Package: release.debian.org User: release.debian....@packages.debian.org Usertags: pu Tags: stretch Severity: normal
ClamAV upstream released 0.102.3 fixing two CVEs. From their news: |ClamAV 0.102.3 is a bug patch release to address the following issues. | |- [CVE-2020-3327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327): | Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that | could cause a Denial-of-Service (DoS) condition. Improper bounds checking of | an unsigned variable results in an out-of-bounds read which causes a crash. | | Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ | parsing vulnerability. | |- [CVE-2020-3341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341): | Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that | could cause a Denial-of-Service (DoS) condition. Improper size checking of | a buffer used to initialize AES decryption routines results in an out-of- | bounds read which may cause a crash. Bug found by OSS-Fuzz. | |- Fix "Attempt to allocate 0 bytes" error when parsing some PDF documents. | |- Fix a couple of minor memory leaks. The 0.102.3 version is in unstable since 16th and migrated to testing. Sebastian
diff -Nru clamav-0.102.2+dfsg/configure clamav-0.102.3+dfsg/configure --- clamav-0.102.2+dfsg/configure 2020-02-04 15:59:26.000000000 +0100 +++ clamav-0.102.3+dfsg/configure 2020-05-12 03:54:49.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for ClamAV 0.102.2. +# Generated by GNU Autoconf 2.69 for ClamAV 0.102.3. # # Report bugs to <https://bugzilla.clamav.net/>. # @@ -592,8 +592,8 @@ # Identity of this package. PACKAGE_NAME='ClamAV' PACKAGE_TARNAME='clamav' -PACKAGE_VERSION='0.102.2' -PACKAGE_STRING='ClamAV 0.102.2' +PACKAGE_VERSION='0.102.3' +PACKAGE_STRING='ClamAV 0.102.3' PACKAGE_BUGREPORT='https://bugzilla.clamav.net/' PACKAGE_URL='https://www.clamav.net/' @@ -1601,7 +1601,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures ClamAV 0.102.2 to adapt to many kinds of systems. +\`configure' configures ClamAV 0.102.3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1682,7 +1682,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of ClamAV 0.102.2:";; + short | recursive ) echo "Configuration of ClamAV 0.102.3:";; esac cat <<\_ACEOF --enable-dependency-tracking @@ -1911,7 +1911,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -ClamAV configure 0.102.2 +ClamAV configure 0.102.3 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2539,7 +2539,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by ClamAV $as_me 0.102.2, which was +It was created by ClamAV $as_me 0.102.3, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -4297,7 +4297,7 @@ # Define the identity of the package. PACKAGE='clamav' - VERSION='0.102.2' + VERSION='0.102.3' # Some tools Automake needs. @@ -6025,7 +6025,7 @@ $as_echo "#define PACKAGE PACKAGE_NAME" >>confdefs.h -VERSION="0.102.2" +VERSION="0.102.3" major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/^0-9//g"` minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/^0-9//g"` @@ -31630,7 +31630,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ClamAV $as_me 0.102.2, which was +This file was extended by ClamAV $as_me 0.102.3, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -31697,7 +31697,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ClamAV config.status 0.102.2 +ClamAV config.status 0.102.3 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" @@ -34548,7 +34548,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ClamAV $as_me 0.102.2, which was +This file was extended by ClamAV $as_me 0.102.3, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -34615,7 +34615,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ClamAV config.status 0.102.2 +ClamAV config.status 0.102.3 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -Nru clamav-0.102.2+dfsg/configure.ac clamav-0.102.3+dfsg/configure.ac --- clamav-0.102.2+dfsg/configure.ac 2020-02-09 14:13:06.000000000 +0100 +++ clamav-0.102.3+dfsg/configure.ac 2020-05-16 11:23:53.000000000 +0200 @@ -22,7 +22,7 @@ dnl For a release change [devel] to the real version [0.xy] dnl also change VERSION below -AC_INIT([ClamAV], [0.102.2], [https://bugzilla.clamav.net/], [clamav], [https://www.clamav.net/]) +AC_INIT([ClamAV], [0.102.3], [https://bugzilla.clamav.net/], [clamav], [https://www.clamav.net/]) dnl put configure auxiliary into config AC_CONFIG_AUX_DIR([config]) diff -Nru clamav-0.102.2+dfsg/debian/changelog clamav-0.102.3+dfsg/debian/changelog --- clamav-0.102.2+dfsg/debian/changelog 2020-02-22 14:43:26.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/changelog 2020-05-22 22:36:49.000000000 +0200 @@ -1,3 +1,12 @@ +clamav (0.102.3+dfsg-0~deb9u1) stretch; urgency=medium + + * Import 0.102.3 + - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module) + - CVE-2020-3341 (A vulnerability in the PDF parsing module) + * Update symbol file. + + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Fri, 22 May 2020 22:36:49 +0200 + clamav (0.102.2+dfsg-0~deb9u1) stretch; urgency=medium * Import 0.102.2 diff -Nru clamav-0.102.2+dfsg/debian/clamav-daemon.manpages clamav-0.102.3+dfsg/debian/clamav-daemon.manpages --- clamav-0.102.2+dfsg/debian/clamav-daemon.manpages 2020-02-22 14:35:38.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/clamav-daemon.manpages 2020-05-22 22:36:34.000000000 +0200 @@ -1,4 +1,4 @@ -docs/man/clamd.8 -docs/man/clamconf.1 -docs/man/clamdtop.1 -docs/man/clamd.conf.5 +debian/tmp/usr/share/man/man1/clamconf.1 +debian/tmp/usr/share/man/man1/clamdtop.1 +debian/tmp/usr/share/man/man5/clamd.conf.5 +debian/tmp/usr/share/man/man8/clamd.8 diff -Nru clamav-0.102.2+dfsg/debian/clamav-freshclam.manpages clamav-0.102.3+dfsg/debian/clamav-freshclam.manpages --- clamav-0.102.2+dfsg/debian/clamav-freshclam.manpages 2020-02-22 14:35:38.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/clamav-freshclam.manpages 2020-05-22 22:36:34.000000000 +0200 @@ -1,2 +1,2 @@ -docs/man/freshclam.1 -docs/man/freshclam.conf.5 +debian/tmp/usr/share/man/man1/freshclam.1 +debian/tmp/usr/share/man/man5/freshclam.conf.5 diff -Nru clamav-0.102.2+dfsg/debian/clamav.manpages clamav-0.102.3+dfsg/debian/clamav.manpages --- clamav-0.102.2+dfsg/debian/clamav.manpages 2020-02-22 14:35:38.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/clamav.manpages 2020-05-22 22:36:34.000000000 +0200 @@ -1,4 +1,4 @@ -docs/man/sigtool.1 -docs/man/clamscan.1 -docs/man/clambc.1 -docs/man/clamsubmit.1 +debian/tmp/usr/share/man/man1/clambc.1 +debian/tmp/usr/share/man/man1/clamscan.1 +debian/tmp/usr/share/man/man1/clamsubmit.1 +debian/tmp/usr/share/man/man1/sigtool.1 diff -Nru clamav-0.102.2+dfsg/debian/clamav-milter.manpages clamav-0.102.3+dfsg/debian/clamav-milter.manpages --- clamav-0.102.2+dfsg/debian/clamav-milter.manpages 2020-02-22 14:35:38.