--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: jessie-pu: package clamav/0.99.2+dfsg-0+deb8u2
- From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
- Date: Sat, 27 Jan 2018 02:07:51 +0100
- Message-id: <20180127010750.owlwrpc5wqxxl36n@breakpoint.cc>
Package: release.debian.org
User: release.debian.org@packages.debian.org
Usertags: pu
Tags: jessie
Severity: normal
Clamav released 0.99.3. Recently upstream decided to release 0.99.2.1 as
a security hostfix release only. However they then decided not to use a
four digit version but three as usually and so the security hotfix is
now 0.99.3.
In unstable we have 0.99.3~beta2 which was a pre-release of the upcomming
0.99.3 before they decided to release a security fix. So in unstable we
have a "beta2" which contains all the security fixes which are part of
their final 0.99.3 release.
Instead reverting all that stuff I prepared for the 0.99.3 I backported
the delta from 0.99.2..0.99.3 and prepared an incremental 0.99.2 release
for Jessie [0]. Clamav itself identifies as 0.99.3 because otherwise it
will complain about being too old.
I synced the queue with Stretch. One patch (which is new) the one
addressing upstream bug#11549 [1] which triggered today. Upstream forgot
to include it in their 0.99.3 release and I had it already in
0.99.2+dfsg-5 (as of Stretch). While upstream claims that this won't
happen again with *their* signatures, it might happen with
others/community and it *did* trigger earlier [2].
Please find attached a debdiff. The official announcement is at [3].
If you prefer another way of dealing with this please let me know.
[0] A second pair of eyes wouldn't hurt, after all it is 2am here.
[1] http://blog.clamav.net/2018/01/update-on-recent-file-descriptors-issue.html
[2] https://bugs.debian.org/824196
[3] http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
Sebastian
diff -Nru clamav-0.99.2+dfsg/debian/changelog clamav-0.99.2+dfsg/debian/changelog
--- clamav-0.99.2+dfsg/debian/changelog 2016-06-06 23:23:31.000000000 +0200
+++ clamav-0.99.2+dfsg/debian/changelog 2018-01-27 01:29:24.000000000 +0100
@@ -1,3 +1,15 @@
+clamav (0.99.2+dfsg-0+deb8u3) jessie; urgency=medium
+
+ * Apply security patches from 0.99.3 (Closes: #888484):
+ - fixes for the following CVE's: CVE-2017-6418, CVE-2017-6420,
+ CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377,
+ CVE-2017-12378, CVE-2017-12379, CVE-2017-12380.
+ * Bump symbol version of cl_retflevel because CL_FLEVEL changed.
+ * Cherry-pick patch from bb11549 to fix a temp file cleanup issue
+ (Closes: #824196).
+
+ -- Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Sat, 27 Jan 2018 01:29:24 +0100
+
clamav (0.99.2+dfsg-0+deb8u2) stable; urgency=medium
* Don't fail if AllowSupplementaryGroups is still set in the config file but
diff -Nru clamav-0.99.2+dfsg/debian/.git-dpm clamav-0.99.2+dfsg/debian/.git-dpm
--- clamav-0.99.2+dfsg/debian/.git-dpm 2016-06-06 22:10:43.000000000 +0200
+++ clamav-0.99.2+dfsg/debian/.git-dpm 2018-01-27 01:27:48.000000000 +0100
@@ -1,6 +1,6 @@
# see git-dpm(1) from git-dpm package
-279c06a817c13eb22dc3ade949ea8b4a8aea9825
-279c06a817c13eb22dc3ade949ea8b4a8aea9825
+f77af4292400e7652f3cc358933d3b79adf9432e
+f77af4292400e7652f3cc358933d3b79adf9432e
48a96d2a3f0f4aca12f39f62a53fe1671a6e15a2
48a96d2a3f0f4aca12f39f62a53fe1671a6e15a2
clamav_0.99.2+dfsg.orig.tar.xz
diff -Nru clamav-0.99.2+dfsg/debian/libclamav7.symbols clamav-0.99.2+dfsg/debian/libclamav7.symbols
--- clamav-0.99.2+dfsg/debian/libclamav7.symbols 2016-05-19 18:40:20.000000000 +0200
+++ clamav-0.99.2+dfsg/debian/libclamav7.symbols 2018-01-27 01:28:11.000000000 +0100
@@ -63,7 +63,7 @@
cl_load_cert@CLAMAV_PRIVATE 0.99.2
cl_load_crl@CLAMAV_PRIVATE 0.99.2
cl_retdbdir@CLAMAV_PUBLIC 0.99~rc1
- cl_retflevel@CLAMAV_PUBLIC 0.99.1
+ cl_retflevel@CLAMAV_PUBLIC 0.99.2+dfsg-6+deb9u1
cl_retver@CLAMAV_PUBLIC 0.99~rc1
cl_scandesc@CLAMAV_PUBLIC 0.99~rc1
cl_scandesc_callback@CLAMAV_PUBLIC 0.99~rc1
diff -Nru clamav-0.99.2+dfsg/debian/patches/b11939-adding-fix-as-recommended-by-bug-reporter-alo.patch clamav-0.99.2+dfsg/debian/patches/b11939-adding-fix-as-recommended-by-bug-reporter-alo.patch
--- clamav-0.99.2+dfsg/debian/patches/b11939-adding-fix-as-recommended-by-bug-reporter-alo.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/b11939-adding-fix-as-recommended-by-bug-reporter-alo.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,75 @@
+From a0b8b7e0408029869fbb85353d9f53d3347e20e7 Mon Sep 17 00:00:00 2001
+From: Micah Snyder <micasnyd@cisco.com>
+Date: Sun, 29 Oct 2017 17:35:00 -0400
+Subject: b11939: adding fix as recommended by bug reporter along with a couple
+ extra lines to ensure freed pointers are set to NULL.
+
+Patch-Name: b11939-adding-fix-as-recommended-by-bug-reporter-alo.patch
+---
+ libclamav/mbox.c | 2 +-
+ libclamav/message.c | 4 +++-
+ libclamav/text.c | 10 +++++++---
+ 3 files changed, 11 insertions(+), 5 deletions(-)
+
+diff --git a/libclamav/mbox.c b/libclamav/mbox.c
+index 96bdbd2..8e48bb7 100644
+--- a/libclamav/mbox.c
++++ b/libclamav/mbox.c
+@@ -2067,7 +2067,7 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx, unsigned int re
+ * bother saving to scan, it's safe
+ */
+ saveIt = (bool)(encodingLine(mainMessage) != NULL);
+- else if((t_line = encodingLine(mainMessage)) != NULL) {
++ else if(mainMessage->body_last != NULL && (t_line = encodingLine(mainMessage)) != NULL) {
+ /*
+ * Some bounces include the message
+ * body without the headers.
