|
|
|
|
Changelog for clamav-update-0.93.3-3.fc9.i386.rpm :
Thu Apr 23 00:00:00 2009 Enrico Scholz - 0.93.3-3 - added -nooutdate patch to avoid the \'has connected too many times with an outdated version\' on freshclam invocation. Because clamav is buggy like hell and full with security leaks, the database upgrade must not be skipped as broken modules are disabled by it too.
The patch itself is probably required due to a bug in freshclam: this message should never be triggered when \'freshclam\' is invoked in non-daemon mode (e.g. manually or as a cron-job).
Thu Nov 13 23:00:00 2008 Tomas Hoger - 0.93.3-2 - Security update - backport security fixes from 0.94: CVE-2008-1389 (#461461): Invalid memory access in the CHM unpacker CVE-2008-3912 (#461461): Multiple out-of-memory NULL pointer dereferences CVE-2008-3913 (#461461): Fix memory leak in the error code path in freshclam CVE-2008-3914 (#461461): Multiple file descriptor leaks on the error code path - Security update - backport security fixes from 0.94.1: CVE-2008-5050 (#470783): get_unicode_name() off-by-one buffer overflow
Mon Jul 14 00:00:00 2008 Enrico Scholz - 0.93.3-1 - updated to 0.93.3; improved fix for CVE-2008-2713 (out-of-bounds read on petite files) - CVE-2008-3215 - put pid instead of pgrp into pidfile of clamav-milter (bz #452359)
Wed Jun 18 00:00:00 2008 Enrico Scholz - 0.93.1-1 - updated to 0.93.1 - rediffed -path patch - CVE-2008-2713 Invalid Memory Access Denial Of Service Vulnerability
Tue Apr 15 00:00:00 2008 Enrico Scholz - 0.93-1 - updated to final 0.93 - removed daily.inc + main.inc directories; they are now replaced by *.cld containers - trimmed down MAILTO list of cronjob to \'root\' again; every well configured system has an alias for this recipient
Wed Mar 12 23:00:00 2008 Enrico Scholz - 0.93-0.1.rc1 - moved -milter scriptlets into -milter-core subpackage - added a requirement on the milteruser to the -milter-sendmail subpackage (reported by Bruce Jerrick)
Tue Mar 4 23:00:00 2008 Enrico Scholz - 0.93-0.0.rc1 - updated to 0.93rc1 - fixed rpath issues
Mon Feb 11 23:00:00 2008 Enrico Scholz - 0.92.1-1 - updated to 0.92.1
Tue Jan 1 23:00:00 2008 Enrico Scholz - 0.92-6 - redisabled unrar stuff completely by using clean sources - splitted -milter subpackage into pieces to allow use without sendmail (#239037)
Tue Jan 1 23:00:00 2008 Enrico Scholz - 0.92-5 - use a better way to disable RPATH-generation (needed for \'--with unrar\' builds)
Mon Dec 31 23:00:00 2007 Enrico Scholz - 0.92-4 - added a README.fedora to the milter package (#240610) - ship original sources again; unrar is now licensed correctly (no more stolen code put under GPL). Nevertheless, this license is not GPL compatible, and to allow libclamav to be used by GPL applications, unrar is disabled by a ./configure switch. - use pkg-config in clamav-config to emulate --cflags and --libs operations (fixes partly multilib issues) - registered some more auto-updated files and marked them as %ghost
Fri Dec 21 23:00:00 2007 Tom \"spot\" Callaway - 0.92-3 - updated to 0.92 (SECURITY): - CVE-2007-6335 MEW PE File Integer Overflow Vulnerability
Mon Oct 29 23:00:00 2007 Tom \"spot\" Callaway - 0.91.2-3 - remove RAR decompression code from source tarball because of legal problems (resolves 334371) - correct license tag
Tue Sep 25 00:00:00 2007 Jesse Keating - 0.91.2-2 - Bump release for upgrade path.
