And the forgotten debdiff. Scott K
diff -Nru clamav-0.97.5+dfsg/ChangeLog clamav-0.97.6+dfsg/ChangeLog --- clamav-0.97.5+dfsg/ChangeLog 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/ChangeLog 2012-09-17 11:15:12.000000000 -0400 @@ -1,3 +1,36 @@ +Mon Sep 6 12:32:00 EDT 2012 (dar) +--------------------------------- + * libclamav: bb#5751 - cl_scansis() may returan a file descriptor instead + of a valid return code + +Mon Jul 2 10:40:50 EDT 2012 (dar) +---------------------------------- + * libclamav: bb#5252 - update #4, CL_EUNPACK and caching + +Fri Jun 29 14:43:43 EDT 2012 (dar) +---------------------------------- + * libclamav: bb#5252 - update #3, more return code tweaks + +Tue Jun 26 12:23:44 EDT 2012 (dar) +---------------------------------- + * libclamav: bb#5252 - Limit exits on scanraw return codes + +Fri Jun 22 16:58:21 EDT 2012 (dar) +---------------------------------- + * libclamav: bb#5325 - Quiet Minix warning + +Mon Jun 18 17:51:49 EDT 2012 (dar) +---------------------------------- + * libclamav: bb#5252 - Update magic_scandesc filtering of scanraw return codes + +Thu Jun 14 16:05:53 EDT 2012 (judge) +---------------------------------- + * win32: Add MSI projects. + +Wed Jun 13 12:00:55 EDT 2012 (olney) +---------------------------------- + * V 0.97.5 + Fri Jun 1 13:15:50 EST 2012 (dar) --------------------------------- * libclamav: Scan output at end of truncated tar (bb#4625) diff -Nru clamav-0.97.5+dfsg/configure clamav-0.97.6+dfsg/configure --- clamav-0.97.5+dfsg/configure 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/configure 2012-08-10 12:03:23.000000000 -0400 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.65 for ClamAV 0.97.5. +# Generated by GNU Autoconf 2.65 for ClamAV 0.97.6. # # Report bugs to <http://bugs.clamav.net/>. # @@ -703,8 +703,8 @@ # Identity of this package. PACKAGE_NAME='ClamAV' PACKAGE_TARNAME='clamav' -PACKAGE_VERSION='0.97.5' -PACKAGE_STRING='ClamAV 0.97.5' +PACKAGE_VERSION='0.97.6' +PACKAGE_STRING='ClamAV 0.97.6' PACKAGE_BUGREPORT='http://bugs.clamav.net/' PACKAGE_URL='http://www.clamav.net/' @@ -1539,7 +1539,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures ClamAV 0.97.5 to adapt to many kinds of systems. +\`configure' configures ClamAV 0.97.6 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1610,7 +1610,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of ClamAV 0.97.5:";; + short | recursive ) echo "Configuration of ClamAV 0.97.6:";; esac cat <<\_ACEOF @@ -1767,7 +1767,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -ClamAV configure 0.97.5 +ClamAV configure 0.97.6 generated by GNU Autoconf 2.65 Copyright (C) 2009 Free Software Foundation, Inc. @@ -2231,7 +2231,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by ClamAV $as_me 0.97.5, which was +It was created by ClamAV $as_me 0.97.6, which was generated by GNU Autoconf 2.65. Invocation command line was $ $0 $@ @@ -3345,7 +3345,7 @@ # Define the identity of the package. PACKAGE='clamav' - VERSION='0.97.5' + VERSION='0.97.6' # Some tools Automake needs. @@ -3474,10 +3474,10 @@ $as_echo "#define PACKAGE PACKAGE_NAME" >>confdefs.h -VERSION="0.97.5" +VERSION="0.97.6" LC_CURRENT=7 -LC_REVISION=14 +LC_REVISION=15 LC_AGE=1 LIBCLAMAV_VERSION="$LC_CURRENT":"$LC_REVISION":"$LC_AGE" @@ -20635,7 +20635,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ClamAV $as_me 0.97.5, which was +This file was extended by ClamAV $as_me 0.97.6, which was generated by GNU Autoconf 2.65. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20702,7 +20702,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ClamAV config.status 0.97.5 +ClamAV config.status 0.97.6 configured by $0, generated by GNU Autoconf 2.65, with options \\"\$ac_cs_config\\" @@ -23220,7 +23220,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ClamAV $as_me 0.97.5, which was +This file was extended by ClamAV $as_me 0.97.6, which was generated by GNU Autoconf 2.65. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -23287,7 +23287,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ClamAV config.status 0.97.5 +ClamAV config.status 0.97.6 configured by $0, generated by GNU Autoconf 2.65, with options \\"\$ac_cs_config\\" diff -Nru clamav-0.97.5+dfsg/configure.in clamav-0.97.6+dfsg/configure.in --- clamav-0.97.5+dfsg/configure.in 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/configure.in 2012-08-10 12:03:00.000000000 -0400 @@ -20,7 +20,7 @@ AC_PREREQ([2.59]) dnl For a release change [devel] to the real version [0.xy] dnl also change VERSION below -AC_INIT([ClamAV], [0.97.5], [http://bugs.clamav.net/], [clamav], [http://www.clamav.net/]) +AC_INIT([ClamAV], [0.97.6], [http://bugs.clamav.net/], [clamav], [http://www.clamav.net/]) AH_BOTTOM([#include "platform.h"]) dnl put configure auxiliary into config @@ -43,10 +43,10 @@ dnl change this on a release dnl VERSION="devel-`date +%Y%m%d`" -VERSION="0.97.5" +VERSION="0.97.6" LC_CURRENT=7 -LC_REVISION=14 +LC_REVISION=15 LC_AGE=1 LIBCLAMAV_VERSION="$LC_CURRENT":"$LC_REVISION":"$LC_AGE" AC_SUBST([LIBCLAMAV_VERSION]) diff -Nru clamav-0.97.5+dfsg/debian/changelog clamav-0.97.6+dfsg/debian/changelog --- clamav-0.97.5+dfsg/debian/changelog 2012-10-19 09:27:19.000000000 -0400 +++ clamav-0.97.6+dfsg/debian/changelog 2012-10-19 09:27:20.000000000 -0400 @@ -1,3 +1,10 @@ +clamav (0.97.6+dfsg-1~squeeze1) stable; urgency=low + + * New upstream release (Closes: #689487) + * Update libclamav6 lintian override to match updated soversion + + -- Scott Kitterman <scott@kitterman.com> Fri, 19 Oct 2012 09:15:49 -0400 + clamav (0.97.5+dfsg-6~squeeze1) stable; urgency=medium * Urgency medium for RC bug fix the addressess regression from 0.97.3 diff -Nru clamav-0.97.5+dfsg/debian/libclamav6.lintian-overrides clamav-0.97.6+dfsg/debian/libclamav6.lintian-overrides --- clamav-0.97.5+dfsg/debian/libclamav6.lintian-overrides 2012-10-19 09:27:19.000000000 -0400 +++ clamav-0.97.6+dfsg/debian/libclamav6.lintian-overrides 2012-10-19 09:27:20.000000000 -0400 @@ -1 +1 @@ -libclamav6 binary: embedded-library usr/lib/libclamav.so.6.1.14: zlib +libclamav6 binary: embedded-library usr/lib/libclamav.so.6.1.15: zlib diff -Nru