+diff --git a/libclamav/message.c b/libclamav/message.c
+index 3856bfe..8afe800 100644
+--- a/libclamav/message.c
++++ b/libclamav/message.c
+@@ -1068,8 +1068,10 @@ messageMoveText(message *m, text *t, message *old_message)
+ for(u = old_message->body_first; u != t;) {
+ text *next;
+
+- if(u->t_line)
++ if(u->t_line) {
+ lineUnlink(u->t_line);
++ u->t_line = NULL;
++ }
+ next = u->t_next;
+
+ free(u);
+diff --git a/libclamav/text.c b/libclamav/text.c
+index 5c6e7ea..7d3c3a6 100644
+--- a/libclamav/text.c
++++ b/libclamav/text.c
+@@ -124,8 +124,10 @@ textDestroy(text *t_head)
+ {
+ while(t_head) {
+ text *t_next = t_head->t_next;
+- if(t_head->t_line)
+- (void)lineUnlink(t_head->t_line);
++ if(t_head->t_line) {
++ lineUnlink(t_head->t_line);
++ t_head->t_line = NULL;
++ }
+ free(t_head);
+ t_head = t_next;
+ }
+@@ -146,12 +148,14 @@ textCopy(const text *t_head)
+ }
+
+ if(last == NULL) {
+- cli_errmsg("textCopy: Unable to allocate memory to clone object\n");
++ cli_errmsg("textCopy: Unable to allocate memory to clone object\n");
+ if(first)
+ textDestroy(first);
+ return NULL;
+ }
+
++ last->t_next = NULL;
++
+ if(t_head->t_line)
+ last->t_line = lineLink(t_head->t_line);
+ else
diff -Nru clamav-0.99.2+dfsg/debian/patches/bb111711-fix-zlib-version-check-patch-by-Daniel-J.-L.patch clamav-0.99.2+dfsg/debian/patches/bb111711-fix-zlib-version-check-patch-by-Daniel-J.-L.patch
--- clamav-0.99.2+dfsg/debian/patches/bb111711-fix-zlib-version-check-patch-by-Daniel-J.-L.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/bb111711-fix-zlib-version-check-patch-by-Daniel-J.-L.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,26 @@
+From 8ebab1805deba8913ef1941a1f5d51df58b01208 Mon Sep 17 00:00:00 2001
+From: Steven Morgan <stevmorg@cisco.com>
+Date: Thu, 5 Jan 2017 12:30:35 -0500
+Subject: bb111711 - fix zlib version check - patch by Daniel J. Luke.
+
+Patch-Name: bb111711-fix-zlib-version-check-patch-by-Daniel-J.-L.patch
+---
+ m4/reorganization/libs/libz.m4 | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/m4/reorganization/libs/libz.m4 b/m4/reorganization/libs/libz.m4
+index b5c7414..f7b67ca 100644
+--- a/m4/reorganization/libs/libz.m4
++++ b/m4/reorganization/libs/libz.m4
+@@ -29,9 +29,9 @@ then
+ AC_MSG_ERROR([Please install zlib and zlib-devel packages])
+ else
+
+- vuln=`grep "ZLIB_VERSION \"1.2.0" $ZLIB_HOME/include/zlib.h`
++ vuln=`grep "ZLIB_VERSION \"1.2.0\"" $ZLIB_HOME/include/zlib.h`
+ if test -z "$vuln"; then
+- vuln=`grep "ZLIB_VERSION \"1.2.1" $ZLIB_HOME/include/zlib.h`
++ vuln=`grep "ZLIB_VERSION \"1.2.1\"" $ZLIB_HOME/include/zlib.h`
+ fi
+
+ if test -n "$vuln"; then
diff -Nru clamav-0.99.2+dfsg/debian/patches/bb11549-fix-temp-file-cleanup-issue.patch clamav-0.99.2+dfsg/debian/patches/bb11549-fix-temp-file-cleanup-issue.patch
--- clamav-0.99.2+dfsg/debian/patches/bb11549-fix-temp-file-cleanup-issue.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/bb11549-fix-temp-file-cleanup-issue.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,149 @@
+From 5f4c1e13c92a4540d0ceed8252d6112fa31a959a Mon Sep 17 00:00:00 2001
+From: Steven Morgan <smorgan@sourcefire.com>
+Date: Thu, 9 Jun 2016 14:06:23 -0400
+Subject: bb11549 - fix temp file cleanup issue.
