Your message dated Thu, 11 Oct 2012 00:09:18 +0200 with message-id <20121010220918.GA31434@radis.cristau.org> and subject line Re: Bug#689976: unblock: clamav/0.97.6+dfsg-1 has caused the Debian Bug report #689976, regarding unblock: clamav/0.97.6+dfsg-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 689976: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689976 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock: clamav/0.97.6+dfsg-1
- From: Scott Kitterman <debian@kitterman.com>
- Date: Mon, 08 Oct 2012 13:04:55 -0400
- Message-id: <[🔎] 20121008170455.25042.79882.reportbug@Scott-Latitude-E6320>
Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: unblock Please unblock package clamav This is a new bugfix release of clamav with only a few small, but important fixes. Additionally, because it increases the clamav FL (functionality level) the current wheezy version is no longer able to process all virus signature. This update is needed for that. As is usual for clamav, once it's in wheezy, I'll upload it for a stable update as well. unblock clamav/0.97.6+dfsg-1diff -Nru clamav-0.97.5+dfsg/ChangeLog clamav-0.97.6+dfsg/ChangeLog --- clamav-0.97.5+dfsg/ChangeLog 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/ChangeLog 2012-09-17 11:15:12.000000000 -0400 @@ -1,3 +1,36 @@ +Mon Sep 6 12:32:00 EDT 2012 (dar) +--------------------------------- + * libclamav: bb#5751 - cl_scansis() may returan a file descriptor instead + of a valid return code + +Mon Jul 2 10:40:50 EDT 2012 (dar) +---------------------------------- + * libclamav: bb#5252 - update #4, CL_EUNPACK and caching + +Fri Jun 29 14:43:43 EDT 2012 (dar) +---------------------------------- + * libclamav: bb#5252 - update #3, more return code tweaks + +Tue Jun 26 12:23:44 EDT 2012 (dar) +---------------------------------- + * libclamav: bb#5252 - Limit exits on scanraw return codes + +Fri Jun 22 16:58:21 EDT 2012 (dar) +---------------------------------- + * libclamav: bb#5325 - Quiet Minix warning + +Mon Jun 18 17:51:49 EDT 2012 (dar) +---------------------------------- + * libclamav: bb#5252 - Update magic_scandesc filtering of scanraw return codes + +Thu Jun 14 16:05:53 EDT 2012 (judge) +---------------------------------- + * win32: Add MSI projects. + +Wed Jun 13 12:00:55 EDT 2012 (olney) +---------------------------------- + * V 0.97.5 + Fri Jun 1 13:15:50 EST 2012 (dar) --------------------------------- * libclamav: Scan output at end of truncated tar (bb#4625) diff -Nru clamav-0.97.5+dfsg/configure clamav-0.97.6+dfsg/configure --- clamav-0.97.5+dfsg/configure 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/configure 2012-08-10 12:03:23.000000000 -0400 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.65 for ClamAV 0.97.5. +# Generated by GNU Autoconf 2.65 for ClamAV 0.97.6. # # Report bugs to <http://bugs.clamav.net/>. # @@ -703,8 +703,8 @@ # Identity of this package. PACKAGE_NAME='ClamAV' PACKAGE_TARNAME='clamav' -PACKAGE_VERSION='0.97.5' -PACKAGE_STRING='ClamAV 0.97.5' +PACKAGE_VERSION='0.97.6' +PACKAGE_STRING='ClamAV 0.97.6' PACKAGE_BUGREPORT='http://bugs.clamav.net/' PACKAGE_URL='http://www.clamav.net/' @@ -1539,7 +1539,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures ClamAV 0.97.5 to adapt to many kinds of systems. +\`configure' configures ClamAV 0.97.6 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1610,7 +1610,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of ClamAV 0.97.5:";; + short | recursive ) echo "Configuration of ClamAV 0.97.6:";; esac