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/clamav-milter.manpages 2020-05-22 22:36:34.000000000 +0200 @@ -1,2 +1,2 @@ -docs/man/clamav-milter.8 -docs/man/clamav-milter.conf.5 +debian/tmp/usr/share/man/man5/clamav-milter.conf.5 +debian/tmp/usr/share/man/man8/clamav-milter.8 diff -Nru clamav-0.102.2+dfsg/debian/clamdscan.manpages clamav-0.102.3+dfsg/debian/clamdscan.manpages --- clamav-0.102.2+dfsg/debian/clamdscan.manpages 2020-02-22 14:35:38.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/clamdscan.manpages 2020-05-22 22:36:34.000000000 +0200 @@ -1 +1 @@ -docs/man/clamdscan.1 +debian/tmp/usr/share/man/man1/clamdscan.1 diff -Nru clamav-0.102.2+dfsg/debian/copyright clamav-0.102.3+dfsg/debian/copyright --- clamav-0.102.2+dfsg/debian/copyright 2020-02-22 14:35:38.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/copyright 2020-05-22 22:36:41.000000000 +0200 @@ -264,8 +264,8 @@ version 2 can be found in the file `/usr/share/common-licenses/LGPL-2'. Files: - libclamav/mspack.c - libclamav/mspack.h + libclamav/libmspack.c + libclamav/libmspack.h libclamunrar_iface/unrar_iface.cpp libclamunrar_iface/unrar_iface.h Copyright: diff -Nru clamav-0.102.2+dfsg/debian/.git-dpm clamav-0.102.3+dfsg/debian/.git-dpm --- clamav-0.102.2+dfsg/debian/.git-dpm 2020-02-22 14:41:35.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/.git-dpm 2020-05-22 22:36:49.000000000 +0200 @@ -1,8 +1,8 @@ # see git-dpm(1) from git-dpm package -94c324bf8286ef17c80d5ec90618721e4b54db7f -94c324bf8286ef17c80d5ec90618721e4b54db7f -86e9d6e715fac2ae18151bde22363273c22aff37 -86e9d6e715fac2ae18151bde22363273c22aff37 -clamav_0.102.2+dfsg.orig.tar.xz -ff24c66c9de5c4973a274b4ba77ea28053f75436 -5017532 +b10cdbb9ecc5701d434d20fb8f96a5ba18c10c15 +b10cdbb9ecc5701d434d20fb8f96a5ba18c10c15 +07c9b9ef63bc584a39143a6cd002d199d1d46397 +07c9b9ef63bc584a39143a6cd002d199d1d46397 +clamav_0.102.3+dfsg.orig.tar.xz +694c77d0aed527d3d135a3ccd7e30729fff55404 +5018320 diff -Nru clamav-0.102.2+dfsg/debian/libclamav9.symbols clamav-0.102.3+dfsg/debian/libclamav9.symbols --- clamav-0.102.2+dfsg/debian/libclamav9.symbols 2020-02-22 14:41:35.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/libclamav9.symbols 2020-05-22 22:36:49.000000000 +0200 @@ -1,19 +1,19 @@ libclamav.so.9 libclamav9 #MINVER# - CLAMAV_PRIVATE@CLAMAV_PRIVATE 0.102.2 + CLAMAV_PRIVATE@CLAMAV_PRIVATE 0.102.3 CLAMAV_PUBLIC@CLAMAV_PUBLIC 0.101.0 - __cli_strcasestr@CLAMAV_PRIVATE 0.102.2 - __cli_strndup@CLAMAV_PRIVATE 0.102.2 - __cli_strnlen@CLAMAV_PRIVATE 0.102.2 - __cli_strnstr@CLAMAV_PRIVATE 0.102.2 - base64Flush@CLAMAV_PRIVATE 0.102.2 - blobAddData@CLAMAV_PRIVATE 0.102.2 - blobCreate@CLAMAV_PRIVATE 0.102.2 - blobDestroy@CLAMAV_PRIVATE 0.102.2 - cl_ASN1_GetTimeT@CLAMAV_PRIVATE 0.102.2 + __cli_strcasestr@CLAMAV_PRIVATE 0.102.3 + __cli_strndup@CLAMAV_PRIVATE 0.102.3 + __cli_strnlen@CLAMAV_PRIVATE 0.102.3 + __cli_strnstr@CLAMAV_PRIVATE 0.102.3 + base64Flush@CLAMAV_PRIVATE 0.102.3 + blobAddData@CLAMAV_PRIVATE 0.102.3 + blobCreate@CLAMAV_PRIVATE 0.102.3 + blobDestroy@CLAMAV_PRIVATE 0.102.3 + cl_ASN1_GetTimeT@CLAMAV_PRIVATE 0.102.3 cl_always_gen_section_hash@CLAMAV_PUBLIC 0.101.0 - cl_base64_decode@CLAMAV_PRIVATE 0.102.2 - cl_base64_encode@CLAMAV_PRIVATE 0.102.2 - cl_cleanup_crypto@CLAMAV_PRIVATE 0.102.2 + cl_base64_decode@CLAMAV_PRIVATE 0.102.3 + cl_base64_encode@CLAMAV_PRIVATE 0.102.3 + cl_cleanup_crypto@CLAMAV_PRIVATE 0.102.3 cl_countsigs@CLAMAV_PUBLIC 0.101.0 cl_cvdfree@CLAMAV_PUBLIC 0.101.0 cl_cvdhead@CLAMAV_PUBLIC 0.101.0 @@ -53,21 +53,21 @@ cl_fmap_close@CLAMAV_PUBLIC 0.101.0 cl_fmap_open_handle@CLAMAV_PUBLIC 0.101.0 cl_fmap_open_memory@CLAMAV_PUBLIC 0.101.0 - cl_get_pkey_file@CLAMAV_PRIVATE 0.102.2 - cl_get_x509_from_mem@CLAMAV_PRIVATE 0.102.2 - cl_hash_data@CLAMAV_PRIVATE 0.102.2 + cl_get_pkey_file@CLAMAV_PRIVATE 0.102.3 + cl_get_x509_from_mem@CLAMAV_PRIVATE 0.102.3 + cl_hash_data@CLAMAV_PRIVATE 0.102.3 cl_hash_destroy@CLAMAV_PUBLIC 0.101.0 - cl_hash_file_fd@CLAMAV_PRIVATE 0.102.2 - cl_hash_file_fd_ctx@CLAMAV_PRIVATE 0.102.2 - cl_hash_file_fp@CLAMAV_PRIVATE 0.102.2 + cl_hash_file_fd@CLAMAV_PRIVATE 0.102.3 + cl_hash_file_fd_ctx@CLAMAV_PRIVATE 0.102.3 + cl_hash_file_fp@CLAMAV_PRIVATE 0.102.3 cl_hash_init@CLAMAV_PUBLIC 0.101.0 cl_init@CLAMAV_PUBLIC 0.101.0 - cl_initialize_crypto@CLAMAV_PRIVATE 0.102.2 + cl_initialize_crypto@CLAMAV_PRIVATE 0.102.3 cl_load@CLAMAV_PUBLIC 0.101.0 - cl_load_cert@CLAMAV_PRIVATE 0.102.2 - cl_load_crl@CLAMAV_PRIVATE 0.102.2 + cl_load_cert@CLAMAV_PRIVATE 0.102.3 + cl_load_crl@CLAMAV_PRIVATE 0.102.3 cl_retdbdir@CLAMAV_PUBLIC 0.101.0 - cl_retflevel@CLAMAV_PUBLIC 0.102.2 + cl_retflevel@CLAMAV_PUBLIC 0.102.3 cl_retver@CLAMAV_PUBLIC 0.101.0 cl_scandesc@CLAMAV_PUBLIC 0.101.0 cl_scandesc_callback@CLAMAV_PUBLIC 0.101.0 @@ -75,188 +75,188 @@ cl_scanfile_callback@CLAMAV_PUBLIC 0.101.0 cl_scanmap_callback@CLAMAV_PUBLIC 0.101.0 cl_set_clcb_msg@CLAMAV_PUBLIC 0.101.0 - cl_sha1@CLAMAV_PRIVATE 0.102.2 - cl_sha256@CLAMAV_PRIVATE 0.102.2 - cl_sign_data@CLAMAV_PRIVATE 0.102.2 - cl_sign_data_keyfile@CLAMAV_PRIVATE 0.102.2 - cl_sign_file_fd@CLAMAV_PRIVATE 0.102.2 - cl_sign_file_fp@CLAMAV_PRIVATE 0.102.2 + cl_sha1@CLAMAV_PRIVATE 0.102.3 + cl_sha256@CLAMAV_PRIVATE 0.102.3 + cl_sign_data@CLAMAV_PRIVATE 0.102.3 + cl_sign_data_keyfile@CLAMAV_PRIVATE 0.102.3 + cl_sign_file_fd@CLAMAV_PRIVATE 0.102.3 + cl_sign_file_fp@CLAMAV_PRIVATE 0.102.3 cl_statchkdir@CLAMAV_PUBLIC 0.101.0 cl_statfree@CLAMAV_PUBLIC 0.101.0 cl_statinidir@CLAMAV_PUBLIC 0.101.0 cl_strerror@CLAMAV_PUBLIC 0.101.0 cl_update_hash@CLAMAV_PUBLIC 0.101.0 - cl_validate_certificate_chain@CLAMAV_PRIVATE 0.102.2 - cl_validate_certificate_chain_ts_dir@CLAMAV_PRIVATE 0.102.2 - cl_verify_signature@CLAMAV_PRIVATE 0.102.2 - cl_verify_signature_fd@CLAMAV_PRIVATE 0.102.2 - cl_verify_signature_fd_x509@CLAMAV_PRIVATE 0.102.2 - cl_verify_signature_fd_x509_keyfile@CLAMAV_PRIVATE 0.102.2 - cl_verify_signature_hash@CLAMAV_PRIVATE 0.102.2 - cl_verify_signature_hash_x509@CLAMAV_PRIVATE 0.102.2 - cl_verify_signature_hash_x509_keyfile@CLAMAV_PRIVATE 0.102.2 - cl_verify_signature_x509@CLAMAV_PRIVATE 0.102.2 - cl_verify_signature_x509_keyfile@CLAMAV_PRIVATE 0.102.2 - cli_ac_buildtrie@CLAMAV_PRIVATE 0.102.2 - cli_ac_chklsig@CLAMAV_PRIVATE 0.102.2 - cli_ac_free@CLAMAV_PRIVATE 0.102.2 - cli_ac_freedata@CLAMAV_PRIVATE 0.102.2 - cli_ac_init@CLAMAV_PRIVATE 0.102.2 - cli_ac_initdata@CLAMAV_PRIVATE 0.102.2 - cli_ac_scanbuff@CLAMAV_PRIVATE 0.102.2 - cli_bm_free@CLAMAV_PRIVATE 0.102.2 - cli_bm_init@CLAMAV_PRIVATE 0.102.2 - cli_bm_scanbuff@CLAMAV_PRIVATE 0.102.2 - cli_build_regex_list@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_context_alloc@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_context_clear@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_context_destroy@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_context_getresult_int@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_context_set_trace@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_context_setfile@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_context_setfuncid@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_context_setparam_int@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_context_setparam_ptr@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_debug@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_debug_printsrc@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_describe@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_destroy@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_done@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_init@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_load@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_prepare2@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_printversion@CLAMAV_PRIVATE 0.102.2 - cli_bytecode_run@CLAMAV_PRIVATE 0.102.2 - cli_bytefunc_describe@CLAMAV_PRIVATE 0.102.2 - cli_byteinst_describe@CLAMAV_PRIVATE 0.102.2 - cli_bytetype_describe@CLAMAV_PRIVATE 0.102.2 - cli_bytevalue_describe@CLAMAV_PRIVATE 0.102.2 - cli_calloc@CLAMAV_PRIVATE 0.102.2 - cli_check_auth_header@CLAMAV_PRIVATE 0.102.2 - cli_chomp@CLAMAV_PRIVATE 0.102.2 - cli_ctime@CLAMAV_PRIVATE 0.102.2 - cli_cvdunpack@CLAMAV_PRIVATE 0.102.2 - cli_dbgmsg_internal@CLAMAV_PRIVATE 0.102.2 - cli_dconf_init@CLAMAV_PRIVATE 0.102.2 - cli_debug_flag@CLAMAV_PRIVATE 0.102.2 - cli_detect_environment@CLAMAV_PRIVATE 0.102.2 - cli_disasm_one@CLAMAV_PRIVATE 0.102.2 - cli_errmsg@CLAMAV_PRIVATE 0.102.2 - cli_filecopy@CLAMAV_PRIVATE 0.102.2 - cli_fmap_scandesc@CLAMAV_PRIVATE 0.102.2 - cli_free_vba_project@CLAMAV_PRIVATE 0.102.2 - cli_ftw@CLAMAV_PRIVATE 0.102.2 - cli_genhash_pe@CLAMAV_PRIVATE 0.102.2 - cli_gentemp@CLAMAV_PRIVATE 0.102.2 - cli_gentemp_with_prefix@CLAMAV_PRIVATE 0.102.2 - cli_gentempfd@CLAMAV_PRIVATE 0.102.2 - cli_gettmpdir@CLAMAV_PRIVATE 0.102.2 - cli_hashfile@CLAMAV_PRIVATE 0.102.2 - cli_hashset_destroy@CLAMAV_PRIVATE 0.102.2 - cli_hashstream@CLAMAV_PRIVATE 0.102.2 - cli_hex2str@CLAMAV_PRIVATE 0.102.2 - cli_hex2ui@CLAMAV_PRIVATE 0.102.2 - cli_initroots@CLAMAV_PRIVATE 0.102.2 - cli_isnumber@CLAMAV_PRIVATE 0.102.2 - cli_js_destroy@CLAMAV_PRIVATE 0.102.2 - cli_js_init@CLAMAV_PRIVATE 0.102.2 - cli_js_output@CLAMAV_PRIVATE 0.102.2 - cli_js_parse_done@CLAMAV_PRIVATE 0.102.2 - cli_js_process_buffer@CLAMAV_PRIVATE 0.102.2 - cli_ldbtokenize@CLAMAV_PRIVATE 0.102.2 - cli_malloc@CLAMAV_PRIVATE 0.102.2 - cli_memstr@CLAMAV_PRIVATE 0.102.2 - cli_ole2_extract@CLAMAV_PRIVATE 0.102.2 - cli_parse_add@CLAMAV_PRIVATE 0.102.2 - cli_pcre_build@CLAMAV_PRIVATE 0.102.2 - cli_pcre_freeoff@CLAMAV_PRIVATE 0.102.2 - cli_pcre_init@CLAMAV_PRIVATE 0.102.2 - cli_pcre_perf_events_destroy@CLAMAV_PRIVATE 0.102.2 - cli_pcre_perf_print@CLAMAV_PRIVATE 0.102.2 - cli_pcre_recaloff@CLAMAV_PRIVATE 0.102.2 - cli_pcre_scanbuf@CLAMAV_PRIVATE 0.102.2 - cli_ppt_vba_read@CLAMAV_PRIVATE 0.102.2 - cli_printcxxver@CLAMAV_PRIVATE 0.102.2 - cli_readn@CLAMAV_PRIVATE 0.102.2 - cli_realloc@CLAMAV_PRIVATE 0.102.2 - cli_regcomp@CLAMAV_PRIVATE 0.102.2 - cli_regex2suffix@CLAMAV_PRIVATE 0.102.2 - cli_regexec@CLAMAV_PRIVATE 0.102.2 - cli_regfree@CLAMAV_PRIVATE 0.102.2 - cli_rmdirs@CLAMAV_PRIVATE 0.102.2 - cli_rndnum@CLAMAV_PRIVATE 0.102.2 - cli_sanitize_filepath@CLAMAV_PRIVATE 0.102.2 - cli_scanbuff@CLAMAV_PRIVATE 0.102.2 - cli_sigopts_handler@CLAMAV_PRIVATE 0.102.2 - cli_sigperf_events_destroy@CLAMAV_PRIVATE 0.102.2 - cli_sigperf_print@CLAMAV_PRIVATE 0.102.2 - cli_str2hex@CLAMAV_PRIVATE 0.102.2 - cli_strbcasestr@CLAMAV_PRIVATE 0.102.2 - cli_strdup@CLAMAV_PRIVATE 0.102.2 - cli_strerror@CLAMAV_PRIVATE 0.102.2 - cli_strlcat@CLAMAV_PRIVATE 0.102.2 - cli_strlcpy@CLAMAV_PRIVATE 0.102.2 - cli_strrcpy@CLAMAV_PRIVATE 0.102.2 - cli_strtok@CLAMAV_PRIVATE 0.102.2 - cli_strtokbuf@CLAMAV_PRIVATE 0.102.2 - cli_strtokenize@CLAMAV_PRIVATE 0.102.2 - cli_textbuffer_append_normalize@CLAMAV_PRIVATE 0.102.2 - cli_unescape@CLAMAV_PRIVATE 0.102.2 - cli_unlink@CLAMAV_PRIVATE 0.102.2 - cli_url_canon@CLAMAV_PRIVATE 0.102.2 - cli_utf16_to_utf8@CLAMAV_PRIVATE 0.102.2 - cli_utf16toascii@CLAMAV_PRIVATE 0.102.2 - cli_vba_inflate@CLAMAV_PRIVATE 0.102.2 - cli_vba_readdir@CLAMAV_PRIVATE 0.102.2 - cli_versig2@CLAMAV_PRIVATE 0.102.2 - cli_versig@CLAMAV_PRIVATE 0.102.2 - cli_warnmsg@CLAMAV_PRIVATE 0.102.2 - cli_wm_decrypt_macro@CLAMAV_PRIVATE 0.102.2 - cli_wm_readdir@CLAMAV_PRIVATE 0.102.2 - cli_writen@CLAMAV_PRIVATE 0.102.2 - decodeLine@CLAMAV_PRIVATE 0.102.2 - disasmbuf@CLAMAV_PRIVATE 0.102.2 - fmap@CLAMAV_PRIVATE 0.102.2 - get_fpu_endian@CLAMAV_PRIVATE 0.102.2 - have_clamjit@CLAMAV_PRIVATE 0.102.2 - have_rar@CLAMAV_PRIVATE 0.102.2 - html_normalise_map@CLAMAV_PRIVATE 0.102.2 - html_normalise_mem@CLAMAV_PRIVATE 0.102.2 - html_screnc_decode@CLAMAV_PRIVATE 0.102.2 - html_tag_arg_free@CLAMAV_PRIVATE 0.102.2 - init_domainlist@CLAMAV_PRIVATE 0.102.2 - init_regex_list@CLAMAV_PRIVATE 0.102.2 - init_whitelist@CLAMAV_PRIVATE 0.102.2 - is_regex_ok@CLAMAV_PRIVATE 0.102.2 - load_regex_matcher@CLAMAV_PRIVATE 0.102.2 + cl_validate_certificate_chain@CLAMAV_PRIVATE 0.102.3 + cl_validate_certificate_chain_ts_dir@CLAMAV_PRIVATE 0.102.3 + cl_verify_signature@CLAMAV_PRIVATE 0.102.3 + cl_verify_signature_fd@CLAMAV_PRIVATE 0.102.3 + cl_verify_signature_fd_x509@CLAMAV_PRIVATE 0.102.3 + cl_verify_signature_fd_x509_keyfile@CLAMAV_PRIVATE 0.102.3 + cl_verify_signature_hash@CLAMAV_PRIVATE 0.102.3 + cl_verify_signature_hash_x509@CLAMAV_PRIVATE 0.102.3 + cl_verify_signature_hash_x509_keyfile@CLAMAV_PRIVATE 0.102.3 + cl_verify_signature_x509@CLAMAV_PRIVATE 0.102.3 + cl_verify_signature_x509_keyfile@CLAMAV_PRIVATE 0.102.3 + cli_ac_buildtrie@CLAMAV_PRIVATE 0.102.3 + cli_ac_chklsig@CLAMAV_PRIVATE 0.102.3 + cli_ac_free@CLAMAV_PRIVATE 0.102.3 + cli_ac_freedata@CLAMAV_PRIVATE 0.102.3 + cli_ac_init@CLAMAV_PRIVATE 0.102.3 + cli_ac_initdata@CLAMAV_PRIVATE 0.102.3 + cli_ac_scanbuff@CLAMAV_PRIVATE 0.102.3 + cli_bm_free@CLAMAV_PRIVATE 0.102.3 + cli_bm_init@CLAMAV_PRIVATE 0.102.3 + cli_bm_scanbuff@CLAMAV_PRIVATE 0.102.3 + cli_build_regex_list@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_context_alloc@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_context_clear@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_context_destroy@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_context_getresult_int@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_context_set_trace@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_context_setfile@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_context_setfuncid@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_context_setparam_int@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_context_setparam_ptr@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_debug@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_debug_printsrc@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_describe@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_destroy@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_done@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_init@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_load@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_prepare2@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_printversion@CLAMAV_PRIVATE 0.102.3 + cli_bytecode_run@CLAMAV_PRIVATE 0.102.3 + cli_bytefunc_describe@CLAMAV_PRIVATE 0.102.3 + cli_byteinst_describe@CLAMAV_PRIVATE 0.102.3 + cli_bytetype_describe@CLAMAV_PRIVATE 0.102.3 + cli_bytevalue_describe@CLAMAV_PRIVATE 0.102.3 + cli_calloc@CLAMAV_PRIVATE 0.102.3 + cli_check_auth_header@CLAMAV_PRIVATE 0.102.3 + cli_chomp@CLAMAV_PRIVATE 0.102.3 + cli_ctime@CLAMAV_PRIVATE 0.102.3 + cli_cvdunpack@CLAMAV_PRIVATE 0.102.3 + cli_dbgmsg_internal@CLAMAV_PRIVATE 0.102.3 + cli_dconf_init@CLAMAV_PRIVATE 0.102.3 + cli_debug_flag@CLAMAV_PRIVATE 0.102.3 + cli_detect_environment@CLAMAV_PRIVATE 0.102.3 + cli_disasm_one@CLAMAV_PRIVATE 0.102.3 + cli_errmsg@CLAMAV_PRIVATE 0.102.3 + cli_filecopy@CLAMAV_PRIVATE 0.102.3 + cli_fmap_scandesc@CLAMAV_PRIVATE 0.102.3 + cli_free_vba_project@CLAMAV_PRIVATE 0.102.3 + cli_ftw@CLAMAV_PRIVATE 0.102.3 + cli_genhash_pe@CLAMAV_PRIVATE 0.102.3 + cli_gentemp@CLAMAV_PRIVATE 0.102.3 + cli_gentemp_with_prefix@CLAMAV_PRIVATE 0.102.3 + cli_gentempfd@CLAMAV_PRIVATE 0.102.3 + cli_gettmpdir@CLAMAV_PRIVATE 0.102.3 + cli_hashfile@CLAMAV_PRIVATE 0.102.3 + cli_hashset_destroy@CLAMAV_PRIVATE 0.102.3 + cli_hashstream@CLAMAV_PRIVATE 0.102.3 + cli_hex2str@CLAMAV_PRIVATE 0.102.3 + cli_hex2ui@CLAMAV_PRIVATE 0.102.3 + cli_initroots@CLAMAV_PRIVATE 0.102.3 + cli_isnumber@CLAMAV_PRIVATE 0.102.3 + cli_js_destroy@CLAMAV_PRIVATE 0.102.3 + cli_js_init@CLAMAV_PRIVATE 0.102.3 + cli_js_output@CLAMAV_PRIVATE 0.102.3 + cli_js_parse_done@CLAMAV_PRIVATE 0.102.3 + cli_js_process_buffer@CLAMAV_PRIVATE 0.102.3 + cli_ldbtokenize@CLAMAV_PRIVATE 0.102.3 + cli_malloc@CLAMAV_PRIVATE 0.102.3 + cli_memstr@CLAMAV_PRIVATE 0.102.3 + cli_ole2_extract@CLAMAV_PRIVATE 0.102.3 + cli_parse_add@CLAMAV_PRIVATE 0.102.3 + cli_pcre_build@CLAMAV_PRIVATE 0.102.3 + cli_pcre_freeoff@CLAMAV_PRIVATE 0.102.3 + cli_pcre_init@CLAMAV_PRIVATE 0.102.3 + cli_pcre_perf_events_destroy@CLAMAV_PRIVATE 0.102.3 + cli_pcre_perf_print@CLAMAV_PRIVATE 0.102.3 + cli_pcre_recaloff@CLAMAV_PRIVATE 0.102.3 + cli_pcre_scanbuf@CLAMAV_PRIVATE 0.102.3 + cli_ppt_vba_read@CLAMAV_PRIVATE 0.102.3 + cli_printcxxver@CLAMAV_PRIVATE 0.102.3 + cli_readn@CLAMAV_PRIVATE 0.102.3 + cli_realloc@CLAMAV_PRIVATE 0.102.3 + cli_regcomp@CLAMAV_PRIVATE 0.102.3 + cli_regex2suffix@CLAMAV_PRIVATE 0.102.3 + cli_regexec@CLAMAV_PRIVATE 0.102.3 + cli_regfree@CLAMAV_PRIVATE 0.102.3 + cli_rmdirs@CLAMAV_PRIVATE 0.102.3 + cli_rndnum@CLAMAV_PRIVATE 0.102.3 + cli_sanitize_filepath@CLAMAV_PRIVATE 0.102.3 + cli_scanbuff@CLAMAV_PRIVATE 0.102.3 + cli_sigopts_handler@CLAMAV_PRIVATE 0.102.3 + cli_sigperf_events_destroy@CLAMAV_PRIVATE 0.102.3 + cli_sigperf_print@CLAMAV_PRIVATE 0.102.3 + cli_str2hex@CLAMAV_PRIVATE 0.102.3 + cli_strbcasestr@CLAMAV_PRIVATE 0.102.3 + cli_strdup@CLAMAV_PRIVATE 0.102.3 + cli_strerror@CLAMAV_PRIVATE 0.102.3 + cli_strlcat@CLAMAV_PRIVATE 0.102.3 + cli_strlcpy@CLAMAV_PRIVATE 0.102.3 + cli_strrcpy@CLAMAV_PRIVATE 0.102.3 + cli_strtok@CLAMAV_PRIVATE 0.102.3 + cli_strtokbuf@CLAMAV_PRIVATE 0.102.3 + cli_strtokenize@CLAMAV_PRIVATE 0.102.3 + cli_textbuffer_append_normalize@CLAMAV_PRIVATE 0.102.3 + cli_unescape@CLAMAV_PRIVATE 0.102.3 + cli_unlink@CLAMAV_PRIVATE 0.102.3 + cli_url_canon@CLAMAV_PRIVATE 0.102.3 + cli_utf16_to_utf8@CLAMAV_PRIVATE 0.102.3 + cli_utf16toascii@CLAMAV_PRIVATE 0.102.3 + cli_vba_inflate@CLAMAV_PRIVATE 0.102.3 + cli_vba_readdir@CLAMAV_PRIVATE 0.102.3 + cli_versig2@CLAMAV_PRIVATE 0.102.3 + cli_versig@CLAMAV_PRIVATE 0.102.3 + cli_warnmsg@CLAMAV_PRIVATE 0.102.3 + cli_wm_decrypt_macro@CLAMAV_PRIVATE 0.102.3 + cli_wm_readdir@CLAMAV_PRIVATE 0.102.3 + cli_writen@CLAMAV_PRIVATE 0.102.3 + decodeLine@CLAMAV_PRIVATE 0.102.3 + disasmbuf@CLAMAV_PRIVATE 0.102.3 + fmap@CLAMAV_PRIVATE 0.102.3 + get_fpu_endian@CLAMAV_PRIVATE 0.102.3 + have_clamjit@CLAMAV_PRIVATE 0.102.3 + have_rar@CLAMAV_PRIVATE 0.102.3 + html_normalise_map@CLAMAV_PRIVATE 0.102.3 + html_normalise_mem@CLAMAV_PRIVATE 0.102.3 + html_screnc_decode@CLAMAV_PRIVATE 0.102.3 + html_tag_arg_free@CLAMAV_PRIVATE 0.102.3 + init_domainlist@CLAMAV_PRIVATE 0.102.3 + init_regex_list@CLAMAV_PRIVATE 0.102.3 + init_whitelist@CLAMAV_PRIVATE 0.102.3 + is_regex_ok@CLAMAV_PRIVATE 0.102.3 + load_regex_matcher@CLAMAV_PRIVATE 0.102.3 lsig_sub_matched@CLAMAV_PUBLIC 0.101.0 - messageCreate@CLAMAV_PRIVATE 0.102.2 - messageDestroy@CLAMAV_PRIVATE 0.102.2 - mpool_calloc@CLAMAV_PRIVATE 0.102.2 - mpool_create@CLAMAV_PRIVATE 0.102.2 - mpool_destroy@CLAMAV_PRIVATE 0.102.2 - mpool_free@CLAMAV_PRIVATE 0.102.2 - mpool_getstats@CLAMAV_PRIVATE 0.102.2 - phishingScan@CLAMAV_PRIVATE 0.102.2 - phishing_done@CLAMAV_PRIVATE 0.102.2 - phishing_init@CLAMAV_PRIVATE 0.102.2 - regex_list_add_pattern@CLAMAV_PRIVATE 0.102.2 - regex_list_done@CLAMAV_PRIVATE 0.102.2 - regex_list_match@CLAMAV_PRIVATE 0.102.2 - tableCreate@CLAMAV_PRIVATE 0.102.2 - tableDestroy@CLAMAV_PRIVATE 0.102.2 - tableFind@CLAMAV_PRIVATE 0.102.2 - tableInsert@CLAMAV_PRIVATE 0.102.2 - tableIterate@CLAMAV_PRIVATE 0.102.2 - tableRemove@CLAMAV_PRIVATE 0.102.2 - tableUpdate@CLAMAV_PRIVATE 0.102.2 - text_normalize_init@CLAMAV_PRIVATE 0.102.2 - text_normalize_map@CLAMAV_PRIVATE 0.102.2 - text_normalize_reset@CLAMAV_PRIVATE 0.102.2 - uniq_add@CLAMAV_PRIVATE 0.102.2 - uniq_free@CLAMAV_PRIVATE 0.102.2 - uniq_get@CLAMAV_PRIVATE 0.102.2 - uniq_init@CLAMAV_PRIVATE 0.102.2 + messageCreate@CLAMAV_PRIVATE 0.102.3 + messageDestroy@CLAMAV_PRIVATE 0.102.3 + mpool_calloc@CLAMAV_PRIVATE 0.102.3 + mpool_create@CLAMAV_PRIVATE 0.102.3 + mpool_destroy@CLAMAV_PRIVATE 0.102.3 + mpool_free@CLAMAV_PRIVATE 