Wed May 20 21:15:26 2015 UTC ()

Update clamav to 0.98.7.
This release contains new scanning features and bug fixes.
    - Improvements to PDF processing: decryption, escape sequence
      handling, and file property collection.
    - Scanning/analysis of additional Microsoft Office 2003 XML format.
    - Fix infinite loop condition on crafted y0da cryptor file. Identified
      and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221.
    - Fix crash on crafted petite packed file. Reported and patch
      supplied by Sebastian Andrzej Siewior. CVE-2015-2222.
    - Fix false negatives on files within iso9660 containers. This issue
      was reported by Minzhuan Gong.
    - Fix a couple crashes on crafted upack packed file. Identified and
      patches supplied by Sebastian Andrzej Siewior.
    - Fix a crash during algorithmic detection on crafted PE file.
      Identified and patch supplied by Sebastian Andrzej Siewior.
    - Fix an infinite loop condition on a crafted "xz" archive file.
      This was reported by Dimitri Kirchner and Goulven Guiheux.
      CVE-2015-2668.
    - Fix compilation error after ./configure --disable-pthreads.
      Reported and fix suggested by John E. Krokes.
    - Apply upstream patch for possible heap overflow in Henry Spencer's
      regex library. CVE-2015-2305.
    - Fix crash in upx decoder with crafted file. Discovered and patch
      supplied by Sebastian Andrzej Siewior. CVE-2015-2170.
    - Fix segfault scanning certain HTML files. Reported with sample by
      Kai Risku.
    - Improve detections within xar/pkg files.


(bouyer)

diff -r1.23 -r1.24 pkgsrc/security/clamav/Makefile
diff -r1.1 -r1.2 pkgsrc/security/clamav/Makefile.common
diff -r1.18 -r1.19 pkgsrc/security/clamav/distinfo

--- pkgsrc/security/clamav/Makefile 2015/03/17 08:55:57 1.23
+++ pkgsrc/security/clamav/Makefile 2015/05/20 21:15:26 1.24

 @@ -1,17 +1,17 @@
-# $NetBSD: Makefile,v 1.23 2015/03/17 08:55:57 taca Exp $
+# $NetBSD: Makefile,v 1.24 2015/05/20 21:15:26 bouyer Exp $
 DISTNAME=	clamav-${CLAMAV_VERSION}
-PKGREVISION=	2
+#PKGREVISION=	2
 CATEGORIES=	security
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=clamav/}
 MAINTAINER=	pkgsrc-users@NetBSD.org
 HOMEPAGE=	http://www.clamav.net/
 COMMENT=	Anti-virus toolkit
 LICENSE=	gnu-gpl-v2
 USE_LANGUAGES=		c c++
 USE_LIBTOOL=		yes
 GNU_CONFIGURE=		yes
 SET_LIBDIR=		yes
 CONFIGURE_ARGS+=	--disable-clamav

--- pkgsrc/security/clamav/Makefile.common 2015/03/15 00:52:53 1.1
+++ pkgsrc/security/clamav/Makefile.common 2015/05/20 21:15:26 1.2

 @@ -1,7 +1,7 @@
-# $NetBSD: Makefile.common,v 1.1 2015/03/15 00:52:53 taca Exp $
+# $NetBSD: Makefile.common,v 1.2 2015/05/20 21:15:26 bouyer Exp $
+#
 # used by clamav/Makefile
 # used by clamav-doc/Makefile
-CLAMAV_VERSION=	0.98.6
+CLAMAV_VERSION=	0.98.7
 DISTINFO_FILE=	${.CURDIR}/../../security/clamav/distinfo

--- pkgsrc/security/clamav/distinfo 2015/03/17 06:00:07 1.18
+++ pkgsrc/security/clamav/distinfo 2015/05/20 21:15:26 1.19

 @@ -1,12 +1,12 @@
-$NetBSD: distinfo,v 1.18 2015/03/17 06:00:07 taca Exp $
+$NetBSD: distinfo,v 1.19 2015/05/20 21:15:26 bouyer Exp $
-SHA1 (clamav-0.98.6.tar.gz) = 03cb9a20a08aba9176b1f58d5527d06ec8261f9c
+SHA1 (clamav-0.98.7.tar.gz) = c9793d67c041e2b944116d912f8681c8bd6e4432
-RMD160 (clamav-0.98.6.tar.gz) = 48d5fbbdb183e61309212c6bc69f777f99346bd5
+RMD160 (clamav-0.98.7.tar.gz) = 140561a2d1a0c013cb679f6af0ae48cc4cb92484
-Size (clamav-0.98.6.tar.gz) = 15148292 bytes
+Size (clamav-0.98.7.tar.gz) = 15118851 bytes
 SHA1 (patch-Makefile.in) = 070fe734113de9fc6ce5f02de088b10281913b00
 SHA1 (patch-aa) = 8539a90ac5591c86f7e9f6b8c073f36523f221a5
 SHA1 (patch-ab) = fea995ea944c2ae0f51a41e1a1076badf65c6c8b
 SHA1 (patch-af) = d217633ed33c72b6d01a9aeef03f0f5dd33b4336
 SHA1 (patch-ag) = cf4a0040a53c81402e8d15478407bc854af6fb30
 SHA1 (patch-etc_clamd.conf.sample) = 69bed1c88cf60f699e64fd361091621728b9f9d1
 SHA1 (patch-etc_freshclam.conf.sample) = 520ffbca5421ef2dc270e3c5a13cfb36a469e676