Bug#961439: marked as done (buster-pu: package clamav/0.102.3+dfsg-0+deb10u1)

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Subject: Bug#961439: marked as done (buster-pu: package clamav/0.102.3+dfsg-0+deb10u1)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sat, 01 Aug 2020 11:57:56 +0000
Message-id: <[🔎] handler.961439.D961439.159628274015685.ackdone@bugs.debian.org>
Reply-to: 961439@bugs.debian.org
References: <43535efb498a168cf81452ca0c326f004f46adc6.camel@adam-barratt.org.uk> <20200524154715.wugeiyuxv642lxha@flow>

Your message dated Sat, 01 Aug 2020 12:51:28 +0100
with message-id <43535efb498a168cf81452ca0c326f004f46adc6.camel@adam-barratt.org.uk>
and subject line Closing bugs for fixes included in 10.5 point release
has caused the Debian Bug report #961439,
regarding buster-pu: package clamav/0.102.3+dfsg-0+deb10u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
961439: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961439
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: buster-pu: package clamav/0.102.3+dfsg-0+deb10u1
From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date: Sun, 24 May 2020 17:47:15 +0200
Message-id: <20200524154715.wugeiyuxv642lxha@flow>

Package: release.debian.org
User: release.debian.org@packages.debian.org
Usertags: pu
Tags: buster
Severity: normal

ClamAV upstream released 0.102.3 fixing two CVEs. From their news:

|ClamAV 0.102.3 is a bug patch release to address the following issues.
|
|- [CVE-2020-3327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327):
|  Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that
|  could cause a Denial-of-Service (DoS) condition. Improper bounds checking of
|  an unsigned variable results in an out-of-bounds read which causes a crash.
|
|  Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ
|  parsing vulnerability.
|
|- [CVE-2020-3341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341):
|  Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that
|  could cause a Denial-of-Service (DoS) condition. Improper size checking of
|  a buffer used to initialize AES decryption routines results in an out-of-
|  bounds read which may cause a crash. Bug found by OSS-Fuzz.
|
|- Fix "Attempt to allocate 0 bytes" error when parsing some PDF documents.
|
|- Fix a couple of minor memory leaks.

The 0.102.3 version is in unstable since 16th and migrated to testing. I
have the Buster version deployed on a machine.

Sebastian

diff -Nru clamav-0.102.2+dfsg/configure clamav-0.102.3+dfsg/configure
--- clamav-0.102.2+dfsg/configure	2020-02-04 15:59:26.000000000 +0100
+++ clamav-0.102.3+dfsg/configure	2020-05-12 03:54:49.000000000 +0200
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for ClamAV 0.102.2.
+# Generated by GNU Autoconf 2.69 for ClamAV 0.102.3.
 #
 # Report bugs to <https://bugzilla.clamav.net/>.
 #
@@ -592,8 +592,8 @@
 # Identity of this package.
 PACKAGE_NAME='ClamAV'
 PACKAGE_TARNAME='clamav'
-PACKAGE_VERSION='0.102.2'
-PACKAGE_STRING='ClamAV 0.102.2'
+PACKAGE_VERSION='0.102.3'
+PACKAGE_STRING='ClamAV 0.102.3'
 PACKAGE_BUGREPORT='https://bugzilla.clamav.net/'
 PACKAGE_URL='https://www.clamav.net/'
 
@@ -1601,7 +1601,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures ClamAV 0.102.2 to adapt to many kinds of systems.
+\`configure' configures ClamAV 0.102.3 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1682,7 +1682,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of ClamAV 0.102.2:";;
+     short | recursive ) echo "Configuration of ClamAV 0.102.3:";;
    esac
   cat <<\_ACEOF
   --enable-dependency-tracking
@@ -1911,7 +1911,7 @@
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-ClamAV configure 0.102.2
+ClamAV configure 0.102.3
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2539,7 +2539,7 @@
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by ClamAV $as_me 0.102.2, which was
+It was created by ClamAV $as_me 0.102.3, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -4297,7 +4297,7 @@
 
 # Define the identity of the package.
  PACKAGE='clamav'
- VERSION='0.102.2'
+ VERSION='0.102.3'
 
 
 # Some tools Automake needs.
@@ -6025,7 +6025,7 @@
 $as_echo "#define PACKAGE PACKAGE_NAME" >>confdefs.h
 
 
-VERSION="0.102.2"
+VERSION="0.102.3"
 
 major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/^0-9//g"`
 minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/^0-9//g"`
@@ -31630,7 +31630,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by ClamAV $as_me 0.102.2, which was
+This file was extended by ClamAV $as_me 0.102.3, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -31697,7 +31697,7 @@
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-ClamAV config.status 0.102.2
+ClamAV config.status 0.102.3
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
@@ -34548,7 +34548,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by ClamAV $as_me 0.102.2, which was
+This file was extended by ClamAV $as_me 0.102.3, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -34615,7 +34615,7 @@
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-ClamAV config.status 0.102.2
+ClamAV config.status 0.102.3
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff -Nru clamav-0.102.2+dfsg/configure.ac clamav-0.102.3+dfsg/configure.ac
--- clamav-0.102.2+dfsg/configure.ac	2020-02-09 14:13:06.000000000 +0100
+++ clamav-0.102.3+dfsg/configure.ac	2020-05-16 11:23:53.000000000 +0200
@@ -22,7 +22,7 @@
 
 dnl For a release change [devel] to the real version [0.xy]
 dnl also change VERSION below
-AC_INIT([ClamAV], [0.102.2], [https://bugzilla.clamav.net/], [clamav], [https://www.clamav.net/])
+AC_INIT([ClamAV], [0.102.3], [https://bugzilla.clamav.net/], [clamav], [https://www.clamav.net/])
 
 dnl put configure auxiliary into config
 AC_CONFIG_AUX_DIR([config])
diff -Nru clamav-0.102.2+dfsg/debian/changelog clamav-0.102.3+dfsg/debian/changelog
--- clamav-0.102.2+dfsg/debian/changelog	2020-02-22 14:39:45.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/changelog	2020-05-22 22:32:31.000000000 +0200
@@ -1,3 +1,12 @@
+clamav (0.102.3+dfsg-0+deb10u1) buster; urgency=medium
+
+  * Import 0.102.3
+   - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module)
+   - CVE-2020-3341 (A vulnerability in the PDF parsing module)
+  * Update symbol file.
+
+ -- Sebastian Andrzej Siewior <sebastian@breakpoint.cc>  Fri, 22 May 2020 22:32:31 +0200
+
 clamav (0.102.2+dfsg-0+deb10u1) buster; urgency=medium
 
   * Import 0.102.2
diff -Nru clamav-0.102.2+dfsg/debian/clamav-daemon.manpages clamav-0.102.3+dfsg/debian/clamav-daemon.manpages
--- clamav-0.102.2+dfsg/debian/clamav-daemon.manpages	2020-02-22 14:35:38.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/clamav-daemon.manpages	2020-05-22 22:32:31.000000000 +0200
@@ -1,4 +1,4 @@
-docs/man/clamd.8
-docs/man/clamconf.1
-docs/man/clamdtop.1
-docs/man/clamd.conf.5
+debian/tmp/usr/share/man/man1/clamconf.1
+debian/tmp/usr/share/man/man1/clamdtop.1
+debian/tmp/usr/share/man/man5/clamd.conf.5
+debian/tmp/usr/share/man/man8/clamd.8
diff -Nru clamav-0.102.2+dfsg/debian/clamav-freshclam.manpages clamav-0.102.3+dfsg/debian/clamav-freshclam.manpages
--- clamav-0.102.2+dfsg/debian/clamav-freshclam.manpages	2020-02-22 14:35:38.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/clamav-freshclam.manpages	2020-05-22 22:32:31.000000000 +0200
@@ -1,2 +1,2 @@
-docs/man/freshclam.1
-docs/man/freshclam.conf.5
+debian/tmp/usr/share/man/man1/freshclam.1
+debian/tmp/usr/share/man/man5/freshclam.conf.5
diff -Nru clamav-0.102.2+dfsg/debian/clamav.manpages clamav-0.102.3+dfsg/debian/clamav.manpages
--- clamav-0.102.2+dfsg/debian/clamav.manpages	2020-02-22 14:35:38.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/clamav.manpages	2020-05-22 22:32:31.000000000 +0200
@@ -1,4 +1,4 @@
-docs/man/sigtool.1
-docs/man/clamscan.1
-docs/man/clambc.1
-docs/man/clamsubmit.1
+debian/tmp/usr/share/man/man1/clambc.1
+debian/tmp/usr/share/man/man1/clamscan.1
+debian/tmp/usr/share/man/man1/clamsubmit.1
+debian/tmp/usr/share/man/man1/sigtool.1
diff -Nru clamav-0.102.2+dfsg/debian/clamav-milter.manpages clamav-0.102.3+dfsg/debian/clamav-milter.manpages
--- clamav-0.102.2+dfsg/debian/clamav-milter.manpages	2020-02-22 14:35:38.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/clamav-milter.manpages	2020-05-22 22:32:31.000000000 +0200
@@ -1,2 +1,2 @@
-docs/man/clamav-milter.8
-docs/man/clamav-milter.conf.5
+debian/tmp/usr/share/man/man5/clamav-milter.conf.5
+debian/tmp/usr/share/man/man8/clamav-milter.8
diff -Nru clamav-0.102.2+dfsg/debian/clamdscan.manpages clamav-0.102.3+dfsg/debian/clamdscan.manpages
--- clamav-0.102.2+dfsg/debian/clamdscan.manpages	2020-02-22 14:35:38.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/clamdscan.manpages	2020-05-22 22:32:31.000000000 +0200
@@ -1 +1 @@
-docs/man/clamdscan.1
+debian/tmp/usr/share/man/man1/clamdscan.1
diff -Nru clamav-0.102.2+dfsg/debian/copyright clamav-0.102.3+dfsg/debian/copyright
--- clamav-0.102.2+dfsg/debian/copyright	2020-02-22 14:35:38.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/copyright	2020-05-22 22:32:31.000000000 +0200
@@ -264,8 +264,8 @@
  version 2 can be found in the file `/usr/share/common-licenses/LGPL-2'.
 