0.102.3 + mpool_getstats@CLAMAV_PRIVATE 0.102.3 + phishingScan@CLAMAV_PRIVATE 0.102.3 + phishing_done@CLAMAV_PRIVATE 0.102.3 + phishing_init@CLAMAV_PRIVATE 0.102.3 + regex_list_add_pattern@CLAMAV_PRIVATE 0.102.3 + regex_list_done@CLAMAV_PRIVATE 0.102.3 + regex_list_match@CLAMAV_PRIVATE 0.102.3 + tableCreate@CLAMAV_PRIVATE 0.102.3 + tableDestroy@CLAMAV_PRIVATE 0.102.3 + tableFind@CLAMAV_PRIVATE 0.102.3 + tableInsert@CLAMAV_PRIVATE 0.102.3 + tableIterate@CLAMAV_PRIVATE 0.102.3 + tableRemove@CLAMAV_PRIVATE 0.102.3 + tableUpdate@CLAMAV_PRIVATE 0.102.3 + text_normalize_init@CLAMAV_PRIVATE 0.102.3 + text_normalize_map@CLAMAV_PRIVATE 0.102.3 + text_normalize_reset@CLAMAV_PRIVATE 0.102.3 + uniq_add@CLAMAV_PRIVATE 0.102.3 + uniq_free@CLAMAV_PRIVATE 0.102.3 + uniq_get@CLAMAV_PRIVATE 0.102.3 + uniq_init@CLAMAV_PRIVATE 0.102.3 libfreshclam.so.2 libclamav9 #MINVER# FRESHCLAM_PRIVATE@FRESHCLAM_PRIVATE 0.102.1 FRESHCLAM_PUBLIC@FRESHCLAM_PUBLIC 0.102.1 diff -Nru clamav-0.102.2+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch clamav-0.102.3+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch --- clamav-0.102.2+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch 2020-02-22 14:41:35.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch 2020-05-22 22:36:49.000000000 +0200 @@ -1,4 +1,4 @@ -From 264d28b6f6f3736b3e5f95e44bd3b91333616c87 Mon Sep 17 00:00:00 2001 +From 999702432f61c2eab095885ac24937bb3e13717a Mon Sep 17 00:00:00 2001 From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> Date: Fri, 14 Oct 2016 20:24:39 +0200 Subject: Add support for LLVM 3.7 diff -Nru clamav-0.102.2+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch clamav-0.102.3+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch --- clamav-0.102.2+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch 2020-02-22 14:41:35.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch 2020-05-22 22:36:49.000000000 +0200 @@ -1,4 +1,4 @@ -From 67ddb5e255ecb60b6f7e53b1202c13d1f9c84737 Mon Sep 17 00:00:00 2001 +From 4689efc0440e8df1d3abf5e366a702cad02abb70 Mon Sep 17 00:00:00 2001 From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> Date: Fri, 14 Oct 2016 20:24:48 +0200 Subject: Add support for LLVM 3.8 diff -Nru clamav-0.102.2+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch clamav-0.102.3+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch --- clamav-0.102.2+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch 2020-02-22 14:41:35.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch 2020-05-22 22:36:49.000000000 +0200 @@ -1,4 +1,4 @@ -From 3109e0b0cf567b544880705a02c8d1ccaa948d1e Mon Sep 17 00:00:00 2001 +From 24b4a5487f48a7ac447fea70148b39954e4b53a3 Mon Sep 17 00:00:00 2001 From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> Date: Fri, 14 Oct 2016 20:24:56 +0200 Subject: Add support for LLVM 3.9 diff -Nru clamav-0.102.2+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch clamav-0.102.3+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch --- clamav-0.102.2+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch 2020-02-22 14:41:35.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch 2020-05-22 22:36:49.000000000 +0200 @@ -1,4 +1,4 @@ -From e473ff9be514ac12ce3f3cd8e5f1073bad989e39 Mon Sep 17 00:00:00 2001 +From c384df4d67255435941e482673dff3960e0f935b Mon Sep 17 00:00:00 2001 From: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> Date: Wed, 11 Mar 2015 20:03:15 +0100 Subject: add support for system tomsfastmath @@ -14,7 +14,7 @@ create mode 100644 m4/reorganization/libs/tomsfastmath.m4 diff --git a/configure.ac b/configure.ac -index 528c098..8617ea6 100644 +index 8375971..3cacfb8 100644 --- a/configure.ac +++ b/configure.ac @@ -98,6 +98,7 @@ m4_include([m4/reorganization/libs/libmspack.m4]) diff -Nru clamav-0.102.2+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch clamav-0.102.3+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch --- clamav-0.102.2+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch 2020-02-22 14:41:35.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch 2020-05-22 22:36:49.000000000 +0200 @@ -1,4 +1,4 @@ -From d449a2392437a0a1391926dcf6d617844812e301 Mon Sep 17 00:00:00 2001 +From 7cdef11ecf285aaad96931d2ce7685d05178ef7b Mon Sep 17 00:00:00 2001 From: Scott Kitterman <sc...@kitterman.com> Date: Mon, 10 Mar 2014 19:20:18 -0400 Subject: Change paths in sample conf file to match Debian diff -Nru clamav-0.102.2+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch clamav-0.102.3+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch --- clamav-0.102.2+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch 2020-02-22 14:41:35.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch 2020-05-22 22:36:49.000000000 +0200 @@ -1,4 +1,4 @@ -From 2f42b33eac7f8eb8beeaad27a9422ced4f603bed Mon Sep 17 00:00:00 2001 +From 7dd72acd6e4181e8063a7ed7e24b3c0d327412fa Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Date: Thu, 11 Aug 2016 21:54:10 +0200 Subject: clamd: don't depend on clamav-demon.socket diff -Nru clamav-0.102.2+dfsg/debian/patches/clamsubmit-libfreshclam-Use-CURL_CA_BUNDLE.patch clamav-0.102.3+dfsg/debian/patches/clamsubmit-libfreshclam-Use-CURL_CA_BUNDLE.patch --- clamav-0.102.2+dfsg/debian/patches/clamsubmit-libfreshclam-Use-CURL_CA_BUNDLE.patch 2020-02-22 14:41:35.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/patches/clamsubmit-libfreshclam-Use-CURL_CA_BUNDLE.patch 2020-05-22 22:36:49.000000000 +0200 @@ -1,4 +1,4 @@ -From 94c324bf8286ef17c80d5ec90618721e4b54db7f Mon Sep 17 00:00:00 2001 +From b10cdbb9ecc5701d434d20fb8f96a5ba18c10c15 Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Date: Sun, 16 Feb 2020 17:09:37 +0100 Subject: clamsubmit / libfreshclam: Use CURL_CA_BUNDLE diff -Nru clamav-0.102.2+dfsg/debian/patches/Deprecate-unused-options-instead-of-removing-it.patch clamav-0.102.3+dfsg/debian/patches/Deprecate-unused-options-instead-of-removing-it.patch --- clamav-0.102.2+dfsg/debian/patches/Deprecate-unused-options-instead-of-removing-it.patch 2020-02-22 14:41:35.