cat <<\_ACEOF @@ -1767,7 +1767,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -ClamAV configure 0.97.5 +ClamAV configure 0.97.6 generated by GNU Autoconf 2.65 Copyright (C) 2009 Free Software Foundation, Inc. @@ -2231,7 +2231,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by ClamAV $as_me 0.97.5, which was +It was created by ClamAV $as_me 0.97.6, which was generated by GNU Autoconf 2.65. Invocation command line was $ $0 $@ @@ -3345,7 +3345,7 @@ # Define the identity of the package. PACKAGE='clamav' - VERSION='0.97.5' + VERSION='0.97.6' # Some tools Automake needs. @@ -3474,10 +3474,10 @@ $as_echo "#define PACKAGE PACKAGE_NAME" >>confdefs.h -VERSION="0.97.5" +VERSION="0.97.6" LC_CURRENT=7 -LC_REVISION=14 +LC_REVISION=15 LC_AGE=1 LIBCLAMAV_VERSION="$LC_CURRENT":"$LC_REVISION":"$LC_AGE" @@ -20635,7 +20635,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ClamAV $as_me 0.97.5, which was +This file was extended by ClamAV $as_me 0.97.6, which was generated by GNU Autoconf 2.65. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20702,7 +20702,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ClamAV config.status 0.97.5 +ClamAV config.status 0.97.6 configured by $0, generated by GNU Autoconf 2.65, with options \\"\$ac_cs_config\\" @@ -23220,7 +23220,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ClamAV $as_me 0.97.5, which was +This file was extended by ClamAV $as_me 0.97.6, which was generated by GNU Autoconf 2.65. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -23287,7 +23287,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ClamAV config.status 0.97.5 +ClamAV config.status 0.97.6 configured by $0, generated by GNU Autoconf 2.65, with options \\"\$ac_cs_config\\" diff -Nru clamav-0.97.5+dfsg/configure.in clamav-0.97.6+dfsg/configure.in --- clamav-0.97.5+dfsg/configure.in 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/configure.in 2012-08-10 12:03:00.000000000 -0400 @@ -20,7 +20,7 @@ AC_PREREQ([2.59]) dnl For a release change [devel] to the real version [0.xy] dnl also change VERSION below -AC_INIT([ClamAV], [0.97.5], [http://bugs.clamav.net/], [clamav], [http://www.clamav.net/]) +AC_INIT([ClamAV], [0.97.6], [http://bugs.clamav.net/], [clamav], [http://www.clamav.net/]) AH_BOTTOM([#include "platform.h"]) dnl put configure auxiliary into config @@ -43,10 +43,10 @@ dnl change this on a release dnl VERSION="devel-`date +%Y%m%d`" -VERSION="0.97.5" +VERSION="0.97.6" LC_CURRENT=7 -LC_REVISION=14 +LC_REVISION=15 LC_AGE=1 LIBCLAMAV_VERSION="$LC_CURRENT":"$LC_REVISION":"$LC_AGE" AC_SUBST([LIBCLAMAV_VERSION]) diff -Nru clamav-0.97.5+dfsg/debian/changelog clamav-0.97.6+dfsg/debian/changelog --- clamav-0.97.5+dfsg/debian/changelog 2012-10-08 13:00:53.000000000 -0400 +++ clamav-0.97.6+dfsg/debian/changelog 2012-10-08 13:00:54.000000000 -0400 @@ -1,3 +1,10 @@ +clamav (0.97.6+dfsg-1) unstable; urgency=low + + * New upstream release (Closes: #689487) + * Update libclamav6 lintian override to match updated soversion + + -- Scott Kitterman <scott@kitterman.com> Mon, 08 Oct 2012 12:11:43 -0400 + clamav (0.97.5+dfsg-6) unstable; urgency=medium * Urgency medium for RC bug fix the addressess regression from 0.97.3 diff -Nru clamav-0.97.5+dfsg/debian/libclamav6.lintian-overrides clamav-0.97.6+dfsg/debian/libclamav6.lintian-overrides --- clamav-0.97.5+dfsg/debian/libclamav6.lintian-overrides 2012-10-08 13:00:53.000000000 -0400 +++ clamav-0.97.6+dfsg/debian/libclamav6.lintian-overrides 2012-10-08 13:00:54.000000000 -0400 @@ -1 +1 @@ -libclamav6 binary: embedded-library usr/lib/libclamav.so.6.1.14: zlib +libclamav6 binary: embedded-library usr/lib/libclamav.so.6.1.15: zlib diff -Nru clamav-0.97.5+dfsg/libclamav/bytecode_detect.h clamav-0.97.6+dfsg/libclamav/bytecode_detect.h --- clamav-0.97.5+dfsg/libclamav/bytecode_detect.h 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/libclamav/bytecode_detect.h 2012-06-27 09:04:48.000000000 -0400 @@ -83,6 +83,7 @@ llvm_os_Solaris, llvm_os_Win32, llvm_os_Haiku, + llvm_os_Minix, llvm_os_ANY = 0xff }; diff -Nru clamav-0.97.5+dfsg/libclamav/c++/detect.cpp clamav-0.97.6+dfsg/libclamav/c++/detect.cpp --- clamav-0.97.5+dfsg/libclamav/c++/detect.cpp 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/libclamav/c++/detect.cpp 2012-06-27 09:04:48.000000000 -0400 @@ -158,6 +158,7 @@ warn_assumptions("Operating System", env->os_category, Triple::Win32); break; CASE_OS(Haiku, os_unknown); + CASE_OS(Minix, os_unknown); } // mmap RWX diff -Nru clamav-0.97.5+dfsg/libclamav/others.h clamav-0.97.6+dfsg/libclamav/others.h --- clamav-0.97.5+dfsg/libclamav/others.h 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/libclamav/others.h 2012-08-10 12:02:00.000000000 -0400 @@ -53,7 +53,7 @@ * in re-enabling affected modules. */ -#define CL_FLEVEL 65 +#define CL_FLEVEL 67 #define CL_FLEVEL_DCONF CL_FLEVEL #define CL_FLEVEL_SIGTOOL CL_FLEVEL diff -Nru clamav-0.97.5+dfsg/libclamav/scanners.c clamav-0.97.6+dfsg/libclamav/scanners.c --- clamav-0.97.5+dfsg/libclamav/scanners.c 2012-10-08 13:00:53.000000000 -0400 +++ clamav-0.97.6+dfsg/libclamav/scanners.c 2012-08-06 16:26:55.000000000 -0400 @@ -2361,26 +2361,47 @@ if(type != CL_TYPE_IGNORED && (type != CL_TYPE_HTML || !(DCONF_DOC & DOC_CONF_HTML_SKIPRAW)) && !ctx->engine->sdb) { res = cli_scanraw(ctx, type, typercg, &dettype, hash); if(res != CL_CLEAN) { - if(res == CL_VIRUS) - ret = cli_checkfp(hash, hashed_size, ctx); - else - ret = res; - funmap(*ctx->fmap); - ctx->fmap--; - cli_bitset_free(ctx->hook_lsig_matches); - ctx->hook_lsig_matches = old_hook_lsig_matches; - /* Same switch as end of magic_scandesc function */ - switch(ret) { - case CL_EFORMAT: + switch(res) { + /* List of scan halts, runtime errors only! */ + case CL_EUNLINK: + case CL_ESTAT: + case CL_ESEEK: + case CL_EWRITE: + case CL_EDUP: + case CL_ETMPFILE: + case CL_ETMPDIR: + case CL_EMEM: + case CL_ETIMEOUT: + cli_dbgmsg("Descriptor[%d]: cli_scanraw error %s\n", desc, cl_strerror(res)); + funmap(*ctx->fmap); + ctx->fmap--; + cli_bitset_free(ctx->hook_lsig_matches); + ctx->hook_lsig_matches = old_hook_lsig_matches; + ret_from_magicscan(res); + /* CL_VIRUS = malware found, check FP and report */ + case CL_VIRUS: + ret = cli_checkfp(hash, hashed_size, ctx); + funmap(*ctx->fmap); + ctx->fmap--; + cli_bitset_free(ctx->hook_lsig_matches); + ctx->hook_lsig_matches = old_hook_lsig_matches; + ret_from_magicscan(ret); + /* "MAX" conditions should still fully scan the current file */ case CL_EMAXREC: case CL_EMAXSIZE: case CL_EMAXFILES: - cli_dbgmsg("Descriptor[%d]: %s\n", desc, cl_strerror(ret)); - case CL_CLEAN: /* here, only from cli_checkfp() */ - cache_add(hash, hashed_size, ctx); - ret_from_magicscan(CL_CLEAN); + ret = res; + cli_dbgmsg("Descriptor[%d]: Continuing after cli_scanraw reached %s\n", + desc, cl_strerror(res)); + break; + /* Other errors must not block further scans below + * This specifically includes CL_EFORMAT & CL_EREAD & CL_EUNPACK + * Malformed/truncated files could report as any of these three. + */ default: - ret_from_magicscan(ret); + ret = res; + cli_dbgmsg("Descriptor[%d]: Continuing after cli_scanraw error %s\n", + desc, cl_strerror(res)); } } } @@ -2424,11 +2445,16 @@ ctx->hook_lsig_matches = old_hook_lsig_matches; switch(ret) { + /* Malformed file cases */ case CL_EFORMAT: + case CL_EREAD: + case CL_EUNPACK: + /* Limits exceeded */ case CL_EMAXREC: case CL_EMAXSIZE: case CL_EMAXFILES: cli_dbgmsg("Descriptor[%d]: %s\n", desc, cl_strerror(ret)); + ret_from_magicscan(CL_CLEAN); case CL_CLEAN: cache_add(hash, hashed_size, ctx); ret_from_magicscan(CL_CLEAN); diff -Nru clamav-0.97.5+dfsg/libclamav/sis.c clamav-0.97.6+dfsg/libclamav/sis.c --- clamav-0.97.5+dfsg/libclamav/sis.c 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/libclamav/sis.c 2012-09-17 11:19:33.000000000 -0400 @@ -95,11 +95,16 @@ } cli_dbgmsg("SIS: UIDS %x %x %x - %x\n", EC32(uid[0]), EC32(uid[1]), EC32(uid[2]), EC32(uid[3])); - if (uid[2]==EC32(0x10000419)) + if (uid[2]==le32_to_host(0x10000419)) { i=real_scansis(f, ctx, tmpd); - else if(uid[0]==EC32(0x10201a7a)) { + } + else if(uid[0]==le32_to_host(0x10201a7a)) { i=real_scansis9x(f, ctx, tmpd); } + else { + cli_dbgmsg("SIS: UIDs failed to match\n"); + i=CL_EFORMAT; + } if (!ctx->engine->keeptmp) cli_rmdirs(tmpd); diff -Nru clamav-0.97.5+dfsg/libclamav/version.h clamav-0.97.6+dfsg/libclamav/version.h --- clamav-0.97.5+dfsg/libclamav/version.h 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/libclamav/version.h 2012-08-10 13:10:35.000000000 -0400 @@ -1 +1 @@ -#define REPO_VERSION "devel-clamav-0.97.5" +#define REPO_VERSION "devel-clamav-0.97.6" diff -Nru clamav-0.97.5+dfsg/NEWS clamav-0.97.6+dfsg/NEWS --- clamav-0.97.5+dfsg/NEWS 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/NEWS 2012-09-17 11:16:40.000000000 -0400 @@ -1,10 +1,9 @@ -0.97.5 +0.97.6 ------ -ClamAV 0.97.5 addresses possible evasion cases in some archive formats -(CVE-2012-1457, CVE-2012-1458, CVE-2012-1459). It also addresses stability -issues in portions of the bytecode engine. This release is recommended for all -users. +ClamAV 0.97.6 corrects two major bugs. One is bb#5571, where an invalid return +code was issued. The other is 5252, where an error in processing certain data +types occured. -- The ClamAV team (http://www.clamav.net/team) diff -Nru clamav-0.97.5+dfsg/README clamav-0.97.6+dfsg/README --- clamav-0.97.5+dfsg/README 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/README 2012-09-17 11:02:22.000000000 -0400 @@ -1,6 +1,10 @@ Note: This README/NEWS file refers to the source tarball. Some things described here may not be available in binary packages. -- +0.97.6 +------ +ClamAV 0.97.6 corrects bug 5252 "CL_EFORMAT: Bad format or broken data ERROR +reported as scan result. 0.97.5 ------
--- End Message ---
--- Begin Message ---
- To: Scott Kitterman <debian@kitterman.com>, 689976-done@bugs.debian.org
- Subject: Re: Bug#689976: unblock: clamav/0.97.6+dfsg-1
- From: Julien Cristau <jcristau@debian.org>
- Date: Thu, 11 Oct 2012 00:09:18 +0200
- Message-id: <20121010220918.GA31434@radis.cristau.org>
- In-reply-to: <[🔎] 20121008170455.25042.79882.reportbug@Scott-Latitude-E6320>
- References: <[🔎] 20121008170455.25042.79882.reportbug@Scott-Latitude-E6320>
On Mon, Oct 8, 2012 at 13:04:55 -0400, Scott Kitterman wrote: > Package: release.debian.org > Severity: normal > User: release.debian.org@packages.debian.org > Usertags: unblock > > Please unblock package clamav > Unblocked. Cheers, JulienAttachment: signature.asc
Description: Digital signature
--- End Message ---