 Files:
- libclamav/mspack.c
- libclamav/mspack.h
+ libclamav/libmspack.c
+ libclamav/libmspack.h
  libclamunrar_iface/unrar_iface.cpp
  libclamunrar_iface/unrar_iface.h
 Copyright:
diff -Nru clamav-0.102.2+dfsg/debian/.git-dpm clamav-0.102.3+dfsg/debian/.git-dpm
--- clamav-0.102.2+dfsg/debian/.git-dpm	2020-02-22 14:39:45.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/.git-dpm	2020-05-22 22:32:31.000000000 +0200
@@ -1,8 +1,8 @@
 # see git-dpm(1) from git-dpm package
-2d34217d30a97a3e191186f82a85cb99e8e50af8
-2d34217d30a97a3e191186f82a85cb99e8e50af8
-86e9d6e715fac2ae18151bde22363273c22aff37
-86e9d6e715fac2ae18151bde22363273c22aff37
-clamav_0.102.2+dfsg.orig.tar.xz
-ff24c66c9de5c4973a274b4ba77ea28053f75436
-5017532
+04fd79ea5eace5273a13bd66b095e2fef0ea3bff
+04fd79ea5eace5273a13bd66b095e2fef0ea3bff
+07c9b9ef63bc584a39143a6cd002d199d1d46397
+07c9b9ef63bc584a39143a6cd002d199d1d46397
+clamav_0.102.3+dfsg.orig.tar.xz
+694c77d0aed527d3d135a3ccd7e30729fff55404
+5018320
diff -Nru clamav-0.102.2+dfsg/debian/libclamav9.symbols clamav-0.102.3+dfsg/debian/libclamav9.symbols
--- clamav-0.102.2+dfsg/debian/libclamav9.symbols	2020-02-22 14:39:45.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/libclamav9.symbols	2020-05-22 22:32:31.000000000 +0200
@@ -1,20 +1,20 @@
 libclamav.so.9 libclamav9 #MINVER#
 * Build-Depends-Package: libclamav-dev
- CLAMAV_PRIVATE@CLAMAV_PRIVATE 0.102.2
+ CLAMAV_PRIVATE@CLAMAV_PRIVATE 0.102.3
  CLAMAV_PUBLIC@CLAMAV_PUBLIC 0.101.0
- __cli_strcasestr@CLAMAV_PRIVATE 0.102.2
- __cli_strndup@CLAMAV_PRIVATE 0.102.2
- __cli_strnlen@CLAMAV_PRIVATE 0.102.2
- __cli_strnstr@CLAMAV_PRIVATE 0.102.2
- base64Flush@CLAMAV_PRIVATE 0.102.2
- blobAddData@CLAMAV_PRIVATE 0.102.2
- blobCreate@CLAMAV_PRIVATE 0.102.2
- blobDestroy@CLAMAV_PRIVATE 0.102.2
- cl_ASN1_GetTimeT@CLAMAV_PRIVATE 0.102.2
+ __cli_strcasestr@CLAMAV_PRIVATE 0.102.3
+ __cli_strndup@CLAMAV_PRIVATE 0.102.3
+ __cli_strnlen@CLAMAV_PRIVATE 0.102.3
+ __cli_strnstr@CLAMAV_PRIVATE 0.102.3
+ base64Flush@CLAMAV_PRIVATE 0.102.3
+ blobAddData@CLAMAV_PRIVATE 0.102.3
+ blobCreate@CLAMAV_PRIVATE 0.102.3
+ blobDestroy@CLAMAV_PRIVATE 0.102.3
+ cl_ASN1_GetTimeT@CLAMAV_PRIVATE 0.102.3
  cl_always_gen_section_hash@CLAMAV_PUBLIC 0.101.0
- cl_base64_decode@CLAMAV_PRIVATE 0.102.2
- cl_base64_encode@CLAMAV_PRIVATE 0.102.2
- cl_cleanup_crypto@CLAMAV_PRIVATE 0.102.2
+ cl_base64_decode@CLAMAV_PRIVATE 0.102.3
+ cl_base64_encode@CLAMAV_PRIVATE 0.102.3
+ cl_cleanup_crypto@CLAMAV_PRIVATE 0.102.3
  cl_countsigs@CLAMAV_PUBLIC 0.101.0
  cl_cvdfree@CLAMAV_PUBLIC 0.101.0
  cl_cvdhead@CLAMAV_PUBLIC 0.101.0
@@ -54,21 +54,21 @@
  cl_fmap_close@CLAMAV_PUBLIC 0.101.0
  cl_fmap_open_handle@CLAMAV_PUBLIC 0.101.0
  cl_fmap_open_memory@CLAMAV_PUBLIC 0.101.0
- cl_get_pkey_file@CLAMAV_PRIVATE 0.102.2
- cl_get_x509_from_mem@CLAMAV_PRIVATE 0.102.2
- cl_hash_data@CLAMAV_PRIVATE 0.102.2
+ cl_get_pkey_file@CLAMAV_PRIVATE 0.102.3
+ cl_get_x509_from_mem@CLAMAV_PRIVATE 0.102.3
+ cl_hash_data@CLAMAV_PRIVATE 0.102.3
  cl_hash_destroy@CLAMAV_PUBLIC 0.101.0
- cl_hash_file_fd@CLAMAV_PRIVATE 0.102.2
- cl_hash_file_fd_ctx@CLAMAV_PRIVATE 0.102.2
- cl_hash_file_fp@CLAMAV_PRIVATE 0.102.2
+ cl_hash_file_fd@CLAMAV_PRIVATE 0.102.3
+ cl_hash_file_fd_ctx@CLAMAV_PRIVATE 0.102.3
+ cl_hash_file_fp@CLAMAV_PRIVATE 0.102.3
  cl_hash_init@CLAMAV_PUBLIC 0.101.0
  cl_init@CLAMAV_PUBLIC 0.101.0
- cl_initialize_crypto@CLAMAV_PRIVATE 0.102.2
+ cl_initialize_crypto@CLAMAV_PRIVATE 0.102.3
  cl_load@CLAMAV_PUBLIC 0.101.0
- cl_load_cert@CLAMAV_PRIVATE 0.102.2
- cl_load_crl@CLAMAV_PRIVATE 0.102.2
+ cl_load_cert@CLAMAV_PRIVATE 0.102.3
+ cl_load_crl@CLAMAV_PRIVATE 0.102.3
  cl_retdbdir@CLAMAV_PUBLIC 0.101.0
- cl_retflevel@CLAMAV_PUBLIC 0.102.2
+ cl_retflevel@CLAMAV_PUBLIC 0.102.3
  cl_retver@CLAMAV_PUBLIC 0.101.0
  cl_scandesc@CLAMAV_PUBLIC 0.101.0
  cl_scandesc_callback@CLAMAV_PUBLIC 0.101.0
@@ -76,188 +76,188 @@
  cl_scanfile_callback@CLAMAV_PUBLIC 0.101.0
  cl_scanmap_callback@CLAMAV_PUBLIC 0.101.0
  cl_set_clcb_msg@CLAMAV_PUBLIC 0.101.0
- cl_sha1@CLAMAV_PRIVATE 0.102.2
- cl_sha256@CLAMAV_PRIVATE 0.102.2
- cl_sign_data@CLAMAV_PRIVATE 0.102.2
- cl_sign_data_keyfile@CLAMAV_PRIVATE 0.102.2
- cl_sign_file_fd@CLAMAV_PRIVATE 0.102.2
- cl_sign_file_fp@CLAMAV_PRIVATE 0.102.2
+ cl_sha1@CLAMAV_PRIVATE 0.102.3
+ cl_sha256@CLAMAV_PRIVATE 0.102.3
+ cl_sign_data@CLAMAV_PRIVATE 0.102.3
+ cl_sign_data_keyfile@CLAMAV_PRIVATE 0.102.3
+ cl_sign_file_fd@CLAMAV_PRIVATE 0.102.3
+ cl_sign_file_fp@CLAMAV_PRIVATE 0.102.3
  cl_statchkdir@CLAMAV_PUBLIC 0.101.0
  cl_statfree@CLAMAV_PUBLIC 0.101.0
  cl_statinidir@CLAMAV_PUBLIC 0.101.0
  cl_strerror@CLAMAV_PUBLIC 0.101.0
  cl_update_hash@CLAMAV_PUBLIC 0.101.0
- cl_validate_certificate_chain@CLAMAV_PRIVATE 0.102.2
- cl_validate_certificate_chain_ts_dir@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_fd@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_fd_x509@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_fd_x509_keyfile@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_hash@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_hash_x509@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_hash_x509_keyfile@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_x509@CLAMAV_PRIVATE 0.102.2
- cl_verify_signature_x509_keyfile@CLAMAV_PRIVATE 0.102.2
- cli_ac_buildtrie@CLAMAV_PRIVATE 0.102.2
- cli_ac_chklsig@CLAMAV_PRIVATE 0.102.2
- cli_ac_free@CLAMAV_PRIVATE 0.102.2
- cli_ac_freedata@CLAMAV_PRIVATE 0.102.2
- cli_ac_init@CLAMAV_PRIVATE 0.102.2
- cli_ac_initdata@CLAMAV_PRIVATE 0.102.2
- cli_ac_scanbuff@CLAMAV_PRIVATE 0.102.2
- cli_bm_free@CLAMAV_PRIVATE 0.102.2
- cli_bm_init@CLAMAV_PRIVATE 0.102.2
- cli_bm_scanbuff@CLAMAV_PRIVATE 0.102.2
- cli_build_regex_list@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_alloc@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_clear@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_destroy@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_getresult_int@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_set_trace@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_setfile@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_setfuncid@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_setparam_int@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_context_setparam_ptr@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_debug@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_debug_printsrc@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_describe@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_destroy@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_done@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_init@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_load@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_prepare2@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_printversion@CLAMAV_PRIVATE 0.102.2
- cli_bytecode_run@CLAMAV_PRIVATE 0.102.2
- cli_bytefunc_describe@CLAMAV_PRIVATE 0.102.2
- cli_byteinst_describe@CLAMAV_PRIVATE 0.102.2
- cli_bytetype_describe@CLAMAV_PRIVATE 0.102.2
- cli_bytevalue_describe@CLAMAV_PRIVATE 0.102.2
- cli_calloc@CLAMAV_PRIVATE 0.102.2
- cli_check_auth_header@CLAMAV_PRIVATE 0.102.2
- cli_chomp@CLAMAV_PRIVATE 0.102.2
- cli_ctime@CLAMAV_PRIVATE 0.102.2
- cli_cvdunpack@CLAMAV_PRIVATE 0.102.2
- cli_dbgmsg_internal@CLAMAV_PRIVATE 0.102.2
- cli_dconf_init@CLAMAV_PRIVATE 0.102.2
- cli_debug_flag@CLAMAV_PRIVATE 0.102.2
- cli_detect_environment@CLAMAV_PRIVATE 0.102.2
- cli_disasm_one@CLAMAV_PRIVATE 0.102.2
- cli_errmsg@CLAMAV_PRIVATE 0.102.2
- cli_filecopy@CLAMAV_PRIVATE 0.102.2
- cli_fmap_scandesc@CLAMAV_PRIVATE 0.102.2
- cli_free_vba_project@CLAMAV_PRIVATE 0.102.2
- cli_ftw@CLAMAV_PRIVATE 0.102.2
- cli_genhash_pe@CLAMAV_PRIVATE 0.102.2
- cli_gentemp@CLAMAV_PRIVATE 0.102.2
- cli_gentemp_with_prefix@CLAMAV_PRIVATE 0.102.2
- cli_gentempfd@CLAMAV_PRIVATE 0.102.2
- cli_gettmpdir@CLAMAV_PRIVATE 0.102.2
- cli_hashfile@CLAMAV_PRIVATE 0.102.2
- cli_hashset_destroy@CLAMAV_PRIVATE 0.102.2
- cli_hashstream@CLAMAV_PRIVATE 0.102.2
- cli_hex2str@CLAMAV_PRIVATE 0.102.2
- cli_hex2ui@CLAMAV_PRIVATE 0.102.2
- cli_initroots@CLAMAV_PRIVATE 0.102.2
- cli_isnumber@CLAMAV_PRIVATE 0.102.2
- cli_js_destroy@CLAMAV_PRIVATE 0.102.2
- cli_js_init@CLAMAV_PRIVATE 0.102.2
- cli_js_output@CLAMAV_PRIVATE 0.102.2
- cli_js_parse_done@CLAMAV_PRIVATE 0.102.2
- cli_js_process_buffer@CLAMAV_PRIVATE 0.102.2
- cli_ldbtokenize@CLAMAV_PRIVATE 0.102.2
- cli_malloc@CLAMAV_PRIVATE 0.102.2
- cli_memstr@CLAMAV_PRIVATE 0.102.2
- cli_ole2_extract@CLAMAV_PRIVATE 0.102.2
- cli_parse_add@CLAMAV_PRIVATE 0.102.2
- cli_pcre_build@CLAMAV_PRIVATE 0.102.2
- cli_pcre_freeoff@CLAMAV_PRIVATE 0.102.2
- cli_pcre_init@CLAMAV_PRIVATE 0.102.2
- cli_pcre_perf_events_destroy@CLAMAV_PRIVATE 0.102.2
- cli_pcre_perf_print@CLAMAV_PRIVATE 0.102.2
- cli_pcre_recaloff@CLAMAV_PRIVATE 0.102.2
- cli_pcre_scanbuf@CLAMAV_PRIVATE 0.102.2
- cli_ppt_vba_read@CLAMAV_PRIVATE 0.102.2
- cli_printcxxver@CLAMAV_PRIVATE 0.102.2
- cli_readn@CLAMAV_PRIVATE 0.102.2
- cli_realloc@CLAMAV_PRIVATE 0.102.2
- cli_regcomp@CLAMAV_PRIVATE 0.102.2
- cli_regex2suffix@CLAMAV_PRIVATE 0.102.2
- cli_regexec@CLAMAV_PRIVATE 0.102.2
- cli_regfree@CLAMAV_PRIVATE 0.102.2
- cli_rmdirs@CLAMAV_PRIVATE 0.102.2
- cli_rndnum@CLAMAV_PRIVATE 0.102.2
- cli_sanitize_filepath@CLAMAV_PRIVATE 0.102.2
- cli_scanbuff@CLAMAV_PRIVATE 0.102.2
- cli_sigopts_handler@CLAMAV_PRIVATE 0.102.2
- cli_sigperf_events_destroy@CLAMAV_PRIVATE 0.102.2
- cli_sigperf_print@CLAMAV_PRIVATE 0.102.2
- cli_str2hex@CLAMAV_PRIVATE 0.102.2
- cli_strbcasestr@CLAMAV_PRIVATE 0.102.2
- cli_strdup@CLAMAV_PRIVATE 0.102.2
- cli_strerror@CLAMAV_PRIVATE 0.102.2
- cli_strlcat@CLAMAV_PRIVATE 0.102.2
- cli_strlcpy@CLAMAV_PRIVATE 0.102.2
- cli_strrcpy@CLAMAV_PRIVATE 0.102.2
- cli_strtok@CLAMAV_PRIVATE 0.102.2
- cli_strtokbuf@CLAMAV_PRIVATE 0.102.2
- cli_strtokenize@CLAMAV_PRIVATE 0.102.2
- cli_textbuffer_append_normalize@CLAMAV_PRIVATE 0.102.2
- cli_unescape@CLAMAV_PRIVATE 0.102.2
- cli_unlink@CLAMAV_PRIVATE 0.102.2
- cli_url_canon@CLAMAV_PRIVATE 0.102.2
- cli_utf16_to_utf8@CLAMAV_PRIVATE 0.102.2
- cli_utf16toascii@CLAMAV_PRIVATE 0.102.2
- cli_vba_inflate@CLAMAV_PRIVATE 0.102.2
- cli_vba_readdir@CLAMAV_PRIVATE 0.102.2
- cli_versig2@CLAMAV_PRIVATE 0.102.2
- cli_versig@CLAMAV_PRIVATE 0.102.2
- cli_warnmsg@CLAMAV_PRIVATE 0.102.2
- cli_wm_decrypt_macro@CLAMAV_PRIVATE 0.102.2
- cli_wm_readdir@CLAMAV_PRIVATE 0.102.2
- cli_writen@CLAMAV_PRIVATE 0.102.2
- decodeLine@CLAMAV_PRIVATE 0.102.2
- disasmbuf@CLAMAV_PRIVATE 0.102.2
- fmap@CLAMAV_PRIVATE 0.102.2
- get_fpu_endian@CLAMAV_PRIVATE 0.102.2
- have_clamjit@CLAMAV_PRIVATE 0.102.2
- have_rar@CLAMAV_PRIVATE 0.102.2
- html_normalise_map@CLAMAV_PRIVATE 0.102.2
- html_normalise_mem@CLAMAV_PRIVATE 0.102.2
- html_screnc_decode@CLAMAV_PRIVATE 0.102.2
- html_tag_arg_free@CLAMAV_PRIVATE 0.102.2
- init_domainlist@CLAMAV_PRIVATE 0.102.2
- init_regex_list@CLAMAV_PRIVATE 0.102.2
- init_whitelist@CLAMAV_PRIVATE 0.102.2
- is_regex_ok@CLAMAV_PRIVATE 0.102.2
- load_regex_matcher@CLAMAV_PRIVATE 0.102.2
+ cl_validate_certificate_chain@CLAMAV_PRIVATE 0.102.3