clamav-0.97.5+dfsg/libclamav/bytecode_detect.h clamav-0.97.6+dfsg/libclamav/bytecode_detect.h --- clamav-0.97.5+dfsg/libclamav/bytecode_detect.h 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/libclamav/bytecode_detect.h 2012-06-27 09:04:48.000000000 -0400 @@ -83,6 +83,7 @@ llvm_os_Solaris, llvm_os_Win32, llvm_os_Haiku, + llvm_os_Minix, llvm_os_ANY = 0xff }; diff -Nru clamav-0.97.5+dfsg/libclamav/c++/detect.cpp clamav-0.97.6+dfsg/libclamav/c++/detect.cpp --- clamav-0.97.5+dfsg/libclamav/c++/detect.cpp 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/libclamav/c++/detect.cpp 2012-06-27 09:04:48.000000000 -0400 @@ -158,6 +158,7 @@ warn_assumptions("Operating System", env->os_category, Triple::Win32); break; CASE_OS(Haiku, os_unknown); + CASE_OS(Minix, os_unknown); } // mmap RWX diff -Nru clamav-0.97.5+dfsg/libclamav/others.h clamav-0.97.6+dfsg/libclamav/others.h --- clamav-0.97.5+dfsg/libclamav/others.h 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/libclamav/others.h 2012-08-10 12:02:00.000000000 -0400 @@ -53,7 +53,7 @@ * in re-enabling affected modules. */ -#define CL_FLEVEL 65 +#define CL_FLEVEL 67 #define CL_FLEVEL_DCONF CL_FLEVEL #define CL_FLEVEL_SIGTOOL CL_FLEVEL diff -Nru clamav-0.97.5+dfsg/libclamav/scanners.c clamav-0.97.6+dfsg/libclamav/scanners.c --- clamav-0.97.5+dfsg/libclamav/scanners.c 2012-10-19 09:27:19.000000000 -0400 +++ clamav-0.97.6+dfsg/libclamav/scanners.c 2012-08-06 16:26:55.000000000 -0400 @@ -2361,26 +2361,47 @@ if(type != CL_TYPE_IGNORED && (type != CL_TYPE_HTML || !(DCONF_DOC & DOC_CONF_HTML_SKIPRAW)) && !ctx->engine->sdb) { res = cli_scanraw(ctx, type, typercg, &dettype, hash); if(res != CL_CLEAN) { - if(res == CL_VIRUS) - ret = cli_checkfp(hash, hashed_size, ctx); - else - ret = res; - funmap(*ctx->fmap); - ctx->fmap--; - cli_bitset_free(ctx->hook_lsig_matches); - ctx->hook_lsig_matches = old_hook_lsig_matches; - /* Same switch as end of magic_scandesc function */ - switch(ret) { - case CL_EFORMAT: + switch(res) { + /* List of scan halts, runtime errors only! */ + case CL_EUNLINK: + case CL_ESTAT: + case CL_ESEEK: + case CL_EWRITE: + case CL_EDUP: + case CL_ETMPFILE: + case CL_ETMPDIR: + case CL_EMEM: + case CL_ETIMEOUT: + cli_dbgmsg("Descriptor[%d]: cli_scanraw error %s\n", desc, cl_strerror(res)); + funmap(*ctx->fmap); + ctx->fmap--; + cli_bitset_free(ctx->hook_lsig_matches); + ctx->hook_lsig_matches = old_hook_lsig_matches; + ret_from_magicscan(res); + /* CL_VIRUS = malware found, check FP and report */ + case CL_VIRUS: + ret = cli_checkfp(hash, hashed_size, ctx); + funmap(*ctx->fmap); + ctx->fmap--; + cli_bitset_free(ctx->hook_lsig_matches); + ctx->hook_lsig_matches = old_hook_lsig_matches; + ret_from_magicscan(ret); + /* "MAX" conditions should still fully scan the current file */ case CL_EMAXREC: case CL_EMAXSIZE: case CL_EMAXFILES: - cli_dbgmsg("Descriptor[%d]: %s\n", desc, cl_strerror(ret)); - case CL_CLEAN: /* here, only from cli_checkfp() */ - cache_add(hash, hashed_size, ctx); - ret_from_magicscan(CL_CLEAN); + ret = res; + cli_dbgmsg("Descriptor[%d]: Continuing after cli_scanraw