[Bug 653738] Re: Microversion update SRU for clamav in Lucid

Launchpad Bug Tracker 653738 at bugs.launchpad.net
Fri Oct 22 09:32:30 BST 2010


This bug was fixed in the package clamav - 0.96.3+dfsg-
2ubuntu1.0.10.04.1

---------------
clamav (0.96.3+dfsg-2ubuntu1.0.10.04.1) lucid-proposed; urgency=low

   * Microversion update to 0.96.3 for Lucid (LP: #653738)

clamav (0.96.3+dfsg-2ubuntu1.1) maverick-proposed; urgency=low

  * PDF clamdscan crash fix (LP: #658341) - Cherry pick from Clamav git commit
    e142504b07d7f81435f6ac99ec1eedf6c08f2188, will be part of 0.96.4

clamav (0.96.3+dfsg-2ubuntu1) maverick; urgency=low

  * Merge from Debian Unstable.  Remaining Ubuntu changes:
    - Drop initial signature definitions from clamav-base
    - Drop build-dep on electric-fence (in Universe)
    - Add apparmor profiles for clamd and freshclam along with maintainer
      script changes

clamav (0.96.3+dfsg-2) unstable; urgency=low

  [ Stephen Gran ]
  * Add NotifyClamd only if set to nonempty value.

  [ Michael Tautschnig ]
  * Cherry-pick from upstream: Only enable RLIMIT_DATA warning on *BSD
    (already included in Ubuntu's 1ubuntu3) (closes: #598083).
  * Do rmdir /etc/clamav, /var/log/clamav, /var/lib/clamav in all postrms as
    we cannot count on clamav-base's postrm to be the last one being called
    (thanks piuparts).
  * Remove trailing / in freshclam's DatabaseDirectory default value
    (closes: #598084).

clamav (0.96.3+dfsg-1ubuntu4) maverick; urgency=low

  * debian/usr.sbin.clamd: updated to give read access to
    @{PROC}/[0-9]*/status and @{PROC}/filesystems. The latter is covered by
    the base abstraction, but we add it here to ease backporting.
    - LP: #645956

clamav (0.96.3+dfsg-1ubuntu3) maverick; urgency=low

  * Change from upstream to fix clamd/clamd.c to only check RLIMIT_DATA on
    FreeBSD since the check is not relevant to Linux (See clamav bug #1941 for
    details)

clamav (0.96.3+dfsg-1ubuntu2) maverick; urgency=low

  * debian/usr.bin.freshclam: updated to give read access to
    @{PROC}/[0-9]*/status and @{PROC}/filesystems. The latter is covered by
    the base abstraction, but we add it here to ease backporting.
    - LP: #645061

clamav (0.96.3+dfsg-1ubuntu1) maverick; urgency=low

    * Merge new upstream release from Debian Unstable. FFe (LP: #644707).
      Also fixes (LP: #643682).  Remaining Ubuntu changes:
      - Drop initial signature definitions from clamav-base
      - Drop build-dep on electric-fence (in Universe)
      - Add apparmor profiles for clamd and freshclam along with maintainer
        script changes
    * Fix NotifyClamd configurate in debian/clamav-freshclam.postinst
      - Cherry pick from Debian pkg-clamav Git, Thanks to Stephen Gran

clamav (0.96.3+dfsg-1) unstable; urgency=high

  [ Stephen Gran ]
  * Fixed NotifyClamd config options handling.

  [ Alberto WU ]
  * New upstream release
    - urgency=high as this addresses CVE-2010-0405
    - Reset MaxFileSize to default value if set to 0 (closes: #585479)
    - New config option ExtendedDetectionInfo (clamd.conf)

  [ Michael Tautschnig ]
  * Set data segment limit in tests to 524288 to make kfreebsd-i386 systems
    happy (closes: #591245).
  * Bumped Standards-Version to 3.9.1, no changes needed.
  * Preserve order of database mirrors (closes: #592322).
  * Added Vcs-Git and Vcs-Browser control fields.
  * Debconf translation updates
    - Italian (closes: #597307)
  * We'll stay with 1.0 Debian source format for now, added proper
    debian/source/format

clamav (0.96.1+dfsg-3ubuntu5.1) maverick; urgency=low

  * SECURITY UPDATE: fix integer overflow in BZ2_decompress()
    - libclamav/nsis/bzlib.c: return error if N is larger than 2*1024^2 which
      keeps us from overflowing but leaves enough room for the 900k maximum
      value of the RUNA/RUNB encoding
    - patch based on upstream bzip2
    - LP: #625849
    - CVE-2010-0405

clamav (0.96.1+dfsg-3ubuntu5) maverick; urgency=low

  * Revert bump in debhelper version requirement since we aren't using
    dh_apparmor

clamav (0.96.1+dfsg-3ubuntu4) maverick; urgency=low

  * debian/rules, debian/clamav-daemon.post{inst.in,rm},
    debian/clamav-freshclam.post{inst.in,rm}: don't use dh_apparmor but
    instead put it would dh_apparmor would do, since dh_apparmor isn't
    available in backports. Thanks to Scott Kitterman for pointint this
    out.

