read which may cause a crash. Bug found by OSS-Fuzz.

- Fix "Attempt to allocate 0 bytes" error when parsing some PDF documents.

- Fix a couple of minor memory leaks.

- Updated libclamunrar to UnRAR 5.9.2.
 2020-05-16 12:25:10 +00:00
sthen
e82f672510 update to clamav-0.102.2, amongst others including a fix for a 
possible DoS (out-of-bounds read -> crash) when using the credit card
data-loss-prevention feature.
 2020-02-06 11:52:09 +00:00
sthen
598ff65966 update to clamav-0.102.1, lower daemon_timeout 2019-11-20 19:00:24 +00:00
sthen
54e4f361e4 update to clamav-0.102.0 
(slightly delayed while i tracked down the upstream commit fixing clamav-milter)
 2019-11-19 15:35:37 +00:00
ajacoutot
02f2057fb4 Increase daemon_timeout to 120s; loading signatures on startup takes an 
insane amount of time...

ok sthen@ (maintainer)
 2019-10-20 10:57:14 +00:00
sthen
6f4b8a84c5 update to clamav 0.101.4, 
- out of bounds write in NSIS bzip2 library
- improvements to the zip bomb mitigations added in 0.101.3, there is now
a maximum scan time limit, defaulting to 2 minutes
 2019-08-22 16:22:07 +00:00
sthen
a21218f286 update to clamav-0.101.3 
fix DoS when scanning a non-recursive zip bomb
 2019-08-05 20:09:58 +00:00
sthen
9c6e9626b9 s/PERMIT_PACKAGE_CDROM/PERMIT_PACKAGE/ and some light whitespace tidying 
in ports which I maintain
 2019-06-03 16:06:50 +00:00
sthen
5037fd9f7b use ports libmspack; should avoid intermittent problems seen building 
clamav's bundled version
 2019-05-29 14:17:05 +00:00
solene
8526c1d18d Update to clamav-0.101.2 
fix the following CVEs:
- CVE-2019-1785
- CVE-2019-1786
- CVE-2019-1787
- CVE-2019-1789
- CVE-2019-1788
- CVE-2019-1798

ok sthen@
 2019-03-28 14:30:01 +00:00
sthen
6ce588ddcf update to clamav-0.101.1 2019-01-07 22:49:14 +00:00
sthen
b4a89ef73b fix previous a different way that avoids the extra headers 2018-12-04 13:40:06 +00:00
sthen
bfed3247f0 some additional headers are needed to use libclamav but aren't installed by 
default; install them, and use a subdir because one of them has a common name
 2018-12-04 13:23:11 +00:00
sthen
4f38af6a00 update to ClamAV 0.101.0 2018-12-04 12:33:40 +00:00
sthen
be78d0efa1 security update to clamav-0.100.2 2018-10-03 22:05:57 +00:00
jasper
113e6a1c54 security update to clamav-0.100.1 
https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html

ok sthen@ (MAINTAINER)
 2018-07-26 19:52:55 +00:00
sthen
b69881dacb update to clamav-0.100.0 2018-04-11 21:35:58 +00:00
juanfra
a09d860b34 Missing TEST_DEPENDS. OK sthen@(MAINTAINER). 2018-03-08 19:52:03 +00:00
sthen
feebae3a0f update to clamav-0.99.4 
- fixes for the following CVE's: CVE-2012-6706, CVE-2017-6419,
CVE-2017-11423, CVE-2018-0202, and CVE-2018-1000085.