Sun Aug 26 00:00:00 2007 Enrico Scholz - 0.91.2-1 - updated to 0.91.2 (SECURITY): - CVE-2007-4510 DOS in RTF parser - DOS in html normalizer - arbitrary command execution by special crafted recipients in clamav-milter\'s black-hole mode - fixed an open(2) issue
Wed Jul 18 00:00:00 2007 Enrico Scholz - 0.91.1-0 - updated to 0.91.1
Fri Jul 13 00:00:00 2007 Enrico Scholz - 0.91-1 - updated to 0.91
Fri Jun 1 00:00:00 2007 Enrico Scholz - 0.90.3-1 - updated to 0.90.3 - BR tcpd.h instead of tcp_wrappers(-devel) to make it build both in FC6- and F7+
Sat Apr 14 00:00:00 2007 Enrico Scholz - 0.90.2-1 - [SECURITY] updated to 0.90.2; fixes CVE-2007-1745, CVE-2007-1997
Fri Mar 2 23:00:00 2007 Enrico Scholz - 0.90.1-2 - BR \'tcp_wrappers-devel\' instead of plain \'tcp_wrappers\'
Fri Mar 2 23:00:00 2007 Enrico Scholz - 0.90.1-1 - updated to 0.90.1 - updated %doc list
Sun Feb 18 23:00:00 2007 Enrico Scholz - 0.90-1 - updated to final 0.90 - removed -visibility patch since fixed upstream
Sun Feb 4 23:00:00 2007 Enrico Scholz - 0.90-0.3.rc3 - build with -Wl,-as-needed and cleaned up pkgconfig file - removed old hack which forced installation of freshclam.conf; related check was removed upstream - removed static library - removed %changelog entries from before 2004
Sat Feb 3 23:00:00 2007 Enrico Scholz - 0.90-0.2.rc3 - updated to 0.90rc3 - splitted mandatory parts from the data-file into a separate -filesystem subpackage - added a -data-empty subpackage to allow a setup where database is updated per cron-job and user does not want to download the large -data package with outdated virus definitations (#214949) - %ghost\'ed the files downloaded by freshclam
Tue Dec 12 23:00:00 2006 Enrico Scholz - 0.88.7-1 - updated to 0.88.7
Sun Nov 5 23:00:00 2006 Enrico Scholz - 0.88.6-1 - updated to 0.88.6
Thu Oct 19 00:00:00 2006 Enrico Scholz - 0.88.5-1 - updated to 0.88.5 (SECURITY); fixes CVE-2006-4182, CVE-2006-5295 - added patch to set \'__attribute__ ((visibility(\"hidden\")))\' for exported MD5_ *() functions (fixes #202043)
Fri Oct 6 00:00:00 2006 Christian Iseli 0.88.4-4 - rebuilt for unwind info generation, broken in gcc-4.1.1-21
Fri Sep 22 00:00:00 2006 Enrico Scholz - 0.88.4-3 - splitted SysV initscripts of -milter and -server into own subpackages
Sat Sep 16 00:00:00 2006 Enrico Scholz - 0.88.4-2 - rebuilt
Wed Aug 9 00:00:00 2006 Enrico Scholz - 0.88.4-1 - updated to 0.88.4 (SECURITY)
Thu Jul 13 00:00:00 2006 Enrico Scholz - removed the clamdscan(1) manpage from the -server subpackage
Sun Jul 9 00:00:00 2006 Enrico Scholz - removed a superfluous \'}\' - removed some code which was relevant for FC-3 only
Sun Jul 9 00:00:00 2006 Enrico Scholz - 0.88.3-1 - updated to 0.88.3 - updated to new fedora-usermgmt macros
Wed May 17 00:00:00 2006 Enrico Scholz - 0.88.2-2 - cleanups: removed unneeded curlies, use plain command instead of %__XXX macro, whitespace cleanup, removed unneeded versioned dependencies - added a \'Requires(post): group(clamav)\' dependencies for -update and added the corresponding Provides: to -data - removed the %_without_milter conditional; you won\'t gain anything when milter would be disabled at buildtime
Mon May 1 00:00:00 2006 Enrico Scholz - 0.88.2-1 - updated to 0.88.2 (SECURITY) - rediffed patches; most issues handled by 0.88.1-2 are fixed in 0.88.2
Tue Apr 25 00:00:00 2006 Enrico Scholz - 0.88.1-2 - added patch which fixes some classes of compiler warnings; at least the using of implicitly declared functions was reported to cause segfaults on AMD64 (brought to my attention by Marc Perkel) - added patch which fixes wrong usage of strncpy(3) in unrarlib.c
Fri Apr 7 00:00:00 2006 Enrico Scholz - 0.88.1-1 - updated to 0.88.1 (SECURITY)
Sat Feb 18 23:00:00 2006 Enrico Scholz - 0.88-2 - rebuilt for FC5
Tue Jan 10 23:00:00 2006 Enrico Scholz - 0.88-1 - updated to 0.88 - added pseudo-versions for the \'init(...)\' provides as a first step for the support of alternative initmethods
Tue Nov 15 23:00:00 2005 Enrico Scholz - 0.87.1-2 - moved \'freshclam.conf.5\' man page into the -update subpackage (#173221) - ship \'clamd.conf.5\' man page in the -server subpackage *too *. The same file is contained in multiple packages now, but this man-page can not be removed from the base package because it also applies to \'clamdscan\' there (#173221).