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/patches/Deprecate-unused-options-instead-of-removing-it.patch 2020-05-22 22:36:49.000000000 +0200 @@ -1,4 +1,4 @@ -From c80369b3e9ca684403f73e36ce9285991242fe6d Mon Sep 17 00:00:00 2001 +From 023a9d16628647f3cf859d05f2346274687e3603 Mon Sep 17 00:00:00 2001 From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Date: Wed, 4 Jul 2018 21:26:50 +0200 Subject: Deprecate unused options instead of removing it diff -Nru clamav-0.102.2+dfsg/debian/rules clamav-0.102.3+dfsg/debian/rules --- clamav-0.102.2+dfsg/debian/rules 2020-02-22 14:41:35.000000000 +0100 +++ clamav-0.102.3+dfsg/debian/rules 2020-05-22 22:36:49.000000000 +0200 @@ -96,7 +96,7 @@ fi;\ done; \ # Check for library features which may have been upgraded. - if ! grep -q "CL_FLEVEL 113" libclamav/others.h ; then \ + if ! grep -q "CL_FLEVEL 114" libclamav/others.h ; then \ echo "cl_retflevel needs boosting in symbol file"; \ touch debian/exit; \ fi; @@ -145,9 +145,9 @@ override_dh_auto_test: ifneq (,$(filter ia64 sparc, $(DEB_HOST_ARCH))) - T=900 dh_auto_test -- EF_ALIGNMENT=8 V=1 VERBOSE=1 + T=900 $(MAKE) check EF_ALIGNMENT=8 V=1 VERBOSE=1 else - T=900 dh_auto_test -- V=1 VERBOSE=1 + T=900 $(MAKE) check V=1 VERBOSE=1 endif override_dh_strip: diff -Nru clamav-0.102.2+dfsg/docs/html/UserManual/Installation-Unix.html clamav-0.102.3+dfsg/docs/html/UserManual/Installation-Unix.html --- clamav-0.102.2+dfsg/docs/html/UserManual/Installation-Unix.html 2020-02-04 15:59:24.000000000 +0100 +++ clamav-0.102.3+dfsg/docs/html/UserManual/Installation-Unix.html 2020-05-12 03:54:59.000000000 +0200 @@ -70,8 +70,6 @@ <ul> <li>CentOS 6 32bit: zlib 1.2.3-29</li> <li>Solution: Update to newer version.</li> -<li>AIX 5.3: zlib 1.2.11-1</li> -<li>Solution: Try different version, downgrade may be required.</li> </ul> <hr /> <h2 id="installing-clamav">Installing ClamAV</h2> diff -Nru clamav-0.102.2+dfsg/docs/html/UserManual/Installation-Windows.html clamav-0.102.3+dfsg/docs/html/UserManual/Installation-Windows.html --- clamav-0.102.2+dfsg/docs/html/UserManual/Installation-Windows.html 2020-02-04 15:59:23.000000000 +0100 +++ clamav-0.102.3+dfsg/docs/html/UserManual/Installation-Windows.html 2020-05-12 03:54:58.000000000 +0200 @@ -15,9 +15,9 @@ <h2 id="install-using-the-clamav-windows-installer">Install using the ClamAV Windows Installer</h2> <p>Important: Installing ClamAV using the Installer will require Administrator privileges.</p> <ol> -<li>Download: <a href="http://www.clamav.net/downloads/production/ClamAV-0.102.1.exe"; class="uri">http://www.clamav.net/downloads/production/ClamAV-0.102.1.exe</a></li> +<li>Download: <a href="http://www.clamav.net/downloads/production/ClamAV-0.102.2.exe"; class="uri">http://www.clamav.net/downloads/production/ClamAV-0.102.2.exe</a></li> <li>Locate the file in your Downloads directory.</li> -<li>Right-click on <code>ClamAV-0.102.1.exe</code> and select <code>Run as administrator</code>. You may receive a warning message along the lines of "Windows protected your PC". Select <code>More info</code> and then select <code>Run anyway</code>.</li> +<li>Right-click on <code>ClamAV-0.102.2.exe</code> and select <code>Run as administrator</code>. You may receive a warning message along the lines of "Windows protected your PC". Select <code>More info</code> and then select <code>Run anyway</code>.</li> <li>Select <code>I accept the agreement</code> and click <code>Next</code>.</li> <li>Click <code>Next</code> again. If you've removed a previous installation of ClamAV, you may receive the prompt "The folder ... already exists...". If you do, select <code>Yes</code>.</li> <li>Click <code>Install</code>.</li> @@ -36,9 +36,9 @@ <hr /> <h2 id="install-using-the-clamav-portable-install-package">Install using the ClamAV Portable Install Package</h2> <ol> -<li>Download: <a href="https://www.clamav.net/downloads/production/clamav-0.102.1-win-x64-portable.zip"; class="uri">https://www.clamav.net/downloads/production/clamav-0.102.1-win-x64-portable.zip</a></li> +<li>Download: <a href="https://www.clamav.net/downloads/production/clamav-0.102.2-win-x64-portable.zip"; class="uri">https://www.clamav.net/downloads/production/clamav-0.102.2-win-x64-portable.zip</a></li> <li>Unzip it.</li> -<li>Open the <code>clamav-0.102.1-win-x64-portable</code> directory.</li> +<li>Open the <code>clamav-0.102.2-win-x64-portable</code> directory.</li> <li>Hold down Shift and then right-click on the background in the current directory (but not on one of the files). Select <code>"Open PowerShell window here"</code>. If that option doesn't appear, try again.</li> </ol> <p>Continue on to "First Time Set-Up"...</p> diff -Nru clamav-0.102.2+dfsg/libclamav/7z/XzDec.c clamav-0.102.3+dfsg/libclamav/7z/XzDec.c --- clamav-0.102.2+dfsg/libclamav/7z/XzDec.c 2020-02-04 15:59:26.000000000 +0100 +++ clamav-0.102.3+dfsg/libclamav/7z/XzDec.c 2020-05-12 03:54:49.000000000 +0200 @@ -425,7 +425,7 @@ const Byte *srcCur; int srcFinishedCur; int encodingWasFinished; - + if (i == 0) { srcCur = src; @@ -438,7 +438,7 @@ srcLenCur = p->size[i - 1] - p->pos[i - 1]; srcFinishedCur = p->finished[i - 1]; } - + if (i == p->numCoders - 1) { destCur = dest; @@ -451,7 +451,7 @@ destCur = p->buf + (CODER_BUF_SIZE * i); destLenCur = CODER_BUF_SIZE; } - + res = coder->Code(coder->p, destCur, &destLenCur, srcCur, &srcLenCur, srcFinishedCur, finishMode, &encodingWasFinished); if (!encodingWasFinished) @@ -478,7 +478,7 @@ p->pos[i] = 0; p->finished[i] = encodingWasFinished; } - + if (res != SZ_OK) return res; @@ -617,6 +617,7 @@ if (!p) return; MixCoder_Free(&p->decoder); + cl_hash_destroy(p->check.sha); cl_hash_destroy(p->sha); p->sha = NULL; } @@ -643,20 +644,20 @@ *status = CODER_STATUS_NOT_FINISHED; return SZ_OK; } - + res = MixCoder_Code(&p->decoder, dest, &destLen2, src, &srcLen2, False, finishMode, status); XzCheck_Update(&p->check, dest, destLen2); - + (*srcLen) += srcLen2; src += srcLen2; p->packSize += srcLen2; - + (*destLen) += destLen2; dest += destLen2; p->unpackSize += destLen2; - + RINOK(res); - + if (*status == CODER_STATUS_FINISHED_WITH_MARK) { Byte temp[32]; @@ -666,14 +667,14 @@ cl_update_hash(p->sha, temp, num); p->indexSize += num; p->numBlocks++; - + p->state = XZ_STATE_BLOCK_FOOTER; p->pos = 0; p->alignPos = 0; } else if (srcLen2 == 0 && destLen2 == 0) return SZ_OK; - + continue; } @@ -887,7 +888,7 @@ } break; } - + case XZ_STATE_BLOCK: break; /* to disable GCC warning */ } } diff -Nru clamav-0.102.2+dfsg/libclamav/arc4.c clamav-0.102.3+dfsg/libclamav/arc4.c --- clamav-0.102.2+dfsg/libclamav/arc4.c 2020-02-04 15:59:26.000000000 +0100 +++ clamav-0.102.3+dfsg/libclamav/arc4.c 2020-05-12 03:54:49.000000000 +0200 @@ -27,11 +27,16 @@ #include "arc4.h" #include <string.h> -void arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength) +bool arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength) { unsigned i; uint8_t j; - uint32_t *S = &a->S[0]; + uint32_t *S; + + if (NULL == a || NULL == key || 0 == keylength) + return false; + + S = &a->S[0]; for (i = 0; i < 256; i++) S[i] = i; @@ -42,6 +47,7 @@ S[j] = tmp; } a->i = a->j = 0; + return true; } void arc4_apply(struct arc4_state *s, uint8_t *data, unsigned len) diff -Nru clamav-0.102.2+dfsg/libclamav/arc4.h clamav-0.102.3+dfsg/libclamav/arc4.h --- clamav-0.102.2+dfsg/libclamav/arc4.h 2020-02-04 15:59:26.000000000 +0100 +++ clamav-0.102.3+dfsg/libclamav/arc4.h 2020-05-12 03:54:49.000000000 +0200 @@ -19,6 +19,8 @@ * MA 02110-1301, USA. */ +#include <stdbool.h> + #include "clamav-types.h" struct arc4_state { /* really just 8 bit, but it is faster if reads are aligned */ @@ -26,5 +28,5 @@ uint8_t i, j; }; -void arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength); +bool arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength); void arc4_apply(struct arc4_state *s, uint8_t *data, unsigned len); diff -Nru clamav-0.102.2+dfsg/libclamav/bytecode_api.h clamav-0.102.3+dfsg/libclamav/bytecode_api.h --- clamav-0.102.2+dfsg/libclamav/bytecode_api.h 2020-02-04 15:59:26.000000000 +0100 +++ clamav-0.102.3+dfsg/libclamav/bytecode_api.h 2020-05-12 03:54:49.000000000 +0200 @@ -144,6 +144,7 @@ FUNC_LEVEL_0102 = 111, /**< LibClamAV release 0.102.0 */ FUNC_LEVEL_0102_1 = 112, /**< LibClamAV release 0.102.1 */ FUNC_LEVEL_0102_2 = 113, /**< LibClamAV release 0.102.2 */ + FUNC_LEVEL_0102_3 = 114, /**< LibClamAV release 0.102.3 */ }; /** diff -Nru clamav-0.102.2+dfsg/libclamav/egg.c clamav-0.102.3+dfsg/libclamav/egg.c --- clamav-0.102.2+dfsg/libclamav/egg.c 2020-02-04 15:59:26.000000000 +0100 +++ clamav-0.102.3+dfsg/libclamav/egg.c 2020-05-12 03:54:49.000000000 +0200 @@ -2846,10 +2846,6 @@ } handle = (egg_handle*)hArchive; - if (CL_SUCCESS != EGG_VALIDATE_HANDLE(handle)) { - cli_errmsg("cli_egg_close: Invalid handle values!\n"); - return; - } egg_free_egg_handle(handle); diff -Nru clamav-0.102.2+dfsg/libclamav/others.h clamav-0.102.3+dfsg/libclamav/others.h --- clamav-0.102.2+dfsg/libclamav/others.h 2020-02-04 15:59:26.000000000 +0100 +++ clamav-0.102.3+dfsg/libclamav/others.h 2020-05-12 03:54:49.000000000 +0200 @@ -71,7 +71,7 @@ * in re-enabling affected modules. */ -#define CL_FLEVEL 113 +#define CL_FLEVEL 114 #define CL_FLEVEL_DCONF CL_FLEVEL #define CL_FLEVEL_SIGTOOL CL_FLEVEL diff -Nru clamav-0.102.2+dfsg/libclamav/pdf.c clamav-0.102.3+dfsg/libclamav/pdf.c --- clamav-0.102.2+dfsg/libclamav/pdf.c 2020-02-04 15:59:26.000000000 +0100 +++ clamav-0.102.3+dfsg/libclamav/pdf.c 2020-05-12 03:54:49.000000000 +0200 @@ -1089,8 +1089,9 @@ int nrounds; cli_dbgmsg("aes_decrypt: key length: %d, data length: %zu\n", key_n, *length); - if (key_n > 32) { - cli_dbgmsg("aes_decrypt: key length is %d!\n", key_n * 8); + if (!(key_n == 16 || key_n == 24 || key_n == 32)) { + cli_dbgmsg("aes_decrypt: invalid key length: %u!\n", key_n * 8); + noisy_warnmsg("aes_decrypt: invalid key length: %u!\n", key_n * 8); return; } @@ -1166,7 +1167,12 @@ struct arc4_state arc4; if (!length || !*length || !in) { - noisy_warnmsg("decrypt_any: decrypt failed for obj %u %u\n", id >> 8, id & 0xff); + noisy_warnmsg("decrypt_any: decrypt failed for obj %u %u: Invalid arguments.\n", id >> 8, id & 0xff); + return NULL; + } + + if (NULL == pdf->key || 0 == pdf->keylen) { + noisy_warnmsg("decrypt_any: decrypt failed for obj %u %u: PDF key never identified.\n", id >> 8, id & 0xff); return NULL; } @@ -1207,7 +1213,10 @@ case ENC_V2: cli_dbgmsg("cli_pdf: enc is v2\n"); memcpy(q, in, *length); - arc4_init(&arc4, result, n); + if (false == arc4_init(&arc4, result, n)) { + noisy_warnmsg("decrypt_any: failed to init arc4\n"); + return NULL; + } arc4_apply(&arc4, q, (unsigned)*length); /* TODO: may truncate for very large lengths */ noisy_msg(pdf, "decrypt_any: decrypted ARC4 data\n"); @@ -2802,7 +2811,10 @@ if (R == 2) { /* 7.6.3.3 Algorithm 4 */ memcpy(data, key_padding, 32); - arc4_init(&arc4, (const uint8_t *)(pdf->key), pdf->keylen); + if (false == arc4_init(&arc4, (const uint8_t *)(pdf->key), pdf->keylen)) { + noisy_warnmsg("decrypt_any: failed to init arc4\n"); + return; + } arc4_apply(&arc4, (uint8_t *)data, 32); dbg_printhex("computed U (R2)", data, 32); if (!memcmp(data, U, 32)) @@ -2821,7 +2833,10 @@ cl_hash_data("md5", d, 32 + pdf->fileIDlen, result, NULL); memcpy(data, pdf->key, len); - arc4_init(&arc4, (const uint8_t *)data, len); + if (false == arc4_init(&arc4, (const uint8_t *)data, len)) { + noisy_warnmsg("decrypt_any: failed to init arc4\n"); + return; + } arc4_apply(&arc4, result, 16); for (i = 1; i <= 19; i++) { unsigned j; @@ -2829,7 +2844,10 @@ for (j = 0; j < len; j++) data[j] = pdf->key[j] ^ i; - arc4_init(&arc4, (const uint8_t *)data, len); + if (false == arc4_init(&arc4, (const uint8_t *)data, len)) { + noisy_warnmsg("decrypt_any: failed to init arc4\n"); + return; + } arc4_apply(&arc4, result, 16); } diff -Nru clamav-0.102.2+dfsg/libclamav/pdfdecode.c clamav-0.102.3+dfsg/libclamav/pdfdecode.c --- clamav-0.102.2+dfsg/libclamav/pdfdecode.c 2020-02-04 15:59:26.000000000 +0100 +++ clamav-0.102.3+dfsg/libclamav/pdfdecode.c 2020-05-12 03:54:49.000000000 +0200 @@ -638,8 +638,11 @@ } if (rc == CL_SUCCESS) { - /* Shrink output buffer to final the decoded data length to minimize RAM usage */ - if (!(temp = cli_realloc(decoded, declen))) { + if (declen == 0) { + cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n"); + rc = CL_BREAK; + } else if (!(temp = cli_realloc(decoded, declen))) { + /* Shrink output buffer to final the decoded data length to minimize RAM usage */ cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n"); rc = CL_EMEM; } else { @@ -647,7 +650,7 @@ } } - if (rc == CL_SUCCESS) { + if (rc == CL_SUCCESS || rc == CL_BREAK) { free(token->content); cli_dbgmsg("cli_pdf: decoded %lu bytes from %lu total bytes\n", @@ -817,8 +820,11 @@ (void)inflateEnd(&stream); if (rc == CL_SUCCESS) { - /* Shrink output buffer to final the decoded data length to minimize RAM usage */ - if (!(temp = cli_realloc(decoded, declen))) { + if (declen == 0) { + cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n"); + rc = CL_BREAK; + } else if (!(temp = cli_realloc(decoded, declen))) { + /* Shrink output buffer to final the decoded data length to minimize RAM usage */ cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n"); rc = CL_EMEM; } else { @@ -826,7 +832,7 @@ } } - if (rc == CL_SUCCESS) { + if (rc == CL_SUCCESS || rc == CL_BREAK) { free(token->content); token->content = decoded; @@ -1099,8 +1105,11 @@ (void)lzwInflateEnd(&stream); if (rc == CL_SUCCESS) { - /* Shrink output buffer to final the decoded data length to minimize RAM usage */ - if (!(temp = cli_realloc(decoded, declen))) { + if (declen == 0) { + cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n"); + rc = CL_BREAK; + } else if (!