+ cl_validate_certificate_chain_ts_dir@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_fd@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_fd_x509@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_fd_x509_keyfile@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_hash@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_hash_x509@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_hash_x509_keyfile@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_x509@CLAMAV_PRIVATE 0.102.3
+ cl_verify_signature_x509_keyfile@CLAMAV_PRIVATE 0.102.3
+ cli_ac_buildtrie@CLAMAV_PRIVATE 0.102.3
+ cli_ac_chklsig@CLAMAV_PRIVATE 0.102.3
+ cli_ac_free@CLAMAV_PRIVATE 0.102.3
+ cli_ac_freedata@CLAMAV_PRIVATE 0.102.3
+ cli_ac_init@CLAMAV_PRIVATE 0.102.3
+ cli_ac_initdata@CLAMAV_PRIVATE 0.102.3
+ cli_ac_scanbuff@CLAMAV_PRIVATE 0.102.3
+ cli_bm_free@CLAMAV_PRIVATE 0.102.3
+ cli_bm_init@CLAMAV_PRIVATE 0.102.3
+ cli_bm_scanbuff@CLAMAV_PRIVATE 0.102.3
+ cli_build_regex_list@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_alloc@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_clear@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_destroy@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_getresult_int@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_set_trace@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_setfile@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_setfuncid@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_setparam_int@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_context_setparam_ptr@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_debug@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_debug_printsrc@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_describe@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_destroy@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_done@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_init@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_load@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_prepare2@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_printversion@CLAMAV_PRIVATE 0.102.3
+ cli_bytecode_run@CLAMAV_PRIVATE 0.102.3
+ cli_bytefunc_describe@CLAMAV_PRIVATE 0.102.3
+ cli_byteinst_describe@CLAMAV_PRIVATE 0.102.3
+ cli_bytetype_describe@CLAMAV_PRIVATE 0.102.3
+ cli_bytevalue_describe@CLAMAV_PRIVATE 0.102.3
+ cli_calloc@CLAMAV_PRIVATE 0.102.3
+ cli_check_auth_header@CLAMAV_PRIVATE 0.102.3
+ cli_chomp@CLAMAV_PRIVATE 0.102.3
+ cli_ctime@CLAMAV_PRIVATE 0.102.3
+ cli_cvdunpack@CLAMAV_PRIVATE 0.102.3
+ cli_dbgmsg_internal@CLAMAV_PRIVATE 0.102.3
+ cli_dconf_init@CLAMAV_PRIVATE 0.102.3
+ cli_debug_flag@CLAMAV_PRIVATE 0.102.3
+ cli_detect_environment@CLAMAV_PRIVATE 0.102.3
+ cli_disasm_one@CLAMAV_PRIVATE 0.102.3
+ cli_errmsg@CLAMAV_PRIVATE 0.102.3
+ cli_filecopy@CLAMAV_PRIVATE 0.102.3
+ cli_fmap_scandesc@CLAMAV_PRIVATE 0.102.3
+ cli_free_vba_project@CLAMAV_PRIVATE 0.102.3
+ cli_ftw@CLAMAV_PRIVATE 0.102.3
+ cli_genhash_pe@CLAMAV_PRIVATE 0.102.3
+ cli_gentemp@CLAMAV_PRIVATE 0.102.3
+ cli_gentemp_with_prefix@CLAMAV_PRIVATE 0.102.3
+ cli_gentempfd@CLAMAV_PRIVATE 0.102.3
+ cli_gettmpdir@CLAMAV_PRIVATE 0.102.3
+ cli_hashfile@CLAMAV_PRIVATE 0.102.3
+ cli_hashset_destroy@CLAMAV_PRIVATE 0.102.3
+ cli_hashstream@CLAMAV_PRIVATE 0.102.3
+ cli_hex2str@CLAMAV_PRIVATE 0.102.3
+ cli_hex2ui@CLAMAV_PRIVATE 0.102.3
+ cli_initroots@CLAMAV_PRIVATE 0.102.3
+ cli_isnumber@CLAMAV_PRIVATE 0.102.3
+ cli_js_destroy@CLAMAV_PRIVATE 0.102.3
+ cli_js_init@CLAMAV_PRIVATE 0.102.3
+ cli_js_output@CLAMAV_PRIVATE 0.102.3
+ cli_js_parse_done@CLAMAV_PRIVATE 0.102.3
+ cli_js_process_buffer@CLAMAV_PRIVATE 0.102.3
+ cli_ldbtokenize@CLAMAV_PRIVATE 0.102.3
+ cli_malloc@CLAMAV_PRIVATE 0.102.3
+ cli_memstr@CLAMAV_PRIVATE 0.102.3
+ cli_ole2_extract@CLAMAV_PRIVATE 0.102.3
+ cli_parse_add@CLAMAV_PRIVATE 0.102.3
+ cli_pcre_build@CLAMAV_PRIVATE 0.102.3
+ cli_pcre_freeoff@CLAMAV_PRIVATE 0.102.3
+ cli_pcre_init@CLAMAV_PRIVATE 0.102.3
+ cli_pcre_perf_events_destroy@CLAMAV_PRIVATE 0.102.3
+ cli_pcre_perf_print@CLAMAV_PRIVATE 0.102.3
+ cli_pcre_recaloff@CLAMAV_PRIVATE 0.102.3
+ cli_pcre_scanbuf@CLAMAV_PRIVATE 0.102.3
+ cli_ppt_vba_read@CLAMAV_PRIVATE 0.102.3
+ cli_printcxxver@CLAMAV_PRIVATE 0.102.3
+ cli_readn@CLAMAV_PRIVATE 0.102.3
+ cli_realloc@CLAMAV_PRIVATE 0.102.3
+ cli_regcomp@CLAMAV_PRIVATE 0.102.3
+ cli_regex2suffix@CLAMAV_PRIVATE 0.102.3
+ cli_regexec@CLAMAV_PRIVATE 0.102.3
+ cli_regfree@CLAMAV_PRIVATE 0.102.3
+ cli_rmdirs@CLAMAV_PRIVATE 0.102.3
+ cli_rndnum@CLAMAV_PRIVATE 0.102.3
+ cli_sanitize_filepath@CLAMAV_PRIVATE 0.102.3
+ cli_scanbuff@CLAMAV_PRIVATE 0.102.3
+ cli_sigopts_handler@CLAMAV_PRIVATE 0.102.3
+ cli_sigperf_events_destroy@CLAMAV_PRIVATE 0.102.3
+ cli_sigperf_print@CLAMAV_PRIVATE 0.102.3
+ cli_str2hex@CLAMAV_PRIVATE 0.102.3
+ cli_strbcasestr@CLAMAV_PRIVATE 0.102.3
+ cli_strdup@CLAMAV_PRIVATE 0.102.3
+ cli_strerror@CLAMAV_PRIVATE 0.102.3
+ cli_strlcat@CLAMAV_PRIVATE 0.102.3
+ cli_strlcpy@CLAMAV_PRIVATE 0.102.3
+ cli_strrcpy@CLAMAV_PRIVATE 0.102.3
+ cli_strtok@CLAMAV_PRIVATE 0.102.3
+ cli_strtokbuf@CLAMAV_PRIVATE 0.102.3
+ cli_strtokenize@CLAMAV_PRIVATE 0.102.3
+ cli_textbuffer_append_normalize@CLAMAV_PRIVATE 0.102.3
+ cli_unescape@CLAMAV_PRIVATE 0.102.3
+ cli_unlink@CLAMAV_PRIVATE 0.102.3
+ cli_url_canon@CLAMAV_PRIVATE 0.102.3
+ cli_utf16_to_utf8@CLAMAV_PRIVATE 0.102.3
+ cli_utf16toascii@CLAMAV_PRIVATE 0.102.3
+ cli_vba_inflate@CLAMAV_PRIVATE 0.102.3
+ cli_vba_readdir@CLAMAV_PRIVATE 0.102.3
+ cli_versig2@CLAMAV_PRIVATE 0.102.3
+ cli_versig@CLAMAV_PRIVATE 0.102.3
+ cli_warnmsg@CLAMAV_PRIVATE 0.102.3
+ cli_wm_decrypt_macro@CLAMAV_PRIVATE 0.102.3
+ cli_wm_readdir@CLAMAV_PRIVATE 0.102.3
+ cli_writen@CLAMAV_PRIVATE 0.102.3
+ decodeLine@CLAMAV_PRIVATE 0.102.3
+ disasmbuf@CLAMAV_PRIVATE 0.102.3
+ fmap@CLAMAV_PRIVATE 0.102.3
+ get_fpu_endian@CLAMAV_PRIVATE 0.102.3
+ have_clamjit@CLAMAV_PRIVATE 0.102.3
+ have_rar@CLAMAV_PRIVATE 0.102.3
+ html_normalise_map@CLAMAV_PRIVATE 0.102.3
+ html_normalise_mem@CLAMAV_PRIVATE 0.102.3
+ html_screnc_decode@CLAMAV_PRIVATE 0.102.3
+ html_tag_arg_free@CLAMAV_PRIVATE 0.102.3
+ init_domainlist@CLAMAV_PRIVATE 0.102.3
+ init_regex_list@CLAMAV_PRIVATE 0.102.3
+ init_whitelist@CLAMAV_PRIVATE 0.102.3
+ is_regex_ok@CLAMAV_PRIVATE 0.102.3
+ load_regex_matcher@CLAMAV_PRIVATE 0.102.3
  lsig_sub_matched@CLAMAV_PUBLIC 0.101.0
- messageCreate@CLAMAV_PRIVATE 0.102.2
- messageDestroy@CLAMAV_PRIVATE 0.102.2
- mpool_calloc@CLAMAV_PRIVATE 0.102.2
- mpool_create@CLAMAV_PRIVATE 0.102.2
- mpool_destroy@CLAMAV_PRIVATE 0.102.2
- mpool_free@CLAMAV_PRIVATE 0.102.2
- mpool_getstats@CLAMAV_PRIVATE 0.102.2
- phishingScan@CLAMAV_PRIVATE 0.102.2
- phishing_done@CLAMAV_PRIVATE 0.102.2
- phishing_init@CLAMAV_PRIVATE 0.102.2
- regex_list_add_pattern@CLAMAV_PRIVATE 0.102.2
- regex_list_done@CLAMAV_PRIVATE 0.102.2
- regex_list_match@CLAMAV_PRIVATE 0.102.2
- tableCreate@CLAMAV_PRIVATE 0.102.2
- tableDestroy@CLAMAV_PRIVATE 0.102.2
- tableFind@CLAMAV_PRIVATE 0.102.2
- tableInsert@CLAMAV_PRIVATE 0.102.2
- tableIterate@CLAMAV_PRIVATE 0.102.2
- tableRemove@CLAMAV_PRIVATE 0.102.2
- tableUpdate@CLAMAV_PRIVATE 0.102.2
- text_normalize_init@CLAMAV_PRIVATE 0.102.2
- text_normalize_map@CLAMAV_PRIVATE 0.102.2
- text_normalize_reset@CLAMAV_PRIVATE 0.102.2
- uniq_add@CLAMAV_PRIVATE 0.102.2
- uniq_free@CLAMAV_PRIVATE 0.102.2
- uniq_get@CLAMAV_PRIVATE 0.102.2
- uniq_init@CLAMAV_PRIVATE 0.102.2
+ messageCreate@CLAMAV_PRIVATE 0.102.3
+ messageDestroy@CLAMAV_PRIVATE 0.102.3
+ mpool_calloc@CLAMAV_PRIVATE 0.102.3
+ mpool_create@CLAMAV_PRIVATE 0.102.3
+ mpool_destroy@CLAMAV_PRIVATE 0.102.3
+ mpool_free@CLAMAV_PRIVATE 0.102.3
+ mpool_getstats@CLAMAV_PRIVATE 0.102.3
+ phishingScan@CLAMAV_PRIVATE 0.102.3
+ phishing_done@CLAMAV_PRIVATE 0.102.3
+ phishing_init@CLAMAV_PRIVATE 0.102.3
+ regex_list_add_pattern@CLAMAV_PRIVATE 0.102.3
+ regex_list_done@CLAMAV_PRIVATE 0.102.3
+ regex_list_match@CLAMAV_PRIVATE 0.102.3
+ tableCreate@CLAMAV_PRIVATE 0.102.3
+ tableDestroy@CLAMAV_PRIVATE 0.102.3
+ tableFind@CLAMAV_PRIVATE 0.102.3
+ tableInsert@CLAMAV_PRIVATE 0.102.3
+ tableIterate@CLAMAV_PRIVATE 0.102.3
+ tableRemove@CLAMAV_PRIVATE 0.102.3
+ tableUpdate@CLAMAV_PRIVATE 0.102.3
+ text_normalize_init@CLAMAV_PRIVATE 0.102.3
+ text_normalize_map@CLAMAV_PRIVATE 0.102.3
+ text_normalize_reset@CLAMAV_PRIVATE 0.102.3
+ uniq_add@CLAMAV_PRIVATE 0.102.3
+ uniq_free@CLAMAV_PRIVATE 0.102.3
+ uniq_get@CLAMAV_PRIVATE 0.102.3
+ uniq_init@CLAMAV_PRIVATE 0.102.3
 libfreshclam.so.2 libclamav9 #MINVER#
  FRESHCLAM_PRIVATE@FRESHCLAM_PRIVATE 0.102.1
  FRESHCLAM_PUBLIC@FRESHCLAM_PUBLIC 0.102.1
diff -Nru clamav-0.102.2+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch clamav-0.102.3+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch
--- clamav-0.102.2+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch	2020-02-22 14:39:45.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/patches/Add-support-for-LLVM-3.7.patch	2020-05-22 22:32:31.000000000 +0200
@@ -1,4 +1,4 @@
-From 68661dd196d6bbde7846922b42e7ac13b6444dff Mon Sep 17 00:00:00 2001
+From 13e4f6183203d196555ebdadfcabcf19429c8f4a Mon Sep 17 00:00:00 2001
 From: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 Date: Fri, 14 Oct 2016 20:24:39 +0200
 Subject: Add support for LLVM 3.7
diff -Nru clamav-0.102.2+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch clamav-0.102.3+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch
--- clamav-0.102.2+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch	2020-02-22 14:39:45.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/patches/Add-support-for-LLVM-3.8.patch	2020-05-22 22:32:31.000000000 +0200
@@ -1,4 +1,4 @@
-From 528866803fb13a6643007b8b99f6810a9e174654 Mon Sep 17 00:00:00 2001
+From cad467b71ed31a10793bdac88e4c0bb0caa54991 Mon Sep 17 00:00:00 2001
 From: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 Date: Fri, 14 Oct 2016 20:24:48 +0200
 Subject: Add support for LLVM 3.8
diff -Nru clamav-0.102.2+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch clamav-0.102.3+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch
--- clamav-0.102.2+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch	2020-02-22 14:39:45.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/patches/Add-support-for-LLVM-3.9.patch	2020-05-22 22:32:31.000000000 +0200
@@ -1,4 +1,4 @@
-From 4b3eac73e10df86cb617190b0b6f911edd76ae9d Mon Sep 17 00:00:00 2001
+From f921741f4223abac2066e067495d16311bb8a655 Mon Sep 17 00:00:00 2001
 From: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 Date: Fri, 14 Oct 2016 20:24:56 +0200
 Subject: Add support for LLVM 3.9
diff -Nru clamav-0.102.2+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch clamav-0.102.3+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch
--- clamav-0.102.2+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch	2020-02-22 14:39:45.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/patches/add-support-for-system-tomsfastmath.patch	2020-05-22 22:32:31.000000000 +0200
@@ -1,4 +1,4 @@
-From 926217af68df8cadd46632dc6d4dd4af2ddf940b Mon Sep 17 00:00:00 2001
+From 11ee2f472776b01b8ae4de78a1e1e52b1814079c Mon Sep 17 00:00:00 2001
 From: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 Date: Wed, 11 Mar 2015 20:03:15 +0100
 Subject: add support for system tomsfastmath
@@ -14,7 +14,7 @@
  create mode 100644 m4/reorganization/libs/tomsfastmath.m4
 