- also included are 2 fixes for file descriptor leaks as well fixes for
a handful of other important bugs,
 2018-03-02 15:53:16 +00:00
sthen
fc75f5bc20 update to clamav-0.99.3 2018-02-16 21:32:45 +00:00
rpe
9a8b5ccd06 Change the shebang line from /bin/sh to /bin/ksh in all ports rc.d 
daemon scripts and bump subpackages that contain the *.rc scripts.

discussed with and OK aja@
OK tb
 2018-01-11 19:27:01 +00:00
sthen
0ee78c58ec set daemon_timeout for clamd; startup can be rather slow if you have large 
rulesets (for example the sanesecurity anti-spam/malware rules often used
on mail servers)
 2017-05-28 20:12:51 +00:00
espie
25edae6454 clean non portable construct from include. stops clang warnings 2017-05-25 13:28:27 +00:00
sthen
c15b136e13 sync WANTLIB (and in one case, add gettext to LIB_DEPENDS) in dependent ports 
now that internationalised domain name support has been removed from net/curl
 2016-11-04 11:35:18 +00:00
sthen
15683ebe8b move clamav to using pcre2 2016-11-03 21:10:57 +00:00
ajacoutot
2364f58320 Prevent picking up pcre2 (for now). 
ok sthen@ (maintainer)
 2016-11-01 12:01:10 +00:00
sthen
e6cd1eae4f disable JIT which requires a W|X mapping 2016-05-22 21:03:33 +00:00
sthen
42ba100272 update to clamav-0.99.2 
still using the bundled llvm, the one in devel/llvm is too new
 2016-05-04 07:12:55 +00:00
sthen
fd870f2264 Clean up some bits missed in yesterday's systrace removal. 2016-04-26 10:56:59 +00:00
naddy
c253f424ca garbage collect CONFIGURE_SHARED 2016-03-11 19:59:11 +00:00
sthen
3084ac5727 update to clamav-0.99.1 2016-03-03 02:09:09 +00:00
tobiasu
1531435f78 add sparc to the --disable-llvm group 2016-02-20 15:23:43 +00:00
sthen
4a61bb7b1e uncomment the "User _clamav" line in sample config. 
clamd won't run without editing this file anyway, but in case somebody
doesn't notice this line while reviewing the file, use a better default.
 2016-02-09 02:31:23 +00:00
jasper
9e2f89b552 - use ${MACHINE_ARCH} instead of ${ARCH} for consistency across the tree 
- unbreak build on mips64 by adding it to the list of arches where llvm is disabled

ok sthen@ (MAINTAINER)
 2016-01-25 20:20:53 +00:00
sthen
44ed2020ab update to clamav-0.99 2015-12-01 23:25:09 +00:00
sthen
3b17209faa Remove clamav run deps on lha, arc and unzip. I don't see anywhere where they 
can possibly be used (there is an internal lib for unzip) and in the event
I missed a call to use them, users can make their own decision if they
want to have unmaintained decompression tools on their system.
 2015-11-20 16:50:06 +00:00
sthen
981d86d970 sync WANTLIB (curl+nghttp2) 2015-10-30 12:59:16 +00:00
sthen
836f85356a Disable LLVM in clamd on sparc64, the bundled one requires additional 
patching to work there, and ports/devel/llvm is unsuitable (halfway between
versions and files moved). Reported/tested by Markus Lude, thank you -
some other arch may also need this.
 2015-05-05 15:03:21 +00:00
sthen
f373199b36 Update to ClamAV 0.98.7, including several crash/infinite loop fixes (CVEs) 
and various improvements.

http://lists.clamav.net/pipermail/clamav-announce/2015/000011.html
 2015-04-29 21:27:39 +00:00
sthen
e9ea937b3e SECURITY update to clamav 0.98.6, tested by myself and ajacoutot on various 
arches, ok ajacoutot

http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html
 2015-01-28 15:13:51 +00:00
sthen
9661f0eb5d ensure -current version > -stable version 2014-11-19 11:40:53 +00:00
sthen
167593e9ae SECURITY update to clamav 0.98.5 (crash fixes for various maliciously crafted 
files, improved detection of malicious PE files, new file formats)
 2014-11-19 00:18:01 +00:00
ajacoutot
4098a830f9 Cope with recent sendmail subpackaging. 
Fix ports that were not able to find the milter includes (since it's not
under /usr/includes anymore).
 2014-09-17 09:13:12 +00:00
jca
7bb00aaf69 Cope with sendmail (and libmilter) moving to ports. 
Input from sthen@, ok ajacoutot@ sthen@
 2014-09-17 07:52:42 +00:00