[Pkg-clamav-devel] Bug#951057: marked as done (clamav-freshclam: allow overriding of CA store)

Sat, 22 Feb 2020 07:39:23 -0800 

Your message dated Sat, 22 Feb 2020 15:34:22 +0000
with message-id <[email protected]>
and subject line Bug#951057: fixed in clamav 0.102.2+dfsg-2
has caused the Debian Bug report #951057,
regarding clamav-freshclam: allow overriding of CA store
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
951057: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951057
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: clamav-freshclam
Version: 0.102.1+dfsg-1
User: [email protected]
Usertags: needed-by-DSA-Team
Control: found -1 0.102.1+dfsg-0+deb9u1

Hi,
With 0.102, Freshclam started using libcurl for database downloads, but appears to provide no way to configure which certificates should be trusted.
This causes issues on debian.org systems, which have a very limited set of trusted certificates by default. We're working around this with: 

<quote>
# /etc/systemd/system/clamav-freshclam.service.d/override.conf
[Service]
BindReadOnlyPaths=/etc/ssl/ca-global:/etc/ssl/certs
</quote>
but this isn't ideal. A configuration option to allow specifying an alternative bundle / root, or even respecting CURL_CA_BUNDLE, would be much appreciated. 

Regards,

Adam

--- End Message ---
--- Begin Message --- 
Source: clamav
Source-Version: 0.102.2+dfsg-2
Done: Sebastian Andrzej Siewior <[email protected]>

We believe that the bug you reported is fixed in the latest version of
clamav, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sebastian Andrzej Siewior <[email protected]> (supplier of updated clamav 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 22 Feb 2020 13:41:02 +0100
Source: clamav
Architecture: source
Version: 0.102.2+dfsg-2
Distribution: unstable
Urgency: medium
Maintainer: ClamAV Team <[email protected]>
Changed-By: Sebastian Andrzej Siewior <[email protected]>
Closes: 951057
Changes:
 clamav (0.102.2+dfsg-2) unstable; urgency=medium
 .
   * Add a patch to let freshclam consider CURL_CA_BUNDLE environment variable
     to set the CA bundle (like curl does) (Closes: #951057).
   * Recommend ca-certificates, new freshclash uses https by default.
   * Bump standards-version to 4.5.0 without further change
   * Use dh-compat level 12.
Checksums-Sha1:
 15b183ed2915fa2af7ceb111d27ae2222e211747 2777 clamav_0.102.2+dfsg-2.dsc
 a855407840bdfa9e3a27ce6f2c879ad23a790dd4 218692 
clamav_0.102.2+dfsg-2.debian.tar.xz
Checksums-Sha256:
 f7d937a23533ad283121395280c0922e8f9de50a0bbd38472a1885702d900c38 2777 
clamav_0.102.2+dfsg-2.dsc
 3c694cd728c2200f67cd533d7cebeb343c214c1570852f2dd173a5704b98fc63 218692 
clamav_0.102.2+dfsg-2.debian.tar.xz
Files:
 b29c52f7ba5d34edef749f057c6949f3 2777 utils optional clamav_0.102.2+dfsg-2.dsc
 3a9e90bebfdbd54bcaa1391153acc01e 218692 utils optional 
clamav_0.102.2+dfsg-2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEV4kucFIzBRM39v3RBWQfF1cS+lsFAl5RNqcACgkQBWQfF1cS
+lvchQv/c7zadplndKlu9crzFUJMiOgYlCWwMmiXOKARXutOj3pnMXsGiSwAKs2C
81MQFmZh0b9JvnBT2dKQ5XNm7mhZ7B4k7ivWJYijNrPaj6B/C4JUepBztEqCWAoH
RTiW5f8epn+Y9jJZhgVGCHrzNxlcR84P8pw6X4BaMNJ7IXK42Wjwq4feGkR80cLi
Wx1jfRj6AZpW4l746xQ3qBePCjOdSbfk7AXUw59oACSTYtbNWIiBEyROhsUTJ9eV
Wc8JxK7f5/ZM3NGB6njultT+wM5Kgj7GpHXABn8/SsnID1YW0sKWRXoI3c6yHpMl
ykfAQ48T5mJfQRosMjrtKqd52S68CgMVnTGtzlACI4fAILkycj8itTBaENDVDocG
CXgfTZOFX+TudfZfuvg1WF1p5//DMLIiKXhz06firS140Dm9JvajEaqkWGEYi2KZ
hUsD1iVGf06NjSyCYdJnYHX34Hd0zQ2RDhmP4Qwr4TDYnPRMI+1+0QDgYM2MEj7w
qz9sIkMM
=BcYu
-----END PGP SIGNATURE-----

--- End Message ---
_______________________________________________
Pkg-clamav-devel mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-clamav-devel

Reply via email to