 diff --git a/configure.ac b/configure.ac
-index 528c098..8617ea6 100644
+index 8375971..3cacfb8 100644
 --- a/configure.ac
 +++ b/configure.ac
 @@ -98,6 +98,7 @@ m4_include([m4/reorganization/libs/libmspack.m4])
diff -Nru clamav-0.102.2+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch clamav-0.102.3+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch
--- clamav-0.102.2+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch	2020-02-22 14:39:45.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/patches/Change-paths-in-sample-conf-file-to-match-Debian.patch	2020-05-22 22:32:31.000000000 +0200
@@ -1,4 +1,4 @@
-From 9aab52e85087677be25ca6d2fed994390788e587 Mon Sep 17 00:00:00 2001
+From d6669ed24e9e80dc91b787ab9734bf563f1ef628 Mon Sep 17 00:00:00 2001
 From: Scott Kitterman <scott@kitterman.com>
 Date: Mon, 10 Mar 2014 19:20:18 -0400
 Subject: Change paths in sample conf file to match Debian
diff -Nru clamav-0.102.2+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch clamav-0.102.3+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch
--- clamav-0.102.2+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch	2020-02-22 14:39:45.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/patches/clamd_dont_depend_on_clamav_demon_socket.patch	2020-05-22 22:32:31.000000000 +0200
@@ -1,4 +1,4 @@
-From 010a3a9968539a67ca912d36f40788c44f0ff9e5 Mon Sep 17 00:00:00 2001
+From 23dcb9a9f268a46c7df2d27c79c5adf341671ec4 Mon Sep 17 00:00:00 2001
 From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
 Date: Thu, 11 Aug 2016 21:54:10 +0200
 Subject: clamd: don't depend on clamav-demon.socket
diff -Nru clamav-0.102.2+dfsg/debian/patches/clamsubmit-libfreshclam-Use-CURL_CA_BUNDLE.patch clamav-0.102.3+dfsg/debian/patches/clamsubmit-libfreshclam-Use-CURL_CA_BUNDLE.patch
--- clamav-0.102.2+dfsg/debian/patches/clamsubmit-libfreshclam-Use-CURL_CA_BUNDLE.patch	2020-02-22 14:39:45.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/patches/clamsubmit-libfreshclam-Use-CURL_CA_BUNDLE.patch	2020-05-22 22:32:31.000000000 +0200
@@ -1,4 +1,4 @@
-From 2d34217d30a97a3e191186f82a85cb99e8e50af8 Mon Sep 17 00:00:00 2001
+From 04fd79ea5eace5273a13bd66b095e2fef0ea3bff Mon Sep 17 00:00:00 2001
 From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
 Date: Sun, 16 Feb 2020 17:09:37 +0100
 Subject: clamsubmit / libfreshclam: Use CURL_CA_BUNDLE
diff -Nru clamav-0.102.2+dfsg/debian/rules clamav-0.102.3+dfsg/debian/rules
--- clamav-0.102.2+dfsg/debian/rules	2020-02-22 14:39:45.000000000 +0100
+++ clamav-0.102.3+dfsg/debian/rules	2020-05-22 22:32:31.000000000 +0200
@@ -88,7 +88,7 @@
 	  fi;\
 	done; \
 	# Check for library features which may have been upgraded.
-	if ! grep -q "CL_FLEVEL 113" libclamav/others.h ; then \
+	if ! grep -q "CL_FLEVEL 114" libclamav/others.h ; then \
 		echo "cl_retflevel needs boosting in symbol file"; \
 		touch debian/exit; \
 	fi;
@@ -137,9 +137,9 @@
 
