[ubuntu/eoan-proposed] clamav 0.101.2+dfsg-1ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue Apr 23 16:01:19 UTC 2019
clamav (0.101.2+dfsg-1ubuntu1) eoan; urgency=medium
* Sync with Debian. Remaining change:
- clamav-daemon may fail to start due to options removed in new version
and manually edited configuration file. (LP #1783632)
+ debian/patches/Deprecate-unused-options-instead-of-removing-it.patch:
add patch from Debian stretch to simply warn about removed options.
clamav (0.101.2+dfsg-1) unstable; urgency=high
* Import 0.101.2
- CVE-2019-1787 (An out-of-bounds heap read condition may occur when
scanning PDF documents)
- CVE-2019-1789 (An out-of-bounds heap read condition may occur when
scanning PE files)
- CVE-2019-1788 (An out-of-bounds heap write condition may occur when
scanning OLE2 files)
- CVE-2019-1786 (An out-of-bounds heap read condition may occur when
scanning malformed PDF documents)
- CVE-2019-1785 (A path-traversal write condition may occur as a result of
improper input validation when scanning RAR archives)
- CVE-2019-1798 (A use-after-free condition may occur as a result of
improper error handling when scanning nested RAR archives)
- update symbols file
- Remove DetectBrokenExecutables option from clamd template, it is
deprecated.
* Drop the dbgsym migration line.
* Bump standards-version to 4.3.0 without further change
clamav (0.101.1+dfsg-3) unstable; urgency=medium
* Upload to unstable.
clamav (0.101.1+dfsg-2) experimental; urgency=medium
[ Scott Kitterman ]
* Add information to README.Debian on configuring clamav-milter's socket to
work with postfix
[ Sebastian Andrzej Siewior ]
* debian/libclamav-dev.install: also install clamav-types.h
clamav (0.101.1+dfsg-1) experimental; urgency=medium
[ Scott Kitterman ]
* Update debian/copyright
* Add Build-Depends-Package to libclamav9.symbols
* Update clamav-docs.doc-base for re-organized documentation
* Add lintian override for source-is-missing on test file that happens
to have long line length
* Drop build-depends on electric-fence, upstream no longer ships the
relevant tests that used it
[ Sebastian Andrzej Siewior ]
* Import 0.101.1
- update symbol file
- add back the json/curl configure options (don't rely on autodetect).
* Add abstractions/openssl to apparmor's profile. Thanks to intrigeri for
the help (Closes: #913020).
* Load the apparmor profile before starting the daemon. Thanks to intrigeri
for the help (Closes: #903834).
* Add attach_disconnected to freshclam's apparmor profile to hopefully get
it properly working in overlayfs enviroment. Thanks to Vincas Dargis
(Closes: #917648).
clamav (0.101.0+dfsg-1) experimental; urgency=medium
[ Scott Kitterman ]
* Increase clamd socket command read timeout to 30 seconds (Closes: #915098)
[ Sebastian Andrzej Siewior ]
* Import new upstream release.
- update symbol file.
- add new options to the config file.
- package libclamav9
Date: Tue, 23 Apr 2019 11:40:41 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/clamav/0.101.2+dfsg-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 23 Apr 2019 11:40:41 -0400
Source: clamav
Architecture: source
Version: 0.101.2+dfsg-1ubuntu1
Distribution: eoan
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Closes: 903834 913020 915098 917648
Changes:
clamav (0.101.2+dfsg-1ubuntu1) eoan; urgency=medium
.
* Sync with Debian. Remaining change:
- clamav-daemon may fail to start due to options removed in new version
and manually edited configuration file. (LP #1783632)
+ debian/patches/Deprecate-unused-options-instead-of-removing-it.patch:
add patch from Debian stretch to simply warn about removed options.
.
clamav (0.101.2+dfsg-1) unstable; urgency=high
.
* Import 0.101.2
- CVE-2019-1787 (An out-of-bounds heap read condition may occur when
scanning PDF documents)
- CVE-2019-1789 (An out-of-bounds heap read condition may occur when
scanning PE files)
- CVE-2019-1788 (An out-of-bounds heap write condition may occur when
scanning OLE2 files)
- CVE-2019-1786 (An out-of-bounds heap read condition may occur when
scanning malformed PDF documents)
- CVE-2019-1785 (A path-traversal write condition may occur as a result of
improper input validation when scanning RAR archives)
- CVE-2019-1798 (A use-after-free condition may occur as a result of
improper error handling when scanning nested RAR archives)
- update symbols file
- Remove DetectBrokenExecutables option from clamd template, it is
deprecated.
* Drop the dbgsym migration line.
* Bump standards-version to 4.3.0 without further change
.
clamav (0.101.1+dfsg-3) unstable; urgency=medium
.
* Upload to unstable.
.
clamav (0.101.1+dfsg-2) experimental; urgency=medium
.
[ Scott Kitterman ]
* Add information to README.Debian on configuring clamav-milter's socket to
work with postfix
.
[ Sebastian Andrzej Siewior ]
* debian/libclamav-dev.install: also install clamav-types.h
.
clamav (0.101.1+dfsg-1) experimental; urgency=medium
.