+
+Patch-Name: bb11549-fix-temp-file-cleanup-issue.patch
+---
+ libclamav/scanners.c | 86 +++++++++++++++++++++++-----------------------------
+ 1 file changed, 38 insertions(+), 48 deletions(-)
+
+diff --git a/libclamav/scanners.c b/libclamav/scanners.c
+index e104d2f..9536e3c 100644
+--- a/libclamav/scanners.c
++++ b/libclamav/scanners.c
+@@ -1265,37 +1265,33 @@ static int cli_scanscript(cli_ctx *ctx)
+ return CL_CLEAN;
+ }
+
++ if(!(normalized = cli_malloc(SCANBUFF + maxpatlen))) {
++ cli_dbgmsg("cli_scanscript: Unable to malloc %u bytes\n", SCANBUFF);
++ return CL_EMEM;
++ }
++ text_normalize_init(&state, normalized, SCANBUFF + maxpatlen);
++
++ if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0, troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0, CLI_DEFAULT_AC_TRACKLEN))) {
++ free(normalized);
++ return ret;
++ }
++
++ if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) {
++ cli_ac_freedata(&tmdata);
++ free(normalized);
++ return ret;
++ }
++
+ /* dump to disk only if explicitly asked to
+ * or if necessary to check relative offsets,
+ * otherwise we can process just in-memory */
+ if(ctx->engine->keeptmp || (troot && troot->ac_reloff_num > 0)) {
+- if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) {
+- cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n");
+- return ret;
+- }
+- if (ctx->engine->keeptmp)
+- cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname);
+- }
+-
+- if(!(normalized = cli_malloc(SCANBUFF + maxpatlen))) {
+- cli_dbgmsg("cli_scanscript: Unable to malloc %u bytes\n", SCANBUFF);
+- free(tmpname);
+- return CL_EMEM;
+- }
+-
+- text_normalize_init(&state, normalized, SCANBUFF + maxpatlen);
+- ret = CL_CLEAN;
+-
+-
+- if ((ret = cli_ac_initdata(&tmdata, troot?troot->ac_partsigs:0, troot?troot->ac_lsigs:0, troot?troot->ac_reloff_num:0, CLI_DEFAULT_AC_TRACKLEN))) {
+- free(tmpname);
+- return ret;
+- }
+-
+- if ((ret = cli_ac_initdata(&gmdata, groot->ac_partsigs, groot->ac_lsigs, groot->ac_reloff_num, CLI_DEFAULT_AC_TRACKLEN))) {
+- cli_ac_freedata(&tmdata);
+- free(tmpname);
+- return ret;
++ if((ret = cli_gentempfd(ctx->engine->tmpdir, &tmpname, &ofd))) {
++ cli_dbgmsg("cli_scanscript: Can't generate temporary file/descriptor\n");
++ goto done;
++ }
++ if (ctx->engine->keeptmp)
++ cli_dbgmsg("cli_scanscript: saving normalized file to %s\n", tmpname);
+ }
+
+ mdata[0] = &tmdata;
+@@ -1310,10 +1306,9 @@ static int cli_scanscript(cli_ctx *ctx)
+ map_off += written;
+
+ if (write(ofd, state.out, state.out_pos) == -1) {
+- cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname);
+- close(ofd);
+- free(tmpname);
+- return CL_EWRITE;
++ cli_errmsg("cli_scanscript: can't write to file %s\n",tmpname);
++ ret = CL_EWRITE;
++ goto done;
+ }
+ text_normalize_reset(&state);
+ }
+@@ -1332,11 +1327,6 @@ static int cli_scanscript(cli_ctx *ctx)
+ funmap(*ctx->fmap);
+ }
+ *ctx->fmap = map;
+-
+- /* If we aren't keeping temps, delete the normalized file after scan. */
+- if(!(ctx->engine->keeptmp))
+- if (cli_unlink(tmpname)) ret = CL_EUNLINK;
+-
+ } else {
+ /* Since the above is moderately costly all in all,
+ * do the old stuff if there's no relative offsets. */
+@@ -1344,11 +1334,8 @@ static int cli_scanscript(cli_ctx *ctx)
+ if (troot) {
+ cli_targetinfo(&info, 7, map);
+ ret = cli_ac_caloff(troot, &tmdata, &info);
+- if (ret) {
+- cli_ac_freedata(&tmdata);
+- free(tmpname);
+- return ret;
+- }
++ if (ret)
++ goto done;
+ }
+
+ while(1) {
+@@ -1389,13 +1376,6 @@ static int cli_scanscript(cli_ctx *ctx)
+
+ }
+
+- if(ctx->engine->keeptmp) {
+- free(tmpname);
+- if (ofd >= 0)
+- close(ofd);
+- }
+- free(normalized);
+-
+ if(ret != CL_VIRUS || SCAN_ALL) {
+ if ((ret = cli_exp_eval(ctx, troot, &tmdata, NULL, NULL)) == CL_VIRUS)
+ viruses_found++;
+@@ -1404,9 +1384,19 @@ static int cli_scanscript(cli_ctx *ctx)
+ viruses_found++;
+ }
+
++done:
++ free(normalized);
+ cli_ac_freedata(&tmdata);
+ cli_ac_freedata(&gmdata);
+
++ if (ofd != -1)
++ close(ofd);
++ if (tmpname != NULL) {
++ if (!ctx->engine->keeptmp)
++ cli_unlink(tmpname);
++ free(tmpname);
++ }
++
+ if (SCAN_ALL && viruses_found)
+ return CL_VIRUS;
+
diff -Nru clamav-0.99.2+dfsg/debian/patches/bb11797-fix-invalid-read-in-fuzzed-mail-file.patch clamav-0.99.2+dfsg/debian/patches/bb11797-fix-invalid-read-in-fuzzed-mail-file.patch
--- clamav-0.99.2+dfsg/debian/patches/bb11797-fix-invalid-read-in-fuzzed-mail-file.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/bb11797-fix-invalid-read-in-fuzzed-mail-file.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,38 @@
+From 9af868f087b2065c69227fc864c999f6d6005129 Mon Sep 17 00:00:00 2001
+From: Steven Morgan <stevmorg@cisco.com>
+Date: Thu, 2 Mar 2017 14:41:20 -0500
+Subject: bb11797 - fix invalid read in fuzzed mail file.
+
+Patch-Name: bb11797-fix-invalid-read-in-fuzzed-mail-file.patch
+---
+ libclamav/message.c | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/libclamav/message.c b/libclamav/message.c
+index abb1ac2..3856bfe 100644
+--- a/libclamav/message.c
++++ b/libclamav/message.c
+@@ -439,8 +439,12 @@ messageAddArgument(message *m, const char *arg)
+ * FIXME: Bounce message handling is corrupting the in
+ * core copies of headers
+ */
+- cli_dbgmsg("Possible data corruption fixed\n");
+- p[8] = '=';
++ if (strlen(p) > 8) {
++ cli_dbgmsg("Possible data corruption fixed\n");
++ p[8] = '=';
++ } else {
++ cli_dbgmsg("Possible data corruption not fixed\n");
++ }
+ } else {
+ if(*p)
+ cli_dbgmsg("messageAddArgument, '%s' contains no '='\n", p);
+@@ -676,7 +680,7 @@ messageFindArgument(const message *m, const char *variable)
+ cli_dbgmsg("messageFindArgument: no '=' sign found in MIME header '%s' (%s)\n", variable, messageGetArgument(m, i));
+ return NULL;
+ }
+- if((*++ptr == '"') && (strchr(&ptr[1], '"') != NULL)) {
++ if((strlen(ptr) > 2) && (*++ptr == '"') && (strchr(&ptr[1], '"') != NULL)) {
+ /* Remove any quote characters */
+ char *ret = cli_strdup(++ptr);
+ char *p;
diff -Nru clamav-0.99.2+dfsg/debian/patches/bb11798-fix-unit-tests.patch clamav-0.99.2+dfsg/debian/patches/bb11798-fix-unit-tests.patch
--- clamav-0.99.2+dfsg/debian/patches/bb11798-fix-unit-tests.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/bb11798-fix-unit-tests.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,45 @@
+From d915808a16fa93d5999457078e2f2a4979b8585f Mon Sep 17 00:00:00 2001
+From: Steven Morgan <stevmorg@cisco.com>
+Date: Wed, 8 Mar 2017 08:58:28 -0500
+Subject: bb11798 - fix unit tests.