 override_dh_auto_test:
 ifneq (,$(filter ia64 sparc, $(DEB_HOST_ARCH)))
-	T=900 dh_auto_test -- EF_ALIGNMENT=8 V=1 VERBOSE=1
+	T=900 $(MAKE) check EF_ALIGNMENT=8 V=1 VERBOSE=1
 else
-	T=900 dh_auto_test -- V=1 VERBOSE=1
+	T=900 $(MAKE) check V=1 VERBOSE=1
 endif
 
 override_dh_install:
diff -Nru clamav-0.102.2+dfsg/docs/html/UserManual/Installation-Unix.html clamav-0.102.3+dfsg/docs/html/UserManual/Installation-Unix.html
--- clamav-0.102.2+dfsg/docs/html/UserManual/Installation-Unix.html	2020-02-04 15:59:24.000000000 +0100
+++ clamav-0.102.3+dfsg/docs/html/UserManual/Installation-Unix.html	2020-05-12 03:54:59.000000000 +0200
@@ -70,8 +70,6 @@
 <ul>
 <li>CentOS 6 32bit: zlib 1.2.3-29</li>
 <li>Solution: Update to newer version.</li>
-<li>AIX 5.3: zlib 1.2.11-1</li>
-<li>Solution: Try different version, downgrade may be required.</li>
 </ul>
 <hr />
 <h2 id="installing-clamav">Installing ClamAV</h2>
diff -Nru clamav-0.102.2+dfsg/docs/html/UserManual/Installation-Windows.html clamav-0.102.3+dfsg/docs/html/UserManual/Installation-Windows.html
--- clamav-0.102.2+dfsg/docs/html/UserManual/Installation-Windows.html	2020-02-04 15:59:23.000000000 +0100
+++ clamav-0.102.3+dfsg/docs/html/UserManual/Installation-Windows.html	2020-05-12 03:54:58.000000000 +0200
@@ -15,9 +15,9 @@
 <h2 id="install-using-the-clamav-windows-installer">Install using the ClamAV Windows Installer</h2>
 <p>Important: Installing ClamAV using the Installer will require Administrator privileges.</p>
 <ol>
-<li>Download: <a href="http://www.clamav.net/downloads/production/ClamAV-0.102.1.exe"; class="uri">http://www.clamav.net/downloads/production/ClamAV-0.102.1.exe</a></li>
+<li>Download: <a href="http://www.clamav.net/downloads/production/ClamAV-0.102.2.exe"; class="uri">http://www.clamav.net/downloads/production/ClamAV-0.102.2.exe</a></li>
 <li>Locate the file in your Downloads directory.</li>
-<li>Right-click on <code>ClamAV-0.102.1.exe</code> and select <code>Run as administrator</code>. You may receive a warning message along the lines of &quot;Windows protected your PC&quot;. Select <code>More info</code> and then select <code>Run anyway</code>.</li>
+<li>Right-click on <code>ClamAV-0.102.2.exe</code> and select <code>Run as administrator</code>. You may receive a warning message along the lines of &quot;Windows protected your PC&quot;. Select <code>More info</code> and then select <code>Run anyway</code>.</li>
 <li>Select <code>I accept the agreement</code> and click <code>Next</code>.</li>
 <li>Click <code>Next</code> again. If you've removed a previous installation of ClamAV, you may receive the prompt &quot;The folder ... already exists...&quot;. If you do, select <code>Yes</code>.</li>
 <li>Click <code>Install</code>.</li>
@@ -36,9 +36,9 @@
 <hr />
 <h2 id="install-using-the-clamav-portable-install-package">Install using the ClamAV Portable Install Package</h2>
 <ol>
-<li>Download: <a href="https://www.clamav.net/downloads/production/clamav-0.102.1-win-x64-portable.zip"; class="uri">https://www.clamav.net/downloads/production/clamav-0.102.1-win-x64-portable.zip</a></li>
+<li>Download: <a href="https://www.clamav.net/downloads/production/clamav-0.102.2-win-x64-portable.zip"; class="uri">https://www.clamav.net/downloads/production/clamav-0.102.2-win-x64-portable.zip</a></li>
 <li>Unzip it.</li>
-<li>Open the <code>clamav-0.102.1-win-x64-portable</code> directory.</li>
+<li>Open the <code>clamav-0.102.2-win-x64-portable</code> directory.</li>
 <li>Hold down Shift and then right-click on the background in the current directory (but not on one of the files). Select <code>&quot;Open PowerShell window here&quot;</code>. If that option doesn't appear, try again.</li>
 </ol>
 <p>Continue on to &quot;First Time Set-Up&quot;...</p>
diff -Nru clamav-0.102.2+dfsg/libclamav/7z/XzDec.c clamav-0.102.3+dfsg/libclamav/7z/XzDec.c
--- clamav-0.102.2+dfsg/libclamav/7z/XzDec.c	2020-02-04 15:59:26.000000000 +0100
+++ clamav-0.102.3+dfsg/libclamav/7z/XzDec.c	2020-05-12 03:54:49.000000000 +0200
@@ -425,7 +425,7 @@
       const Byte *srcCur;
       int srcFinishedCur;
       int encodingWasFinished;
-      
+
       if (i == 0)
       {
         srcCur = src;
@@ -438,7 +438,7 @@
         srcLenCur = p->size[i - 1] - p->pos[i - 1];
         srcFinishedCur = p->finished[i - 1];
       }
-      
+
       if (i == p->numCoders - 1)
       {
         destCur = dest;
@@ -451,7 +451,7 @@
         destCur = p->buf + (CODER_BUF_SIZE * i);
         destLenCur = CODER_BUF_SIZE;
       }
-      
+
       res = coder->Code(coder->p, destCur, &destLenCur, srcCur, &srcLenCur, srcFinishedCur, finishMode, &encodingWasFinished);
 