[ Scott Kitterman ]
* Update debian/copyright
* Add Build-Depends-Package to libclamav9.symbols
* Update clamav-docs.doc-base for re-organized documentation
* Add lintian override for source-is-missing on test file that happens
to have long line length
* Drop build-depends on electric-fence, upstream no longer ships the
relevant tests that used it
.
[ Sebastian Andrzej Siewior ]
* Import 0.101.1
- update symbol file
- add back the json/curl configure options (don't rely on autodetect).
* Add abstractions/openssl to apparmor's profile. Thanks to intrigeri for
the help (Closes: #913020).
* Load the apparmor profile before starting the daemon. Thanks to intrigeri
for the help (Closes: #903834).
* Add attach_disconnected to freshclam's apparmor profile to hopefully get
it properly working in overlayfs enviroment. Thanks to Vincas Dargis
(Closes: #917648).
.
clamav (0.101.0+dfsg-1) experimental; urgency=medium
.
[ Scott Kitterman ]
* Increase clamd socket command read timeout to 30 seconds (Closes: #915098)
.
[ Sebastian Andrzej Siewior ]
* Import new upstream release.
- update symbol file.
- add new options to the config file.
- package libclamav9
Checksums-Sha1:
fad5508c7739f89ba01bd89db624b6a4855a08bc 3067 clamav_0.101.2+dfsg-1ubuntu1.dsc
7f723ff0a4ce24ef821947fd3832e3f54e17a875 4719692 clamav_0.101.2+dfsg.orig.tar.xz
660fdead8d1301c6a757aaec989ffe9f7d46117d 219340 clamav_0.101.2+dfsg-1ubuntu1.debian.tar.xz
06c90436b74b1b8ecaec78ac35de381be6946cf6 8048 clamav_0.101.2+dfsg-1ubuntu1_source.buildinfo
Checksums-Sha256:
cf9cd5994912f4f3b3512c62f3147c1bdbeb1c83f52ca5b9b37a48ba34970c89 3067 clamav_0.101.2+dfsg-1ubuntu1.dsc
cba35ae624028c36aec28cf15d2f72a5508e3ce6ac50462323c4935180de79d6 4719692 clamav_0.101.2+dfsg.orig.tar.xz
5d4373aef44da8d8e05316341c8787341d16d9044a7db3df4d73784d827320d6 219340 clamav_0.101.2+dfsg-1ubuntu1.debian.tar.xz
8fbf474070d772cb08dee38f65a44855ef9b8922cbbac559a506cb3f1dd2a0aa 8048 clamav_0.101.2+dfsg-1ubuntu1_source.buildinfo
Files:
a9f06f977022c47c20bc299d6e35afac 3067 utils optional clamav_0.101.2+dfsg-1ubuntu1.dsc
adb899220a8d57720c282ee4f911c610 4719692 utils optional clamav_0.101.2+dfsg.orig.tar.xz
07a682da20cdc84d71a4065b98fbedad 219340 utils optional clamav_0.101.2+dfsg-1ubuntu1.debian.tar.xz
70e8570686fd33e5f1cb258472ff53a3 8048 utils optional clamav_0.101.2+dfsg-1ubuntu1_source.buildinfo
Original-Maintainer: ClamAV Team <pkg-clamav-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAly/NUgACgkQZWnYVadE
vpMNJhAAlQHZ/vhUKI1fYarHvKkjLoAlirWQJHthedanLYXIySA4n4tIgozK+16p
nQkUjIQPmpH1JIYxtC8iBiUSMtm2XTGlnQFwdPHnqzu8DRuIoRmstGXasRuO/gBo
3Pj4RId8fmbtLtivv7a6SIWEUnMYiX5qTm3KzXqNkWbalBZ1RKeIrmpGWh1migOi
+0cKuRXmAdjIxDa7rusVDeeZMI/BwgdX6wsyYY150pGjh71BbNWiOsskx3QW5rvi
OSquyOiHFzEsNLG3S+JcfOcI6kYMhS69DrRC6ihW98HPzeFfH+4JpF7KfifZHlzs
MCzTssfrL18IeW7woUXAFiCsl6ghZOHLZWYopWWW1lNwUNE94oGD3HHGHY2l01J7
v//T5mzrjNWdbPYV8el5gyHhC9UpeTu2p6km1urIMPjMJHHKQBp4rj2aBi3eml8B
LcoYc84z5kjPK7T3NuleNb83Jix+Xk/9RNip6sld89vKR6Lgphi1hXRERp5hZB5p
DSqcSCw3XGHwtrgtevqC/EzK7DA+RC+YUyBWjS3909zmOvdX+NjALeEdvMPiwB0Y
OyvChd4UbpG/sx2Lx8Tj/9E3GkfhXFsUE2j/6myEJ4dJcGrjSacEJ1AGs96lA464
3soYebPe/KsMIvGdEQJYTrC538bYjuovXQv+3v0CUKD0f3EzrFs=
=y1oC
-----END PGP SIGNATURE-----
More information about the Eoan-changes
mailing list