--- - branch: pkgsrc-2019Q4 date: Sat Feb 22 19:45:06 UTC 2020 files: - new: 1.13.4.1 old: '1.13' path: pkgsrc/security/clamav/Makefile.common pathrev: pkgsrc/security/clamav/Makefile.common@1.13.4.1 type: modified - new: 1.31.4.1 old: '1.31' path: pkgsrc/security/clamav/distinfo pathrev: pkgsrc/security/clamav/distinfo@1.31.4.1 type: modified id: 20200222T194506Z.7c43adbffa293c42c839ce159bac437f3e9f684e log: "Pullup ticket #6137 - requested by taca\nsecurity/clamav: security fix + partial fix for PR pkg/54951\n\nRevisions pulled up:\n- security/clamav/Makefile 1.60-1.62\n- security/clamav/Makefile.common 1.14-1.15\n- security/clamav/distinfo \ 1.32\n\n---\n Module Name: pkgsrc\n \ Committed By: ryoon\n Date: Sun Jan 12 20:20:50 UTC 2020\n\n \ Modified Files:\n pkgsrc/security/clamav: Makefile\n\n Log Message:\n \ *: Recursive revbump from devel/boost-libs\n\n---\n Module Name: pkgsrc\n \ Committed By: jperkin\n Date: Sat Jan 18 21:51:16 UTC 2020\n\n \ Modified Files:\n pkgsrc/security/clamav: Makefile\n\n Log Message:\n \ *: Recursive revision bump for openssl 1.1.1.\n\n---\n Module Name: pkgsrc\n \ Committed By: rillig\n Date: Sun Jan 26 17:32:28 UTC 2020\n\n \ Modified Files:\n pkgsrc/security/clamav: Makefile.common\n\n Log Message:\n all: migrate homepages from http to https\n\n pkglint -r --network --only \"migrate\"\n\n As a side-effect of migrating the homepages, pkglint also fixed a few\n indentations in unrelated lines. These and the new homepages have been\n checked manually.\n\n---\n Module Name: pkgsrc\n Committed By: taca\n Date: Sat Feb 15 02:40:43 UTC 2020\n\n Modified Files:\n \ pkgsrc/security/clamav: Makefile Makefile.common distinfo\n\n Log Message:\n security/clamav: update to 0.102.2\n\n Update clamav to 0.102.2.\n\n \ ## 0.102.2\n\n ClamAV 0.102.2 is a bug patch release to address the following issues.\n\n - [CVE-2020-3123](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3123):\n \ An Denial-of-Service (DoS) condition may occur when using the optional credit\n \ card data-loss-prevention (DLP) feature. Improper bounds checking of an\n \ unsigned variable resulted in an out-of-bounds read which causes a crash.\n\n \ - Significantly improved scan speed of PDF files on Windows.\n\n - Re-applied a fix to alleviate file access issues when scanning RAR files in\n downstream projects that use libclamav where the scanning engine is operating\n in a low-privelege process. This bug was originally fixed in 0.101.2 and the\n fix was mistakenly omitted from 0.102.0.\n\n - Fixed an issue wherein freshclam failed to update if the database version\n downloaded is 1 version older than advertised. This situation may occur after\n a new database version is published. The issue affected users downloading the\n whole CVD database file.\n\n - Changed the default freshclam ReceiveTimeout setting to 0 (infinite).\n The ReceiveTimeout had caused needless database update failures for users with\n slower internet connections.\n\n - Correctly display number of kilobytes (KiB) in progress bar and reduced the\n size of the progress bar to accomodate 80-char width terminals.\n\n - Fixed an issue where running freshclam manually causes a daemonized freshclam\n process to fail when it updates because the manual instance deletes the\n temporary download directory. Freshclam temporary files will now download to a\n unique directory created at the time of an update instead of using a hardcoded\n directory created/destroyed at the program start/exit.\n\n - Fix for Freshclam's OnOutdatedExecute config option.\n\n - Fixes a memory leak in the error condition handling for the email parser.\n\n - Improved bound checking and error handling in ARJ archive parser.\n\n - Improved error handling in PDF parser.\n\n - Fix for memory leak in byte-compare signature handler.\n\n - Updates to the unit test suite to support libcheck 0.13.\n\n - Updates to support autoconf 2.69 and automake 1.15.\n\n Special thanks to the following for code contributions and bug reports:\n\n - Antoine Deschæ£\x9Anes\n - Eric Lindblad\n \ - Gianluigi Tiesi\n - Tuomo Soini\n" module: pkgsrc subject: 'CVS commit: [pkgsrc-2019Q4] pkgsrc/security/clamav' unixtime: '1582400706' user: bsiegert