(temp = cli_realloc(decoded, declen))) { + /* Shrink output buffer to final the decoded data length to minimize RAM usage */ cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n"); rc = CL_EMEM; } else { @@ -1108,7 +1117,7 @@ } } - if (rc == CL_SUCCESS) { + if (rc == CL_SUCCESS || rc == CL_BREAK) { free(token->content); token->content = decoded; diff -Nru clamav-0.102.2+dfsg/libclamav/unarj.c clamav-0.102.3+dfsg/libclamav/unarj.c --- clamav-0.102.2+dfsg/libclamav/unarj.c 2020-02-04 15:59:26.000000000 +0100 +++ clamav-0.102.3+dfsg/libclamav/unarj.c 2020-05-12 03:54:49.000000000 +0200 @@ -834,18 +834,16 @@ uint16_t header_size, count; arj_main_hdr_t main_hdr; const char *filename = NULL; - const char *comment = NULL; - off_t header_offset; + const char *comment = NULL; struct text_norm_state fnstate, comstate; - unsigned char *fnnorm = NULL; + unsigned char *fnnorm = NULL; unsigned char *comnorm = NULL; - uint32_t ret = TRUE; + uint32_t ret = TRUE; if (fmap_readn(metadata->map, &header_size, metadata->offset, 2) != 2) return FALSE; metadata->offset += 2; - header_offset = metadata->offset; header_size = le16_to_host(header_size); cli_dbgmsg("Header Size: %d\n", header_size); if (header_size == 0) { @@ -882,8 +880,8 @@ metadata->offset += main_hdr.first_hdr_size - 30; } - fnnorm = cli_calloc(sizeof(unsigned char), header_size + 1); - filename = fmap_need_offstr(metadata->map, metadata->offset, header_size); + fnnorm = cli_calloc(sizeof(unsigned char), header_size + 1); + filename = fmap_need_offstr(metadata->map, metadata->offset, header_size + 1); if (!filename) { cli_dbgmsg("UNARJ: Unable to allocate memory for filename\n"); ret = FALSE; @@ -892,7 +890,7 @@ metadata->offset += CLI_STRNLEN(filename, header_size) + 1; comnorm = cli_calloc(sizeof(unsigned char), header_size + 1); - comment = fmap_need_offstr(metadata->map, metadata->offset, header_size); + comment = fmap_need_offstr(metadata->map, metadata->offset, header_size + 1); if (!comment || !comnorm) { cli_dbgmsg("UNARJ: Unable to allocate memory for comment\n"); ret = FALSE; @@ -903,8 +901,8 @@ text_normalize_init(&fnstate, fnnorm, header_size); text_normalize_init(&comstate, comnorm, header_size); - text_normalize_buffer(&fnstate, filename, metadata->offset); - text_normalize_buffer(&comstate, comment, metadata->offset); + text_normalize_buffer(&fnstate, (const unsigned char *)filename, header_size); + text_normalize_buffer(&comstate, (const unsigned char *)comment, header_size); cli_dbgmsg("Filename: %s\n", fnnorm); cli_dbgmsg("Comment: %s\n", comnorm); @@ -947,9 +945,9 @@ const char *filename, *comment; arj_file_hdr_t file_hdr; struct text_norm_state fnstate, comstate; - unsigned char *fnnorm = NULL; + unsigned char *fnnorm = NULL; unsigned char *comnorm = NULL; - uint32_t ret = CL_SUCCESS; + uint32_t ret = CL_SUCCESS; if (fmap_readn(metadata->map, &header_size, metadata->offset, 2) != 2) return CL_EFORMAT; @@ -999,8 +997,8 @@ metadata->offset += file_hdr.first_hdr_size - 30; } - fnnorm = cli_calloc(sizeof(unsigned char), header_size + 1); - filename = fmap_need_offstr(metadata->map, metadata->offset, header_size); + fnnorm = cli_calloc(sizeof(unsigned char), header_size + 1); + filename = fmap_need_offstr(metadata->map, metadata->offset, header_size + 1); if (!filename) { cli_dbgmsg("UNARJ: Unable to allocate memory for filename\n"); ret = FALSE; @@ -1009,7 +1007,7 @@ metadata->offset += CLI_STRNLEN(filename, header_size) + 1; comnorm = cli_calloc(sizeof(unsigned char), header_size + 1); - comment = fmap_need_offstr(metadata->map, metadata->offset, header_size); + comment = fmap_need_offstr(metadata->map, metadata->offset, header_size + 1); if (!comment) { cli_dbgmsg("UNARJ: Unable to allocate memory for comment\n"); ret = FALSE; @@ -1020,8 +1018,8 @@ text_normalize_init(&fnstate, fnnorm, header_size); text_normalize_init(&comstate, comnorm, header_size); - text_normalize_buffer(&fnstate, filename, metadata->offset); - text_normalize_buffer(&comstate, comment, metadata->offset); + text_normalize_buffer(&fnstate, (const unsigned char *)filename, header_size); + text_normalize_buffer(&comstate, (const unsigned char *)comment, header_size); cli_dbgmsg("Filename: %s\n", fnnorm); cli_dbgmsg("Comment: %s\n", comnorm); @@ -1037,7 +1035,7 @@ if (metadata->filename) free(metadata->filename); metadata->filename = NULL; - ret = CL_EFORMAT; + ret = CL_EFORMAT; goto done; } count = cli_readint16(countp); @@ -1055,11 +1053,11 @@ metadata->encrypted = ((file_hdr.flags & GARBLE_FLAG) != 0) ? TRUE : FALSE; metadata->ofd = -1; if (!metadata->filename) { - ret = CL_EMEM; + ret = CL_EMEM; goto done; } - done: +done: if (fnnorm) { free(fnnorm); diff -Nru clamav-0.102.2+dfsg/m4/reorganization/version.m4 clamav-0.102.3+dfsg/m4/reorganization/version.m4 --- clamav-0.102.2+dfsg/m4/reorganization/version.m4 2020-02-04 15:59:26.000000000 +0100 +++ clamav-0.102.3+dfsg/m4/reorganization/version.m4 2020-05-12 03:54:49.000000000 +0200 @@ -3,7 +3,7 @@ dnl For beta, set: VERSION="<version>-beta" dnl For release candidate, set: VERSION="<version>-rc" dnl For release, set: VERSION="<version>" -VERSION="0.102.2" +VERSION="0.102.3" major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/[^0-9]//g"` minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/[^0-9]//g"` diff -Nru clamav-0.102.2+dfsg/NEWS.md clamav-0.102.3+dfsg/NEWS.md --- clamav-0.102.2+dfsg/NEWS.md 2020-02-04 15:59:26.000000000 +0100 +++ clamav-0.102.3+dfsg/NEWS.md 2020-05-12 03:54:49.000000000 +0200 @@ -3,6 +3,30 @@ Note: This file refers to the source tarball. Things described here may differ slightly from the binary packages. +## 0.102.3 + +ClamAV 0.102.3 is a bug patch release to address the following issues. + +- [CVE-2020-3327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327): + Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that + could cause a Denial-of-Service (DoS) condition. Improper bounds checking of + an unsigned variable results in an out-of-bounds read which causes a crash. + + Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ + parsing vulnerability. + +- [CVE-2020-3341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341): + Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that + could cause a Denial-of-Service (DoS) condition. Improper size checking of + a buffer used to initialize AES decryption routines results in an out-of- + bounds read which may cause a crash. Bug found by OSS-Fuzz. + +- Fix "Attempt to allocate 0 bytes" error when parsing some PDF documents. + +- Fix a couple of minor memory leaks. + +- Updated libclamunrar to UnRAR 5.9.2. + ## 0.102.2 ClamAV 0.102.2 is a bug patch release to address the following issues.