+
+Patch-Name: bb11798-fix-unit-tests.patch
+---
+ libclamav/wwunpack.c | 9 +++------
+ unit_tests/check_jsnorm.c | 2 +-
+ 2 files changed, 4 insertions(+), 7 deletions(-)
+
+diff --git a/libclamav/wwunpack.c b/libclamav/wwunpack.c
+index 38c1808..a13550e 100644
+--- a/libclamav/wwunpack.c
++++ b/libclamav/wwunpack.c
+@@ -226,13 +226,10 @@ int wwunpack(uint8_t *exe, uint32_t exesz, uint8_t *wwsect, struct cli_exe_secti
+ return CL_EFORMAT;
+ exe[pe+6]=(uint8_t)scount;
+ exe[pe+7]=(uint8_t)(scount>>8);
+- if (!CLI_ISCONTAINED(wwsect, sects[scount].rsz, wwsect+0x295, 4) ||
+- !CLI_ISCONTAINED(wwsect, sects[scount].rsz, wwsect+0x295+sects[scount].rva, 4) ||
+- !CLI_ISCONTAINED(wwsect, sects[scount].rsz, wwsect+0x295+sects[scount].rva+0x299, 4)) {
++ if (!CLI_ISCONTAINED(wwsect, sects[scount].rsz, wwsect+0x295, 4))
+ cli_dbgmsg("WWPack: unpack memory address out of bounds.\n");
+- return CL_EFORMAT;
+- }
+- cli_writeint32(&exe[pe+0x28], cli_readint32(wwsect+0x295)+sects[scount].rva+0x299);
++ else
++ cli_writeint32(&exe[pe+0x28], cli_readint32(wwsect+0x295)+sects[scount].rva+0x299);
+ cli_writeint32(&exe[pe+0x50], cli_readint32(&exe[pe+0x50])-sects[scount].vsz);
+
+ structs = &exe[(0xffff&cli_readint32(&exe[pe+0x14]))+pe+0x18];
+diff --git a/unit_tests/check_jsnorm.c b/unit_tests/check_jsnorm.c
+index 7515a0c..9587ea4 100644
+--- a/unit_tests/check_jsnorm.c
++++ b/unit_tests/check_jsnorm.c
+@@ -145,7 +145,7 @@ END_TEST
+
+ START_TEST (test_token_dval)
+ {
+- int val = 0.12345;
++ double val = 0.12345;
+ yystype tok;
+ memset(&tok, 0, sizeof(tok));
+
diff -Nru clamav-0.99.2+dfsg/debian/patches/bb11940-fixing-heap-overflow-in-rfc2037.-Patch-submi.patch clamav-0.99.2+dfsg/debian/patches/bb11940-fixing-heap-overflow-in-rfc2037.-Patch-submi.patch
--- clamav-0.99.2+dfsg/debian/patches/bb11940-fixing-heap-overflow-in-rfc2037.-Patch-submi.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/bb11940-fixing-heap-overflow-in-rfc2037.-Patch-submi.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,24 @@
+From 459a5d7d2d8c90168dba26e7a9110d4fb649c217 Mon Sep 17 00:00:00 2001
+From: Mickey Sola <msola@sourcefire.com>
+Date: Fri, 27 Oct 2017 17:24:33 -0400
+Subject: bb11940 - fixing heap overflow in rfc2037. Patch submitted by Suleman
+ Ali
+
+Patch-Name: bb11940-fixing-heap-overflow-in-rfc2037.-Patch-submi.patch
+---
+ libclamav/mbox.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libclamav/mbox.c b/libclamav/mbox.c
+index 8e48bb7..13edb78 100644
+--- a/libclamav/mbox.c
++++ b/libclamav/mbox.c
+@@ -2842,7 +2842,7 @@ rfc2047(const char *in)
+ memcpy(pout, blobGetData(b), len);
+ blobDestroy(b);
+ messageDestroy(m);
+- if(pout[len - 1] == '\n')
++ if(len > 0 && pout[len - 1] == '\n')
+ pout += len - 1;
+ else
+ pout += len;
diff -Nru clamav-0.99.2+dfsg/debian/patches/bb11941-fixing-UAF-in-mbox-exportBounceMessage.-Orig.patch clamav-0.99.2+dfsg/debian/patches/bb11941-fixing-UAF-in-mbox-exportBounceMessage.-Orig.patch
--- clamav-0.99.2+dfsg/debian/patches/bb11941-fixing-UAF-in-mbox-exportBounceMessage.-Orig.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/bb11941-fixing-UAF-in-mbox-exportBounceMessage.-Orig.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,27 @@
+From acee9409a1751a76cb95ef380be6d57c75690a45 Mon Sep 17 00:00:00 2001
+From: Mickey Sola <msola@sourcefire.com>
+Date: Mon, 30 Oct 2017 16:39:54 -0400
+Subject: bb11941 - fixing UAF in mbox exportBounceMessage. Original patch
+ submitted by Suleman Ali
+
+Patch-Name: bb11941-fixing-UAF-in-mbox-exportBounceMessage.-Orig.patch
+---
+ libclamav/mbox.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/libclamav/mbox.c b/libclamav/mbox.c
+index 13edb78..3df2ae0 100644
+--- a/libclamav/mbox.c
++++ b/libclamav/mbox.c
+@@ -2053,8 +2053,9 @@ parseEmailBody(message *messageIn, text *textIn, mbox_ctx *mctx, unsigned int re
+ /*
+ * Look for uu-encoded main file
+ */
+- if((encodingLine(mainMessage) != NULL) &&
+- ((t_line = bounceBegin(mainMessage)) != NULL))
++ if(mainMessage->body_first != NULL &&
++ (encodingLine(mainMessage) != NULL) &&
++ ((t_line = bounceBegin(mainMessage)) != NULL))
+ rc = (exportBounceMessage(mctx, t_line) == CL_VIRUS) ? VIRUS : OK;
+ else {
+ bool saveIt;
diff -Nru clamav-0.99.2+dfsg/debian/patches/bb11943-add-check-to-mew.c-for-out-of-bounds-read.-P.patch clamav-0.99.2+dfsg/debian/patches/bb11943-add-check-to-mew.c-for-out-of-bounds-read.-P.patch
--- clamav-0.99.2+dfsg/debian/patches/bb11943-add-check-to-mew.c-for-out-of-bounds-read.-P.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/bb11943-add-check-to-mew.c-for-out-of-bounds-read.-P.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,24 @@
+From 0b00a85dfdb2133cc244016d4b6d97387a73521a Mon Sep 17 00:00:00 2001
+From: Steven Morgan <stevmorg@cisco.com>
+Date: Fri, 27 Oct 2017 16:52:29 -0400
+Subject: bb11943 - add check to mew.c for out of bounds read. Patch supplied
+ by Suleman Ali.