Fri Nov 4 23:00:00 2005 Enrico Scholz - 0.87.1-1 - updated to 0.87.1
Sun Sep 18 00:00:00 2005 Enrico Scholz - 0.87-1 - updated to 0.87 (SECURITY) - removed -timeout patch; it is solved upstream - reverted the -exim changes; they add yet more complexity, their functionality can go into an own package and they contained flaws
Sat Sep 10 00:00:00 2005 David Woodhouse - 0.86.2-5 - Add clamav-exim configuration package
Sat Jul 30 00:00:00 2005 Enrico Scholz - 0.86.2-4 - [milter] create the milter-logfile in the %post scriptlet - [milter] reverted the change of the default child_timeout value; it was set to 5 minutes in 0.86.2 which conflicts with the internal mode where a timeout must not be set. So, the clamav-milter would not run with the default configuration
Fri Jul 29 00:00:00 2005 Enrico Scholz - 0.86.2-3 - Fixed calculation of sleep duration; on some systems/IPs, `hostid` results in a negative number which is retained by the bash modulo-operation. So the sleep may get a negative number of seconds being interpreted as an option. This version makes sure that the module-operations returns a non-negative value. [BZ #164494, James Wilkinson] - added support for a /usr/sbin/clamav-notify-servers.local hook; this file will be executed (source\'d) before all other actions and can abort the entire processing by invoking \'exit\'
Tue Jul 26 00:00:00 2005 Enrico Scholz - 0.86.2-2 - updated to 0.86.2 (SECURITY) - changed the freshclam updating mechanism (again); now, it consists of a crontab which does not need to be changed and a helper script (freshclam-sleep). This helper script is configured by /etc/sysconfig/freshclam
Sun Jun 26 00:00:00 2005 Enrico Scholz - 0.86.1-2 - updated to 0.86.1 - fixed randomization in %post scriptlet: hour should be a range but not a single number
Wed Jun 22 00:00:00 2005 Enrico Scholz - 0.86-1 - updated to 0.86 - randomize freshclam startup times in -update\'s %post script (suggested by Stephen Smoogen); this requires some more Requires(post): also
Thu May 19 00:00:00 2005 Warren Togami - 0.85.1-4 - fix dist tagging the way Enrico wants it
Wed May 18 00:00:00 2005 Oliver Falk - 0.85.1-2 - Rebuild
Wed May 18 00:00:00 2005 Oliver Falk - 0.85.1-1 - Update
Sun May 15 00:00:00 2005 Enrico Scholz - 0.85-0 - updated to 0.85
Mon May 2 00:00:00 2005 Enrico Scholz - 0.84-0 - updated to 0.84
Fri Apr 8 00:00:00 2005 Michael Schwendt - rebuilt
Tue Feb 15 23:00:00 2005 Enrico Scholz - 0:0.83-1 - updated to 0.83
Tue Feb 8 23:00:00 2005 Enrico Scholz - 0:0.82-1 - updated to 0.82 - minor spec cleanups
Fri Jan 28 23:00:00 2005 Enrico Scholz - 0:0.81-0.fdr.2 - build the package with \'--disable-zlib-vcheck\' because RH is unable to apply a fix for a 5 month old and solved security issue. Please fill your comments at https://bugzilla.redhat.com/beta/show_bug.cgi?id=131385 - added \'BuildRequires: bc\' (should work without also, but ./configure gives out ugly warnings else)
Fri Jan 28 23:00:00 2005 Enrico Scholz - 0:0.81-0.fdr.1 - updated to 0.81 - do not ship the \'clamd.milter\' daemon anymore; clamav-milter supports an internal mode now which is enabled by default - updated -milter %description
Thu Jan 20 23:00:00 2005 Enrico Scholz - 0:0.80-0.fdr.2 - s!cron.d/clamav!cron.d/clamav-update! in the %description of the -update subpackage (https://bugzilla.fedora.us/show_bug.cgi?id=1715#c39)
Wed Nov 3 23:00:00 2004 Enrico Scholz - 0:0.80-0.fdr.1 - updated to 0.80 - removed DMS, FreeBSD-HOWTO and localized docs as it is not shipped anymore - buildrequire \'curl-devel\' - renamed clamav.conf to clamd.conf (upstream change) - updated -initoff patch
Wed Sep 15 00:00:00 2004 Enrico Scholz - 0:0.75.1-0.fdr.1 - updated to 0.75.1 - use %configure, the problems with the architecture specification seem to have passed (probably because of an autoconf update) - set mode 0600 for the cron-script (required by vixie-cron) - made the cronjob a spambot and send mail about deactivated freshclam service to nearly everybody... (root, postmaster, webmaster) - other fixes in the notification cronjob