       if (!encodingWasFinished)
@@ -478,7 +478,7 @@
         p->pos[i] = 0;
         p->finished[i] = encodingWasFinished;
       }
-      
+
       if (res != SZ_OK)
         return res;
 
@@ -617,6 +617,7 @@
   if (!p)
     return;
   MixCoder_Free(&p->decoder);
+  cl_hash_destroy(p->check.sha);
   cl_hash_destroy(p->sha);
   p->sha = NULL;
 }
@@ -643,20 +644,20 @@
         *status = CODER_STATUS_NOT_FINISHED;
         return SZ_OK;
       }
-      
+
       res = MixCoder_Code(&p->decoder, dest, &destLen2, src, &srcLen2, False, finishMode, status);
       XzCheck_Update(&p->check, dest, destLen2);
-      
+
       (*srcLen) += srcLen2;
       src += srcLen2;
       p->packSize += srcLen2;
-      
+
       (*destLen) += destLen2;
       dest += destLen2;
       p->unpackSize += destLen2;
-      
+
       RINOK(res);
-      
+
       if (*status == CODER_STATUS_FINISHED_WITH_MARK)
       {
         Byte temp[32];
@@ -666,14 +667,14 @@
             cl_update_hash(p->sha, temp, num);
         p->indexSize += num;
         p->numBlocks++;
-        
+
         p->state = XZ_STATE_BLOCK_FOOTER;
         p->pos = 0;
         p->alignPos = 0;
       }
       else if (srcLen2 == 0 && destLen2 == 0)
         return SZ_OK;
-      
+
       continue;
     }
 
@@ -887,7 +888,7 @@
         }
         break;
       }
-      
+
       case XZ_STATE_BLOCK: break; /* to disable GCC warning */
     }
   }
diff -Nru clamav-0.102.2+dfsg/libclamav/arc4.c clamav-0.102.3+dfsg/libclamav/arc4.c
--- clamav-0.102.2+dfsg/libclamav/arc4.c	2020-02-04 15:59:26.000000000 +0100
+++ clamav-0.102.3+dfsg/libclamav/arc4.c	2020-05-12 03:54:49.000000000 +0200
@@ -27,11 +27,16 @@
 #include "arc4.h"
 #include <string.h>
 
-void arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength)
+bool arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength)
 {
     unsigned i;
     uint8_t j;
-    uint32_t *S = &a->S[0];
+    uint32_t *S;
+
+    if (NULL == a || NULL == key || 0 == keylength)
+        return false;
+
+    S = &a->S[0];
 
     for (i = 0; i < 256; i++)
         S[i] = i;
@@ -42,6 +47,7 @@
         S[j]        = tmp;
     }
     a->i = a->j = 0;
+    return true;
 }
 
 void arc4_apply(struct arc4_state *s, uint8_t *data, unsigned len)
diff -Nru clamav-0.102.2+dfsg/libclamav/arc4.h clamav-0.102.3+dfsg/libclamav/arc4.h
--- clamav-0.102.2+dfsg/libclamav/arc4.h	2020-02-04 15:59:26.000000000 +0100
+++ clamav-0.102.3+dfsg/libclamav/arc4.h	2020-05-12 03:54:49.000000000 +0200
@@ -19,6 +19,8 @@
  *  MA 02110-1301, USA.
  */
 
+#include <stdbool.h>
+
 #include "clamav-types.h"
 struct arc4_state {
     /* really just 8 bit, but it is faster if reads are aligned */
@@ -26,5 +28,5 @@
     uint8_t i, j;
 };
 
-void arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength);
+bool arc4_init(struct arc4_state *a, const uint8_t *key, unsigned keylength);
 void arc4_apply(struct arc4_state *s, uint8_t *data, unsigned len);
diff -Nru clamav-0.102.2+dfsg/libclamav/bytecode_api.h clamav-0.102.3+dfsg/libclamav/bytecode_api.h
--- clamav-0.102.2+dfsg/libclamav/bytecode_api.h	2020-02-04 15:59:26.000000000 +0100
+++ clamav-0.102.3+dfsg/libclamav/bytecode_api.h	2020-05-12 03:54:49.000000000 +0200
@@ -144,6 +144,7 @@
     FUNC_LEVEL_0102      = 111, /**< LibClamAV release 0.102.0 */
     FUNC_LEVEL_0102_1    = 112, /**< LibClamAV release 0.102.1 */
     FUNC_LEVEL_0102_2    = 113, /**< LibClamAV release 0.102.2 */
+    FUNC_LEVEL_0102_3    = 114, /**< LibClamAV release 0.102.3 */
 };
 
 /**
diff -Nru clamav-0.102.2+dfsg/libclamav/egg.c clamav-0.102.3+dfsg/libclamav/egg.c
--- clamav-0.102.2+dfsg/libclamav/egg.c	2020-02-04 15:59:26.000000000 +0100
+++ clamav-0.102.3+dfsg/libclamav/egg.c	2020-05-12 03:54:49.000000000 +0200
@@ -2846,10 +2846,6 @@
     }
 
     handle = (egg_handle*)hArchive;
-    if (CL_SUCCESS != EGG_VALIDATE_HANDLE(handle)) {
-        cli_errmsg("cli_egg_close: Invalid handle values!\n");
-        return;
-    }
 
     egg_free_egg_handle(handle);
 
diff -Nru clamav-0.102.2+dfsg/libclamav/others.h clamav-0.102.3+dfsg/libclamav/others.h
--- clamav-0.102.2+dfsg/libclamav/others.h	2020-02-04 15:59:26.000000000 +0100
+++ clamav-0.102.3+dfsg/libclamav/others.h	2020-05-12 03:54:49.000000000 +0200
@@ -71,7 +71,7 @@
  * in re-enabling affected modules.
  */
 