+
+Patch-Name: bb11943-add-check-to-mew.c-for-out-of-bounds-read.-P.patch
+---
+ libclamav/mew.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libclamav/mew.c b/libclamav/mew.c
+index 0e0c011..14d2bc2 100644
+--- a/libclamav/mew.c
++++ b/libclamav/mew.c
+@@ -424,6 +424,8 @@ int mew_lzma(char *orgsource, const char *buf, uint32_t size_sum, uint32_t vma,
+ loc_edi = 1;
+ var14 = var10 = var24 = 1;
+
++ if(CLI_ISCONTAINED(orgsource, size_sum, var2C, 5))
++ return -1;
+ lzma_bswap_4861dc(&var40, var2C);
+ new_edx = 0;
+ } while (var28 <= loc_esi); /* source = 0 */
diff -Nru clamav-0.99.2+dfsg/debian/patches/bb11943-buffer-check-for-mew-packed-files.patch clamav-0.99.2+dfsg/debian/patches/bb11943-buffer-check-for-mew-packed-files.patch
--- clamav-0.99.2+dfsg/debian/patches/bb11943-buffer-check-for-mew-packed-files.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/bb11943-buffer-check-for-mew-packed-files.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,23 @@
+From 4dcc150500a9a75c2bfca53df222d88171dbdf81 Mon Sep 17 00:00:00 2001
+From: Steven Morgan <stevmorg@cisco.com>
+Date: Wed, 15 Nov 2017 10:46:39 -0500
+Subject: bb11943 - buffer check for mew packed files.
+
+Patch-Name: bb11943-buffer-check-for-mew-packed-files.patch
+---
+ libclamav/mew.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libclamav/mew.c b/libclamav/mew.c
+index 14d2bc2..e5fb1f4 100644
+--- a/libclamav/mew.c
++++ b/libclamav/mew.c
+@@ -424,7 +424,7 @@ int mew_lzma(char *orgsource, const char *buf, uint32_t size_sum, uint32_t vma,
+ loc_edi = 1;
+ var14 = var10 = var24 = 1;
+
+- if(CLI_ISCONTAINED(orgsource, size_sum, var2C, 5))
++ if(!CLI_ISCONTAINED(orgsource, size_sum, var2C, 5))
+ return -1;
+ lzma_bswap_4861dc(&var40, var2C);
+ new_edx = 0;
diff -Nru clamav-0.99.2+dfsg/debian/patches/bb11944-fix-possible-message.c-OOB-read.patch clamav-0.99.2+dfsg/debian/patches/bb11944-fix-possible-message.c-OOB-read.patch
--- clamav-0.99.2+dfsg/debian/patches/bb11944-fix-possible-message.c-OOB-read.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/bb11944-fix-possible-message.c-OOB-read.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,32 @@
+From 1e7ec05f6e9cf571b5cd082ac9c9110532b541b9 Mon Sep 17 00:00:00 2001
+From: Steven Morgan <stevmorg@cisco.com>
+Date: Wed, 1 Nov 2017 16:23:23 -0400
+Subject: bb11944 - fix possible message.c OOB read.
+
+Patch-Name: bb11944-fix-possible-message.c-OOB-read.patch
+---
+ libclamav/message.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/libclamav/message.c b/libclamav/message.c
+index 8afe800..59d92f7 100644
+--- a/libclamav/message.c
++++ b/libclamav/message.c
+@@ -2323,15 +2323,16 @@ rfc2231(const char *in)
+ in++;
+ continue;
+ }
+- *p = '\0';
+ break;
+ case '=':
+ /*strcpy(p, in);*/
+ strcpy(p, "=rfc2231failure");
++ p += strlen ("=rfc2231failure");
+ break;
+ }
+ break;
+ } while(*in);
++ *p = '\0';
+
+ cli_dbgmsg("RFC2231 parameter continuations are not yet handled, returning \"%s\"\n",
+ ret);
diff -Nru clamav-0.99.2+dfsg/debian/patches/bb11945-fixing-null-dereference-of-blob-pointer.patch clamav-0.99.2+dfsg/debian/patches/bb11945-fixing-null-dereference-of-blob-pointer.patch
--- clamav-0.99.2+dfsg/debian/patches/bb11945-fixing-null-dereference-of-blob-pointer.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/bb11945-fixing-null-dereference-of-blob-pointer.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,25 @@
+From fc2edb6c59a7f11c76c48a1e425e69b1084a9d71 Mon Sep 17 00:00:00 2001
+From: Mickey Sola <msola@sourcefire.com>
+Date: Fri, 27 Oct 2017 17:04:32 -0400
+Subject: bb11945 - fixing null dereference of blob pointer
+
+Patch-Name: bb11945-fixing-null-dereference-of-blob-pointer.patch
+---
+ libclamav/mbox.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/libclamav/mbox.c b/libclamav/mbox.c
+index 3df2ae0..9926896 100644
+--- a/libclamav/mbox.c
++++ b/libclamav/mbox.c
+@@ -2837,6 +2837,10 @@ rfc2047(const char *in)
+ break;
+ }
+ b = messageToBlob(m, 1);
++ if (b == NULL) {
++ messageDestroy(m);
++ break;
++ }
+ len = blobGetDataSize(b);
+ cli_dbgmsg("Decoded as '%*.*s'\n", (int)len, (int)len,
+ (const char *)blobGetData(b));
diff -Nru clamav-0.99.2+dfsg/debian/patches/bb11946-check-that-tar-checksum-is-within-bounds.-Pa.patch clamav-0.99.2+dfsg/debian/patches/bb11946-check-that-tar-checksum-is-within-bounds.-Pa.patch
--- clamav-0.99.2+dfsg/debian/patches/bb11946-check-that-tar-checksum-is-within-bounds.-Pa.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/bb11946-check-that-tar-checksum-is-within-bounds.-Pa.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,25 @@
+From 4152f365f374816ac83649c7ccf0c7f01e6e9685 Mon Sep 17 00:00:00 2001
+From: Steven Morgan <stevmorg@cisco.com>
+Date: Fri, 27 Oct 2017 16:03:29 -0400
+Subject: bb11946 - check that tar checksum is within bounds. Patch supplied by
+ Suleman Ali.