Sat Jul 24 00:00:00 2004 Enrico Scholz - 0:0.75-0.fdr.1 - updated to 0.75
Fri Jul 16 00:00:00 2004 Enrico Scholz - 0:0.74-0.fdr.2 - moved /usr/bin/clamav-config from main into -devel
Thu Jul 1 00:00:00 2004 Enrico Scholz - 0:0.74-0.fdr.1 - updated to 0.74
Tue Jun 15 00:00:00 2004 Enrico Scholz - 0:0.73-0.fdr.1 - updated to 0.73 - added pkgconfig file
Sat Jun 12 00:00:00 2004 Enrico Scholz - 0:0.72-0.fdr.3 - notify the user about a deactivated clamav-update service - added clamd-gen script which generates template spec-files for services using clamd - copied template configuration files to /usr/share/clamav/template (needed for clamd-gen) - moved the clamd-wrapper from /etc/rc.d/init.d to /usr/share/clamav; a symlink will be provided for compatibility reasons - conditionalized building of the -milter subpackage (\'--without milter\' switch) to enable builds on RH73 (bug #1715, comment #5/#7)
Sat Jun 5 00:00:00 2004 Enrico Scholz - 0:0.72-0.fdr.2 - removed \'BuildRequires: dietlibc\'; it was a leftover from the pre-use-signal era (before 0.70) (bug #1716)
Fri Jun 4 00:00:00 2004 Enrico Scholz - 0:0.72-0.fdr.1 - updated to 0.72
Fri May 21 00:00:00 2004 Enrico Scholz - 0:0.71-0.fdr.2 - removed the randomization in the cronjob; it seems to be impossible to use the mod-operator (%) there. Instead of, the user has to replace some placeholders...
Thu May 20 00:00:00 2004 Enrico Scholz - 0:0.71-0.fdr.1 - updated to 0.71
Sat May 8 00:00:00 2004 Enrico Scholz - 0:0.70-0.fdr.1.1 - quote \'EOF\' to delay $RANDOM expansion
Wed Apr 28 00:00:00 2004 Enrico Scholz - 0:0.70-0.fdr.2 - updated GECOS entry for the \'clamav\' user to describe its purpose more accurately - use explicit \'-m755\' when creating directories with install
Wed Apr 21 00:00:00 2004 Enrico Scholz - 0:0.70-0.fdr.1 - updated to 0.70; rediffed some patches - updated logrotate script to use signals and documented the steps which are needed to make it work - adapted initscript to use signals instead of sockwrite - removed sockwrite; signals can now be used to reload the database - added logfile to the -milter subpackage
Wed Apr 21 00:00:00 2004 Enrico Scholz - 0:0.68-0.fdr.2.1 - tagged some Requires:, since clamav-server is required in the milter-%post * scriptlets
Sat Mar 20 23:00:00 2004 Enrico Scholz - 0:0.68-0.fdr.2 - split the double Requires(...,...): statements; see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=118773 - require the recent fedora-usermgmt package (0.7) which fixes similar ordering issues
Thu Mar 18 23:00:00 2004 Enrico Scholz - 0:0.68-0.fdr.1 - updated to 0.68 (using the -1 version) - ship milter-files in the -milter instead of the -server subpackage
Tue Feb 24 23:00:00 2004 Enrico Scholz - 0:0.67-0.fdr.3 - fixed \':\' vs. \'.\' in chown
Tue Feb 17 23:00:00 2004 Enrico Scholz - 0:0.67-0.fdr.2 - randomize freshclam startup to prevent server peaks
Mon Feb 16 23:00:00 2004 Enrico Scholz - 0:0.67-0.fdr.1 - updated to 0.67 (using the -1 version)
Wed Feb 11 23:00:00 2004 Enrico Scholz - 0:0.66-0.fdr.2 - updated to 0.66; important, packaging-relevant changes are freshclam: * $http_proxy is not supported anymore; you have to configure it in /etc/freshclam.conf * the logfile has been renamed to /var/log/freshclam.log - removed %check section; buildroot check is implemented in local testsuite already - added some %verify(not mtime) modifiers to avoid unnecessary .rpmnew files - added some directory-Requires: - activated milter-package and made it work - added patch to disable clamav-milter service by default - renamed /var/run/clamav. to /var/run/clamd.; this makes things more consistently but can break backward compatibility. The initscript should deal with the old version too, but I would not bet on it... - updated some descriptions - fixed the update-mechanism; now it happens in two stages: at first, the files will be downloaded as user \'clamav\' and then, root initiates the daemon-reload.
Mon Feb 9 23:00:00 2004 Enrico Scholz - 0:0.65-0.fdr.5 - added security fix for http://www.securityfocus.com/archive/1/353194/2004-02-06/2004-02-12/1
|
|
|