-#define CL_FLEVEL 113
+#define CL_FLEVEL 114
 #define CL_FLEVEL_DCONF CL_FLEVEL
 #define CL_FLEVEL_SIGTOOL CL_FLEVEL
 
diff -Nru clamav-0.102.2+dfsg/libclamav/pdf.c clamav-0.102.3+dfsg/libclamav/pdf.c
--- clamav-0.102.2+dfsg/libclamav/pdf.c	2020-02-04 15:59:26.000000000 +0100
+++ clamav-0.102.3+dfsg/libclamav/pdf.c	2020-05-12 03:54:49.000000000 +0200
@@ -1089,8 +1089,9 @@
     int nrounds;
 
     cli_dbgmsg("aes_decrypt: key length: %d, data length: %zu\n", key_n, *length);
-    if (key_n > 32) {
-        cli_dbgmsg("aes_decrypt: key length is %d!\n", key_n * 8);
+    if (!(key_n == 16 || key_n == 24 || key_n == 32)) {
+        cli_dbgmsg("aes_decrypt: invalid key length: %u!\n", key_n * 8);
+        noisy_warnmsg("aes_decrypt: invalid key length: %u!\n", key_n * 8);
         return;
     }
 
@@ -1166,7 +1167,12 @@
     struct arc4_state arc4;
 
     if (!length || !*length || !in) {
-        noisy_warnmsg("decrypt_any: decrypt failed for obj %u %u\n", id >> 8, id & 0xff);
+        noisy_warnmsg("decrypt_any: decrypt failed for obj %u %u:  Invalid arguments.\n", id >> 8, id & 0xff);
+        return NULL;
+    }
+
+    if (NULL == pdf->key || 0 == pdf->keylen) {
+        noisy_warnmsg("decrypt_any: decrypt failed for obj %u %u:  PDF key never identified.\n", id >> 8, id & 0xff);
         return NULL;
     }
 
@@ -1207,7 +1213,10 @@
         case ENC_V2:
             cli_dbgmsg("cli_pdf: enc is v2\n");
             memcpy(q, in, *length);
-            arc4_init(&arc4, result, n);
+            if (false == arc4_init(&arc4, result, n)) {
+                noisy_warnmsg("decrypt_any: failed to init arc4\n");
+                return NULL;
+            }
             arc4_apply(&arc4, q, (unsigned)*length); /* TODO: may truncate for very large lengths */
 
             noisy_msg(pdf, "decrypt_any: decrypted ARC4 data\n");
@@ -2802,7 +2811,10 @@
         if (R == 2) {
             /* 7.6.3.3 Algorithm 4 */
             memcpy(data, key_padding, 32);
-            arc4_init(&arc4, (const uint8_t *)(pdf->key), pdf->keylen);
+            if (false == arc4_init(&arc4, (const uint8_t *)(pdf->key), pdf->keylen)) {
+                noisy_warnmsg("decrypt_any: failed to init arc4\n");
+                return;
+            }
             arc4_apply(&arc4, (uint8_t *)data, 32);
             dbg_printhex("computed U (R2)", data, 32);
             if (!memcmp(data, U, 32))
@@ -2821,7 +2833,10 @@
             cl_hash_data("md5", d, 32 + pdf->fileIDlen, result, NULL);
             memcpy(data, pdf->key, len);
 
-            arc4_init(&arc4, (const uint8_t *)data, len);
+            if (false == arc4_init(&arc4, (const uint8_t *)data, len)) {
+                noisy_warnmsg("decrypt_any: failed to init arc4\n");
+                return;
+            }
             arc4_apply(&arc4, result, 16);
             for (i = 1; i <= 19; i++) {
                 unsigned j;
@@ -2829,7 +2844,10 @@
                 for (j = 0; j < len; j++)
                     data[j] = pdf->key[j] ^ i;
 
-                arc4_init(&arc4, (const uint8_t *)data, len);
+                if (false == arc4_init(&arc4, (const uint8_t *)data, len)) {
+                    noisy_warnmsg("decrypt_any: failed to init arc4\n");
+                    return;
+                }
                 arc4_apply(&arc4, result, 16);
             }
 
diff -Nru clamav-0.102.2+dfsg/libclamav/pdfdecode.c clamav-0.102.3+dfsg/libclamav/pdfdecode.c
--- clamav-0.102.2+dfsg/libclamav/pdfdecode.c	2020-02-04 15:59:26.000000000 +0100
+++ clamav-0.102.3+dfsg/libclamav/pdfdecode.c	2020-05-12 03:54:49.000000000 +0200
@@ -638,8 +638,11 @@
     }
 
     if (rc == CL_SUCCESS) {
-        /* Shrink output buffer to final the decoded data length to minimize RAM usage */
-        if (!(temp = cli_realloc(decoded, declen))) {
+        if (declen == 0) {
+            cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n");
+            rc = CL_BREAK;
+        } else if (!(temp = cli_realloc(decoded, declen))) {
+            /* Shrink output buffer to final the decoded data length to minimize RAM usage */
             cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
             rc = CL_EMEM;
         } else {
@@ -647,7 +650,7 @@
         }
     }
 
-    if (rc == CL_SUCCESS) {
+    if (rc == CL_SUCCESS || rc == CL_BREAK) {
         free(token->content);
 
         cli_dbgmsg("cli_pdf: decoded %lu bytes from %lu total bytes\n",
@@ -817,8 +820,11 @@
     (void)inflateEnd(&stream);
 
     if (rc == CL_SUCCESS) {
-        /* Shrink output buffer to final the decoded data length to minimize RAM usage */
-        if (!(temp = cli_realloc(decoded, declen))) {
+        if (declen == 0) {
+            cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n");
+            rc = CL_BREAK;
+        } else if (!(temp = cli_realloc(decoded, declen))) {
+            /* Shrink output buffer to final the decoded data length to minimize RAM usage */
             cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
             rc = CL_EMEM;
         } else {
@@ -826,7 +832,7 @@
         }
     }
 
-    if (rc == CL_SUCCESS) {
+    if (rc == CL_SUCCESS || rc == CL_BREAK) {
         free(token->content);
 
         token->content = decoded;
@@ -1099,8 +1105,11 @@
     (void)lzwInflateEnd(&stream);
 
     if (rc == CL_SUCCESS) {
-        /* Shrink output buffer to final the decoded data length to minimize RAM usage */
-        if (!(temp = cli_realloc(decoded, declen))) {
+        if (declen == 0) {
+            cli_dbgmsg("cli_pdf: empty stream after inflation completed.\n");
+            rc = CL_BREAK;
+        } else if (!(temp = cli_realloc(decoded, declen))) {
+            /* Shrink output buffer to final the decoded data length to minimize RAM usage */
             cli_errmsg("cli_pdf: cannot reallocate memory for decoded output\n");
             rc = CL_EMEM;
         } else {
@@ -1108,7 +1117,7 @@
         }
     }
 
-    if (rc == CL_SUCCESS) {
+    if (rc == CL_SUCCESS || rc == CL_BREAK) {
         free(token->content);
 
         token->content = decoded;
diff -Nru clamav-0.102.2+dfsg/libclamav/unarj.c clamav-0.102.3+dfsg/libclamav/unarj.c
--- clamav-0.102.2+dfsg/libclamav/unarj.c	2020-02-04 15:59:26.000000000 +0100
+++ clamav-0.102.3+dfsg/libclamav/unarj.c	2020-05-12 03:54:49.000000000 +0200
@@ -834,18 +834,16 @@
     uint16_t header_size, count;
     arj_main_hdr_t main_hdr;
     const char *filename = NULL;
-    const char *comment = NULL;
-    off_t header_offset;
+    const char *comment  = NULL;
     struct text_norm_state fnstate, comstate;
-    unsigned char *fnnorm = NULL;
+    unsigned char *fnnorm  = NULL;
     unsigned char *comnorm = NULL;
-    uint32_t ret = TRUE;
+    uint32_t ret           = TRUE;
 
     if (fmap_readn(metadata->map, &header_size, metadata->offset, 2) != 2)
         return FALSE;
 
     metadata->offset += 2;
-    header_offset = metadata->offset;
     header_size   = le16_to_host(header_size);
     cli_dbgmsg("Header Size: %d\n", header_size);
     if (header_size == 0) {
@@ -882,8 +880,8 @@
         metadata->offset += main_hdr.first_hdr_size - 30;
     }
 
-    fnnorm = cli_calloc(sizeof(unsigned char), header_size + 1);
-    filename = fmap_need_offstr(metadata->map, metadata->offset, header_size);
+    fnnorm   = cli_calloc(sizeof(unsigned char), header_size + 1);
+    filename = fmap_need_offstr(metadata->map, metadata->offset, header_size + 1);
     if (!filename) {
         cli_dbgmsg("UNARJ: Unable to allocate memory for filename\n");
         ret = FALSE;
@@ -892,7 +890,7 @@
     metadata->offset += CLI_STRNLEN(filename, header_size) + 1;
 
     comnorm = cli_calloc(sizeof(unsigned char), header_size + 1);
-    comment = fmap_need_offstr(metadata->map, metadata->offset, header_size);
+    comment = fmap_need_offstr(metadata->map, metadata->offset, header_size + 1);
     if (!comment || !comnorm) {
         cli_dbgmsg("UNARJ: Unable to allocate memory for comment\n");
         ret = FALSE;
@@ -903,8 +901,8 @@
     text_normalize_init(&fnstate, fnnorm, header_size);
     text_normalize_init(&comstate, comnorm, header_size);
 