+
+Patch-Name: bb11946-check-that-tar-checksum-is-within-bounds.-Pa.patch
+---
+ libclamav/untar.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/libclamav/untar.c b/libclamav/untar.c
+index 3f72cec..dcdf966 100644
+--- a/libclamav/untar.c
++++ b/libclamav/untar.c
+@@ -182,6 +182,9 @@ cli_untar(const char *dir, unsigned int posix, cli_ctx *ctx)
+ if((ret=cli_checklimits("cli_untar", ctx, 0, 0, 0))!=CL_CLEAN)
+ return ret;
+
++ if (nread < TARCHECKSUMOFFSET + TARCHECKSUMLEN)
++ return ret;
++
+ checksum = getchecksum(block);
+ cli_dbgmsg("cli_untar: Candidate checksum = %d, [%o in octal]\n", checksum, checksum);
+ if(testchecksum(block, checksum) != 0) {
diff -Nru clamav-0.99.2+dfsg/debian/patches/bb19798-fix-out-of-bound-memory-access-for-crafted-w.patch clamav-0.99.2+dfsg/debian/patches/bb19798-fix-out-of-bound-memory-access-for-crafted-w.patch
--- clamav-0.99.2+dfsg/debian/patches/bb19798-fix-out-of-bound-memory-access-for-crafted-w.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/bb19798-fix-out-of-bound-memory-access-for-crafted-w.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,27 @@
+From dc6ea4977e8030fff9a3dc762ab56a0e3b3b77f5 Mon Sep 17 00:00:00 2001
+From: Steven Morgan <stevmorg@cisco.com>
+Date: Fri, 3 Mar 2017 13:56:28 -0500
+Subject: bb19798 - fix out of bound memory access for crafted wwunpack file.
+
+Patch-Name: bb19798-fix-out-of-bound-memory-access-for-crafted-w.patch
+---
+ libclamav/wwunpack.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/libclamav/wwunpack.c b/libclamav/wwunpack.c
+index 8611cb6..38c1808 100644
+--- a/libclamav/wwunpack.c
++++ b/libclamav/wwunpack.c
+@@ -226,6 +226,12 @@ int wwunpack(uint8_t *exe, uint32_t exesz, uint8_t *wwsect, struct cli_exe_secti
+ return CL_EFORMAT;
+ exe[pe+6]=(uint8_t)scount;
+ exe[pe+7]=(uint8_t)(scount>>8);
++ if (!CLI_ISCONTAINED(wwsect, sects[scount].rsz, wwsect+0x295, 4) ||
++ !CLI_ISCONTAINED(wwsect, sects[scount].rsz, wwsect+0x295+sects[scount].rva, 4) ||
++ !CLI_ISCONTAINED(wwsect, sects[scount].rsz, wwsect+0x295+sects[scount].rva+0x299, 4)) {
++ cli_dbgmsg("WWPack: unpack memory address out of bounds.\n");
++ return CL_EFORMAT;
++ }
+ cli_writeint32(&exe[pe+0x28], cli_readint32(wwsect+0x295)+sects[scount].rva+0x299);
+ cli_writeint32(&exe[pe+0x50], cli_readint32(&exe[pe+0x50])-sects[scount].vsz);
+
diff -Nru clamav-0.99.2+dfsg/debian/patches/Better-fix-for-bug-11946.patch clamav-0.99.2+dfsg/debian/patches/Better-fix-for-bug-11946.patch
--- clamav-0.99.2+dfsg/debian/patches/Better-fix-for-bug-11946.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/Better-fix-for-bug-11946.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,46 @@
+From d349516b2685d7e917719dab61919601cbd15f92 Mon Sep 17 00:00:00 2001
+From: Craig Davison <crdaviso@cisco.com>
+Date: Wed, 1 Nov 2017 13:34:20 -0600
+Subject: Better fix for bug 11946
+
+Signed-off-by: Steven Morgan <stevmorg@cisco.com>
+Patch-Name: Better-fix-for-bug-11946.patch
+---
+ libclamav/untar.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/libclamav/untar.c b/libclamav/untar.c
+index dcdf966..c645305 100644
+--- a/libclamav/untar.c
++++ b/libclamav/untar.c
+@@ -43,7 +43,9 @@
+ #include "scanners.h"
+ #include "matcher.h"
+
+-#define BLOCKSIZE 512
++#define TARHEADERSIZE 512
++/* BLOCKSIZE must be >= TARHEADERSIZE */
++#define BLOCKSIZE TARHEADERSIZE
+ #define TARSIZEOFFSET 124
+ #define TARSIZELEN 12
+ #define TARCHECKSUMOFFSET 148
+@@ -182,8 +184,9 @@ cli_untar(const char *dir, unsigned int posix, cli_ctx *ctx)
+ if((ret=cli_checklimits("cli_untar", ctx, 0, 0, 0))!=CL_CLEAN)
+ return ret;
+
+- if (nread < TARCHECKSUMOFFSET + TARCHECKSUMLEN)
+- return ret;
++ if (nread < TARHEADERSIZE) {
++ return CL_CLEAN;
++ }
+
+ checksum = getchecksum(block);
+ cli_dbgmsg("cli_untar: Candidate checksum = %d, [%o in octal]\n", checksum, checksum);
+@@ -200,7 +203,6 @@ cli_untar(const char *dir, unsigned int posix, cli_ctx *ctx)
+ cli_dbgmsg("cli_untar: Checksum %d is valid.\n", checksum);
+ }
+
+- /* Notice assumption that BLOCKSIZE > 262 */
+ if(posix) {
+ strncpy(magic, block+257, 5);
+ magic[5] = '\0';
diff -Nru clamav-0.99.2+dfsg/debian/patches/series clamav-0.99.2+dfsg/debian/patches/series
--- clamav-0.99.2+dfsg/debian/patches/series 2016-06-06 22:10:43.000000000 +0200
+++ clamav-0.99.2+dfsg/debian/patches/series 2018-01-27 01:27:48.000000000 +0100
@@ -8,3 +8,19 @@
libclamav-use-libmspack.patch
drop-AllowSupplementaryGroups-option-and-make-it-def.patch
ingore-AllowSupplementaryGroups-option.patch
+bb11549-fix-temp-file-cleanup-issue.patch
+bb11797-fix-invalid-read-in-fuzzed-mail-file.patch
+bb19798-fix-out-of-bound-memory-access-for-crafted-w.patch
+b11939-adding-fix-as-recommended-by-bug-reporter-alo.patch
+bb11940-fixing-heap-overflow-in-rfc2037.-Patch-submi.patch
+bb11941-fixing-UAF-in-mbox-exportBounceMessage.-Orig.patch
+bb11943-add-check-to-mew.c-for-out-of-bounds-read.-P.patch
+bb11943-buffer-check-for-mew-packed-files.patch
+bb11944-fix-possible-message.c-OOB-read.patch