reached %s\n", + desc, cl_strerror(res)); + break; + /* Other errors must not block further scans below + * This specifically includes CL_EFORMAT & CL_EREAD & CL_EUNPACK + * Malformed/truncated files could report as any of these three. + */ default: - ret_from_magicscan(ret); + ret = res; + cli_dbgmsg("Descriptor[%d]: Continuing after cli_scanraw error %s\n", + desc, cl_strerror(res)); } } } @@ -2424,11 +2445,16 @@ ctx->hook_lsig_matches = old_hook_lsig_matches; switch(ret) { + /* Malformed file cases */ case CL_EFORMAT: + case CL_EREAD: + case CL_EUNPACK: + /* Limits exceeded */ case CL_EMAXREC: case CL_EMAXSIZE: case CL_EMAXFILES: cli_dbgmsg("Descriptor[%d]: %s\n", desc, cl_strerror(ret)); + ret_from_magicscan(CL_CLEAN); case CL_CLEAN: cache_add(hash, hashed_size, ctx); ret_from_magicscan(CL_CLEAN); diff -Nru clamav-0.97.5+dfsg/libclamav/sis.c clamav-0.97.6+dfsg/libclamav/sis.c --- clamav-0.97.5+dfsg/libclamav/sis.c 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/libclamav/sis.c 2012-09-17 11:19:33.000000000 -0400 @@ -95,11 +95,16 @@ } cli_dbgmsg("SIS: UIDS %x %x %x - %x\n", EC32(uid[0]), EC32(uid[1]), EC32(uid[2]), EC32(uid[3])); - if (uid[2]==EC32(0x10000419)) + if (uid[2]==le32_to_host(0x10000419)) { i=real_scansis(f, ctx, tmpd); - else if(uid[0]==EC32(0x10201a7a)) { + } + else if(uid[0]==le32_to_host(0x10201a7a)) { i=real_scansis9x(f, ctx, tmpd); } + else { + cli_dbgmsg("SIS: UIDs failed to match\n"); + i=CL_EFORMAT; + } if (!ctx->engine->keeptmp) cli_rmdirs(tmpd); diff -Nru clamav-0.97.5+dfsg/libclamav/version.h clamav-0.97.6+dfsg/libclamav/version.h --- clamav-0.97.5+dfsg/libclamav/version.h 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/libclamav/version.h 2012-08-10 13:10:35.000000000 -0400 @@ -1 +1 @@ -#define REPO_VERSION "devel-clamav-0.97.5" +#define REPO_VERSION "devel-clamav-0.97.6" diff -Nru clamav-0.97.5+dfsg/NEWS clamav-0.97.6+dfsg/NEWS --- clamav-0.97.5+dfsg/NEWS 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/NEWS 2012-09-17 11:16:40.000000000 -0400 @@ -1,10 +1,9 @@ -0.97.5 +0.97.6 ------ -ClamAV 0.97.5 addresses possible evasion cases in some archive formats -(CVE-2012-1457, CVE-2012-1458, CVE-2012-1459). It also addresses stability -issues in portions of the bytecode engine. This release is recommended for all -users. +ClamAV 0.97.6 corrects two major bugs. One is bb#5571, where an invalid return +code was issued. The other is 5252, where an error in processing certain data +types occured. -- The ClamAV team (http://www.clamav.net/team) diff -Nru clamav-0.97.5+dfsg/README clamav-0.97.6+dfsg/README --- clamav-0.97.5+dfsg/README 2012-06-15 10:05:05.000000000 -0400 +++ clamav-0.97.6+dfsg/README 2012-09-17 11:02:22.000000000 -0400 @@ -1,6 +1,10 @@ Note: This README/NEWS file refers to the source tarball. Some things described here may not be available in binary packages. -- +0.97.6 +------ +ClamAV 0.97.6 corrects bug 5252 "CL_EFORMAT: Bad format or broken data ERROR +reported as scan result. 0.97.5 ------
Attachment:
signature.asc
Description: This is a digitally signed message part.