clamav (0.96.1+dfsg-3ubuntu3) maverick; urgency=low

  * debian/rules: move dh_apparmor before dh_installinit
  * debian/clamav-freshclam.postinst: move #DEBHELPER# to top, so it is
    added before starting freshclam

clamav (0.96.1+dfsg-3ubuntu2) maverick; urgency=low

  * update to use dh_apparmor:
    - debian/rules, debian/clamav-daemon.post{inst.in,rm},
      debian/clamav-freshclam.post{inst.in,rm}: updated to use dh_apparmor
    - debian/control: Build-Depends on debhelper >= 7.4.20ubuntu5
  * debian/usr.sbin.clamd and debian/usr.bin.freshclam: updated to use local
    include

clamav (0.96.1+dfsg-3ubuntu1) maverick; urgency=low

  * Merge from Debian Unstable.  Remaining Ubuntu changes:
    - Drop initial signature definitions from clamav-base
    - Drop build-dep on electric-fence (in Universe)
    - Add apparmor profiles for clamd and freshclam along with maintainer
      script changes
    - Detect incorrect value for clamav-freshclam/NotifyClamd and set it to
      true
    - Correct for differences between the Ubuntu and Debian orig.tar.gz in
      diff.gz (added win32 makefile targets, contrib/split-tarball.sh, and
      docs/man/clambc.1)

clamav (0.96.1+dfsg-3) unstable; urgency=low

  [ Michael Tautschnig ]
  * Increase memory limit for tests (closes: #590271).

clamav (0.96.1+dfsg-2) unstable; urgency=low

  [ Michael Tautschnig ]
  * Really ship clamav-milter.conf man page (closes: #585160)
  * Really fix PowerPC issue (closes: #587738, #579960)
  * Debconf translation updates
    - German (closes: #585482)
    - Russian (closes: #585691)
    - French (closes: #585894)
  * Copied BSD license text from concerned files into debian/copyright, as
    suggested by lintian.
  * Bumped Standards-Version to 3.9.0, no changes needed.

clamav (0.96.1+dfsg-1) unstable; urgency=medium

  [ Stephen Gran ]
  * Only manipulate /etc/aliases on fresh install (closes: #580020)
  * Handle RejectMsg with special care when upgrading (closes: #581410)
  * 0 is a valid value for StreamMaxLength, handle it properly (closes: #581408)

  [ Alberto WU ]
  * New upstream release
    - Includes PowerPC workaround (closes: #579960)
    - Ships clamav-milter.conf man page (closes: #565208)
    - Fixes CVE-2010-1639, CVE-2010-1640 (closes: #584183)

  [ Scott Kitterman ]
  * Add support for new TestDatabases option in
    debian/clamav-freshclam.postinst.in (match upstream default of yes)
  * Add VirusAction option to debian/clamav-milter.postinst.in

  [ Michael Tautschnig ]
  * Debconf translation updates
    - French (closes: #579827)
    - Swedish (closes: #580143)
    - Spanish (closes: #581735)

clamav (0.96.1+dfsg-0ubuntu2) maverick; urgency=low

  * Enhance README.Debian discssion of apparmor profiles to include Freshclam
    based on the discussion in lp #585026

clamav (0.96.1+dfsg-0ubuntu1) maverick; urgency=low

  * New upstream release
    - Remove non-free libclamunrar directory and repack +dfsg tarball
    - Remove win32/ for size reasons since the tarball is repacked already and
      adjust Makefile.in/am
    - Add support for new TestDatabases option in debian/clamav-
      freshclam.postinst.in (match upstream default of yes)
    - Add VirusAction option to debian/clamav-milter.postinst.in
    - Drop powerpc clamd fix, incorporated upstream
    - Drop diff in docs/man/clamd.conf.5.in, incorporated upstream
    - Drop addition of COPYING.llvm, incorporated upstream
  * Remaining differences from Debian:
    - Drop initial signature definitions from clamav-base
    - Drop build-dep on electric-fence (in Universe)
    - Add apparmor profiles for clamd and freshclam along with maintainer
      script changes
    - Detect incorrect value for clamav-freshclam/NotifyClamd and set it to true

clamav (0.96+dfsg-4) unstable; urgency=low

  [ Stephen Gran ]
  * Fixed typo in clamav-milter's postinst

  [ Michael Tautschnig ]
  * Fixed typo in clamav-freshclam's postinst (closes: #579271)
  * Debconf translation updates
    - Portuguese (closes: #579068)
 -- Scott Kitterman <scott at kitterman.com>   Mon, 11 Oct 2010 09:33:08 -0400

** Changed in: clamav (Ubuntu Lucid)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-0405

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-1639

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-1640

-- 
Microversion update SRU for clamav in Lucid
https://bugs.launchpad.net/bugs/653738
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to clamav in ubuntu.



More information about the Ubuntu-server-bugs mailing list