+bb11945-fixing-null-dereference-of-blob-pointer.patch
+bb11946-check-that-tar-checksum-is-within-bounds.-Pa.patch
+Better-fix-for-bug-11946.patch
+bb111711-fix-zlib-version-check-patch-by-Daniel-J.-L.patch
+bb11798-fix-unit-tests.patch
+Updating-version-numbers-and-adding-information-abou.patch
+setting-version-for-security-release-to-0.99.3.patch
diff -Nru clamav-0.99.2+dfsg/debian/patches/setting-version-for-security-release-to-0.99.3.patch clamav-0.99.2+dfsg/debian/patches/setting-version-for-security-release-to-0.99.3.patch
--- clamav-0.99.2+dfsg/debian/patches/setting-version-for-security-release-to-0.99.3.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/setting-version-for-security-release-to-0.99.3.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,111 @@
+From f77af4292400e7652f3cc358933d3b79adf9432e Mon Sep 17 00:00:00 2001
+From: Micah Snyder <micasnyd@cisco.com>
+Date: Mon, 22 Jan 2018 20:25:02 -0500
+Subject: setting version for security release to 0.99.3
+
+Patch-Name: setting-version-for-security-release-to-0.99.3.patch
+---
+ ChangeLog | 4 ++--
+ README | 4 ++--
+ configure.ac | 2 +-
+ docs/clamdoc.tex | 3 ++-
+ libclamav/others.h | 4 ++--
+ m4/reorganization/version.m4 | 2 +-
+ 6 files changed, 10 insertions(+), 9 deletions(-)
+
+diff --git a/ChangeLog b/ChangeLog
+index 6fa1619..1a70aae 100644
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -1,6 +1,6 @@
+-Mon, 18 Jan 2018 12:45:00 -0500 (Steven Morgan)
++Mon, 22 Jan 2018 19:33:00 -0500 (Micah Snyder)
+ ------------------------------------------
+- * ClamAV 0.99.2.1 security patch release.
++ * ClamAV 0.99.3 security patch release.
+
+ Thu, 22 Apr 2016 12:45:00 -0500 (Steven Morgan)
+ ------------------------------------------
+diff --git a/README b/README
+index 059ea90..3fc3284 100644
+--- a/README
++++ b/README
+@@ -2,10 +2,10 @@ Note: This README/NEWS file refers to the source tarball. Some things described
+ here may not be available in binary packages.
+ --
+
+-0.99.2.1
++0.99.3
+ ------
+
+-ClamAV 0.99.2.1 is a hotfix release to patch a set of vulnerabilities.
++ClamAV 0.99.3 is a hotfix release to patch a set of vulnerabilities.
+
+ - fixes for the following CVE's: CVE-2017-6418, CVE-2017-6420,
+ CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377,
+diff --git a/configure.ac b/configure.ac
+index 7eb8c05..7f338f8 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -20,7 +20,7 @@ dnl MA 02110-1301, USA.
+ AC_PREREQ([2.59])
+ dnl For a release change [devel] to the real version [0.xy]
+ dnl also change VERSION below
+-AC_INIT([ClamAV], [0.99.2.1], [http://bugs.clamav.net/], [clamav], [http://www.clamav.net/])
++AC_INIT([ClamAV], [0.99.3], [http://bugs.clamav.net/], [clamav], [http://www.clamav.net/])
+
+ AH_BOTTOM([#include "platform.h"])
+ dnl put configure auxiliary into config
+diff --git a/docs/clamdoc.tex b/docs/clamdoc.tex
+index cb996af..82b4b88 100644
+--- a/docs/clamdoc.tex
++++ b/docs/clamdoc.tex
+@@ -72,7 +72,7 @@
+ \vspace{3cm}
+ \begin{flushright}
+ \rule[-1ex]{8cm}{3pt}\\
+- \huge Clam AntiVirus 0.99.2.1\\
++ \huge Clam AntiVirus 0.99.3\\
+ \huge \emph{User Manual}\\
+ \end{flushright}
+
+@@ -85,6 +85,7 @@
+ \begin{boxedminipage}[b]{\textwidth}
+ ClamAV User Manual,
+ 87d
++88d
+ \copyright \ 2016 Cisco Systems, Inc.
+ Authors: Tomasz Kojm\\
+ This document is distributed under the terms of the GNU General
+diff --git a/libclamav/others.h b/libclamav/others.h
+index e91e293..df2923b 100644
+--- a/libclamav/others.h
++++ b/libclamav/others.h
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
++ * Copyright (C) 2015, 2018 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
+ * Copyright (C) 2007-2013 Sourcefire, Inc.
+ *
+ * Authors: Tomasz Kojm
+@@ -72,7 +72,7 @@
+ * in re-enabling affected modules.
+ */
+
+-#define CL_FLEVEL 82
++#define CL_FLEVEL 84
+ #define CL_FLEVEL_DCONF CL_FLEVEL
+ #define CL_FLEVEL_SIGTOOL CL_FLEVEL
+
+diff --git a/m4/reorganization/version.m4 b/m4/reorganization/version.m4
+index e3c3dfc..6e8d538 100644
+--- a/m4/reorganization/version.m4
++++ b/m4/reorganization/version.m4
+@@ -1,6 +1,6 @@
+ dnl change this on a release
+ dnl VERSION="devel-`date +%Y%m%d`"
+-VERSION="0.99.2.1"
++VERSION="0.99.3"
+
+ LC_CURRENT=8
+ LC_REVISION=1
diff -Nru clamav-0.99.2+dfsg/debian/patches/Updating-version-numbers-and-adding-information-abou.patch clamav-0.99.2+dfsg/debian/patches/Updating-version-numbers-and-adding-information-abou.patch
--- clamav-0.99.2+dfsg/debian/patches/Updating-version-numbers-and-adding-information-abou.patch 1970-01-01 01:00:00.000000000 +0100
+++ clamav-0.99.2+dfsg/debian/patches/Updating-version-numbers-and-adding-information-abou.patch 2018-01-27 01:27:48.000000000 +0100
@@ -0,0 +1,133 @@
+From fa38b9113bd0c3d231e1151b995a476374769eff Mon Sep 17 00:00:00 2001
+From: Micah Snyder <micasnyd@cisco.com>
+Date: Thu, 18 Jan 2018 11:27:39 -0500
+Subject: Updating version numbers and adding information about the security
+ patch release to the readme.