-    text_normalize_buffer(&fnstate, filename, metadata->offset);
-    text_normalize_buffer(&comstate, comment, metadata->offset);
+    text_normalize_buffer(&fnstate, (const unsigned char *)filename, header_size);
+    text_normalize_buffer(&comstate, (const unsigned char *)comment, header_size);
 
     cli_dbgmsg("Filename: %s\n", fnnorm);
     cli_dbgmsg("Comment: %s\n", comnorm);
@@ -947,9 +945,9 @@
     const char *filename, *comment;
     arj_file_hdr_t file_hdr;
     struct text_norm_state fnstate, comstate;
-    unsigned char *fnnorm = NULL;
+    unsigned char *fnnorm  = NULL;
     unsigned char *comnorm = NULL;
-    uint32_t ret = CL_SUCCESS;
+    uint32_t ret           = CL_SUCCESS;
 
     if (fmap_readn(metadata->map, &header_size, metadata->offset, 2) != 2)
         return CL_EFORMAT;
@@ -999,8 +997,8 @@
         metadata->offset += file_hdr.first_hdr_size - 30;
     }
 
-    fnnorm = cli_calloc(sizeof(unsigned char), header_size + 1);
-    filename = fmap_need_offstr(metadata->map, metadata->offset, header_size);
+    fnnorm   = cli_calloc(sizeof(unsigned char), header_size + 1);
+    filename = fmap_need_offstr(metadata->map, metadata->offset, header_size + 1);
     if (!filename) {
         cli_dbgmsg("UNARJ: Unable to allocate memory for filename\n");
         ret = FALSE;
@@ -1009,7 +1007,7 @@
     metadata->offset += CLI_STRNLEN(filename, header_size) + 1;
 
     comnorm = cli_calloc(sizeof(unsigned char), header_size + 1);
-    comment = fmap_need_offstr(metadata->map, metadata->offset, header_size);
+    comment = fmap_need_offstr(metadata->map, metadata->offset, header_size + 1);
     if (!comment) {
         cli_dbgmsg("UNARJ: Unable to allocate memory for comment\n");
         ret = FALSE;
@@ -1020,8 +1018,8 @@
     text_normalize_init(&fnstate, fnnorm, header_size);
     text_normalize_init(&comstate, comnorm, header_size);
 
-    text_normalize_buffer(&fnstate, filename, metadata->offset);
-    text_normalize_buffer(&comstate, comment, metadata->offset);
+    text_normalize_buffer(&fnstate, (const unsigned char *)filename, header_size);
+    text_normalize_buffer(&comstate, (const unsigned char *)comment, header_size);
 
     cli_dbgmsg("Filename: %s\n", fnnorm);
     cli_dbgmsg("Comment: %s\n", comnorm);
@@ -1037,7 +1035,7 @@
             if (metadata->filename)
                 free(metadata->filename);
             metadata->filename = NULL;
-            ret = CL_EFORMAT;
+            ret                = CL_EFORMAT;
             goto done;
         }
         count = cli_readint16(countp);
@@ -1055,11 +1053,11 @@
     metadata->encrypted = ((file_hdr.flags & GARBLE_FLAG) != 0) ? TRUE : FALSE;
     metadata->ofd       = -1;
     if (!metadata->filename) {
-        ret =  CL_EMEM;
+        ret = CL_EMEM;
         goto done;
     }
 
-    done:
+done:
 
     if (fnnorm) {
         free(fnnorm);
diff -Nru clamav-0.102.2+dfsg/m4/reorganization/version.m4 clamav-0.102.3+dfsg/m4/reorganization/version.m4
--- clamav-0.102.2+dfsg/m4/reorganization/version.m4	2020-02-04 15:59:26.000000000 +0100
+++ clamav-0.102.3+dfsg/m4/reorganization/version.m4	2020-05-12 03:54:49.000000000 +0200
@@ -3,7 +3,7 @@
 dnl For beta,                  set: VERSION="<version>-beta"
 dnl For release candidate,     set: VERSION="<version>-rc"
 dnl For release,               set: VERSION="<version>"
-VERSION="0.102.2"
+VERSION="0.102.3"
 
 major=`echo $PACKAGE_VERSION |cut -d. -f1 | sed -e "s/[^0-9]//g"`
 minor=`echo $PACKAGE_VERSION |cut -d. -f2 | sed -e "s/[^0-9]//g"`
diff -Nru clamav-0.102.2+dfsg/NEWS.md clamav-0.102.3+dfsg/NEWS.md
--- clamav-0.102.2+dfsg/NEWS.md	2020-02-04 15:59:26.000000000 +0100
+++ clamav-0.102.3+dfsg/NEWS.md	2020-05-12 03:54:49.000000000 +0200
@@ -3,6 +3,30 @@
 Note: This file refers to the source tarball. Things described here may differ
  slightly from the binary packages.
 
+## 0.102.3
+
+ClamAV 0.102.3 is a bug patch release to address the following issues.
+
+- [CVE-2020-3327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327):
+  Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that
+  could cause a Denial-of-Service (DoS) condition. Improper bounds checking of
+  an unsigned variable results in an out-of-bounds read which causes a crash.
+
+  Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ
+  parsing vulnerability.
+
+- [CVE-2020-3341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341):
+  Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that
+  could cause a Denial-of-Service (DoS) condition. Improper size checking of
+  a buffer used to initialize AES decryption routines results in an out-of-
+  bounds read which may cause a crash. Bug found by OSS-Fuzz.
+
+- Fix "Attempt to allocate 0 bytes" error when parsing some PDF documents.
+
+- Fix a couple of minor memory leaks.
+
+- Updated libclamunrar to UnRAR 5.9.2.
+
 ## 0.102.2
 
 ClamAV 0.102.2 is a bug patch release to address the following issues.

--- End Message ---

--- Begin Message ---

To: 931678-done@bugs.debian.org, 947351-done@bugs.debian.org, 947758-done@bugs.debian.org, 948652-done@bugs.debian.org, 953763-done@bugs.debian.org, 954020-done@bugs.debian.org, 954716-done@bugs.debian.org, 959661-done@bugs.debian.org, 959890-done@bugs.debian.org, 960020-done@bugs.debian.org, 960376-done@bugs.debian.org, 960395-done@bugs.debian.org, 960575-done@bugs.debian.org, 960600-done@bugs.debian.org, 960804-done@bugs.debian.org, 960806-done@bugs.debian.org, 960836-done@bugs.debian.org, 960885-done@bugs.debian.org, 960974-done@bugs.debian.org, 961019-done@bugs.debian.org, 961212-done@bugs.debian.org, 961275-done@bugs.debian.org, 961379-done@bugs.debian.org, 961439-done@bugs.debian.org, 961441-done@bugs.debian.org, 961514-done@bugs.debian.org, 961803-done@bugs.debian.org, 961833-done@bugs.debian.org, 961921-done@bugs.debian.org, 961936-done@bugs.debian.org, 961944-done@bugs.debian.org, 961978-done@bugs.debian.org, 962059-done@bugs.debian.org, 962067-done@bugs.debian.org, 962160-done@bugs.debian.org, 962227-done@bugs.debian.org, 962237-done@bugs.debian.org, 962255-done@bugs.debian.org, 962306-done@bugs.debian.org, 962982-done@bugs.debian.org, 963024-done@bugs.debian.org, 963267-done@bugs.debian.org, 963591-done@bugs.debian.org, 963595-done@bugs.debian.org, 963694-done@bugs.debian.org, 963796-done@bugs.debian.org, 963940-done@bugs.debian.org, 963986-done@bugs.debian.org, 964146-done@bugs.debian.org, 964158-done@bugs.debian.org, 964228-done@bugs.debian.org, 964338-done@bugs.debian.org, 964346-done@bugs.debian.org, 964350-done@bugs.debian.org, 964397-done@bugs.debian.org, 964412-done@bugs.debian.org, 964417-done@bugs.debian.org, 964422-done@bugs.debian.org, 964435-done@bugs.debian.org, 964574-done@bugs.debian.org, 964589-done@bugs.debian.org, 964712-done@bugs.debian.org, 964714-done@bugs.debian.org, 964715-done@bugs.debian.org, 964726-done@bugs.debian.org, 964740-done@bugs.debian.org, 964792-done@bugs.debian.org, 964807-done@bugs.debian.org, 964808-done@bugs.debian.org, 964860-done@bugs.debian.org, 964868-done@bugs.debian.org, 964898-done@bugs.debian.org, 964986-done@bugs.debian.org, 965116-done@bugs.debian.org, 965117-done@bugs.debian.org, 965257-done@bugs.debian.org, 965377-done@bugs.debian.org, 966151-done@bugs.debian.org, 966213-done@bugs.debian.org, 966247-done@bugs.debian.org, 966272-done@bugs.debian.org, 966310-done@bugs.debian.org

Subject: Closing bugs for fixes included in 10.5 point release

From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Date: Sat, 01 Aug 2020 12:51:28 +0100

Message-id: <43535efb498a168cf81452ca0c326f004f46adc6.camel@adam-barratt.org.uk>
Package: release.debian.org
Version: 10.5

Hi,

Each of these bugs relates to an update that was included in today's
stable point release.

Regards,

Adam
--- End Message ---

Reply to:

Prev by Date: Bug#961379: marked as done (buster-pu: package libntlm/1.5-1+deb10u1)
Next by Date: Bug#961212: marked as done (buster-pu: package dpdk/18.11.8-1~deb10u1)
Previous by thread: Bug#961379: marked as done (buster-pu: package libntlm/1.5-1+deb10u1)
Next by thread: Bug#961212: marked as done (buster-pu: package dpdk/18.11.8-1~deb10u1)
Index(es):
- Date
- Thread