+
+Patch-Name: Updating-version-numbers-and-adding-information-abou.patch
+---
+ ChangeLog | 4 ++++
+ README | 25 ++++++++++++++++++++++++-
+ configure.ac | 2 +-
+ docs/clamdoc.tex | 7 ++++---
+ m4/reorganization/version.m4 | 2 +-
+ 5 files changed, 34 insertions(+), 6 deletions(-)
+
+diff --git a/ChangeLog b/ChangeLog
+index 337d953..6fa1619 100644
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -1,3 +1,7 @@
++Mon, 18 Jan 2018 12:45:00 -0500 (Steven Morgan)
++------------------------------------------
++ * ClamAV 0.99.2.1 security patch release.
++
+ Thu, 22 Apr 2016 12:45:00 -0500 (Steven Morgan)
+ ------------------------------------------
+ * ClamAV 0.99.2 release.
+diff --git a/README b/README
+index 0059252..059ea90 100644
+--- a/README
++++ b/README
+@@ -2,6 +2,29 @@ Note: This README/NEWS file refers to the source tarball. Some things described
+ here may not be available in binary packages.
+ --
+
++0.99.2.1
++------
++
++ClamAV 0.99.2.1 is a hotfix release to patch a set of vulnerabilities.
++
++ - fixes for the following CVE's: CVE-2017-6418, CVE-2017-6420,
++ CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377,
++ CVE-2017-12378, CVE-2017-12379, CVE-2017-12380.
++ - also included are 2 minor fixes to properly detect openssl install
++ locations on FreeBSD 11, and prevent false warnings about zlib 1.2.1#
++ version numbers.
++
++Thank you to the following ClamAV community members for your code
++submissions and bug reports!
++
++Alberto Garcia
++Daniel J. Luke
++Francisco Oca
++Sebastian A. Siewior
++Suleman Ali
++
++Special thanks to Offensive Research at Salesforce.com for responsible disclosure.
++
+ 0.99.2
+ ------
+
+@@ -2052,7 +2075,7 @@ document and contact our administrator - Luca Gibelli <nervous*clamav.net>.
+ -) documentation:
+ + new Spanish documentation on ClamAV and Sendmail integration by
+ Erick Ivaan Lopez Carreon
+- + included clamdoc.pdf Turkish translation by yavuz kaya and �rahim erken
++ + included clamdoc.pdf Turkish translation by yavuz kaya and �brahim erken
+ + included clamav-mirror-howto.pdf by Luca Gibelli
+ + included clamd+daemontools HOWTO by Jesse D. Guardiani
+ + included signatures.pdf
+diff --git a/configure.ac b/configure.ac
+index 289a0b9..7eb8c05 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -20,7 +20,7 @@ dnl MA 02110-1301, USA.
+ AC_PREREQ([2.59])
+ dnl For a release change [devel] to the real version [0.xy]
+ dnl also change VERSION below
+-AC_INIT([ClamAV], [0.99.2], [http://bugs.clamav.net/], [clamav], [http://www.clamav.net/])
++AC_INIT([ClamAV], [0.99.2.1], [http://bugs.clamav.net/], [clamav], [http://www.clamav.net/])
+
+ AH_BOTTOM([#include "platform.h"])
+ dnl put configure auxiliary into config
+diff --git a/docs/clamdoc.tex b/docs/clamdoc.tex
+index 206a1b2..cb996af 100644
+--- a/docs/clamdoc.tex
++++ b/docs/clamdoc.tex
+@@ -1,6 +1,6 @@
+ % Clam AntiVirus: User Manual
+ %
+-% Copyright (C) 2016 Cisco Systems, Inc.
++% Copyright (C) 2016-2018 Cisco Systems, Inc.
+ % Copyright (C) 2008-2013 Sourcefire, Inc.
+ % Copyright (C) 2002 - 2007 Tomasz Kojm <tkojm*clamav.net>
+ % Version 0.2x corrected by Dennis Leeuw <dleeuw*made-it.com>
+@@ -72,7 +72,7 @@
+ \vspace{3cm}
+ \begin{flushright}
+ \rule[-1ex]{8cm}{3pt}\\
+- \huge Clam AntiVirus 0.99.2\\
++ \huge Clam AntiVirus 0.99.2.1\\
+ \huge \emph{User Manual}\\
+ \end{flushright}
+
+@@ -84,6 +84,7 @@
+ \noindent
+ \begin{boxedminipage}[b]{\textwidth}
+ ClamAV User Manual,
++87d
+ \copyright \ 2016 Cisco Systems, Inc.
+ Authors: Tomasz Kojm\\
+ This document is distributed under the terms of the GNU General
+@@ -1740,7 +1741,7 @@ Verification OK.
+ \item Stefano Rizzetto
+ \item Roaring Penguin Software Inc. (\url{http://www.roaringpenguin.com/})
+ \item Luke Rosenthal
+- \item Jenny S�tr�\url{http://PokerListings.com})
++ \item Jenny S�fstr�m (\url{http://PokerListings.com})
+ \item School of Engineering, University of Pennsylvania (\url{http://www.seas.upenn.edu/})
+ \item Tim Scoff
+ \item Seattle Server (\url{http://www.seattleserver.com/})
+diff --git a/m4/reorganization/version.m4 b/m4/reorganization/version.m4
+index 4935b45..e3c3dfc 100644
+--- a/m4/reorganization/version.m4
++++ b/m4/reorganization/version.m4
+@@ -1,6 +1,6 @@
+ dnl change this on a release
+ dnl VERSION="devel-`date +%Y%m%d`"
+-VERSION="0.99.2"
++VERSION="0.99.2.1"
+
+ LC_CURRENT=8
+ LC_REVISION=1
diff -Nru clamav-0.99.2+dfsg/debian/rules clamav-0.99.2+dfsg/debian/rules
--- clamav-0.99.2+dfsg/debian/rules 2016-05-19 18:40:20.000000000 +0200
+++ clamav-0.99.2+dfsg/debian/rules 2018-01-27 01:28:11.000000000 +0100
@@ -94,7 +94,7 @@
fi;\
done; \
# Check if for library features whih may get upgrade.
- if ! grep -q "CL_FLEVEL 82" libclamav/others.h ; then \
+ if ! grep -q "CL_FLEVEL 84" libclamav/others.h ; then \
echo "cl_retflevel needs boosting in symbol file"; \
touch debian/exit; \
fi;
--- End Message ---