[Bug 653738] Re: Microversion update SRU for clamav in Lucid
Launchpad Bug Tracker
653738 at bugs.launchpad.net
Fri Oct 22 09:32:30 BST 2010
This bug was fixed in the package clamav - 0.96.3+dfsg-
2ubuntu1.0.10.04.1
---------------
clamav (0.96.3+dfsg-2ubuntu1.0.10.04.1) lucid-proposed; urgency=low
* Microversion update to 0.96.3 for Lucid (LP: #653738)
clamav (0.96.3+dfsg-2ubuntu1.1) maverick-proposed; urgency=low
* PDF clamdscan crash fix (LP: #658341) - Cherry pick from Clamav git commit
e142504b07d7f81435f6ac99ec1eedf6c08f2188, will be part of 0.96.4
clamav (0.96.3+dfsg-2ubuntu1) maverick; urgency=low
* Merge from Debian Unstable. Remaining Ubuntu changes:
- Drop initial signature definitions from clamav-base
- Drop build-dep on electric-fence (in Universe)
- Add apparmor profiles for clamd and freshclam along with maintainer
script changes
clamav (0.96.3+dfsg-2) unstable; urgency=low
[ Stephen Gran ]
* Add NotifyClamd only if set to nonempty value.
[ Michael Tautschnig ]
* Cherry-pick from upstream: Only enable RLIMIT_DATA warning on *BSD
(already included in Ubuntu's 1ubuntu3) (closes: #598083).
* Do rmdir /etc/clamav, /var/log/clamav, /var/lib/clamav in all postrms as
we cannot count on clamav-base's postrm to be the last one being called
(thanks piuparts).
* Remove trailing / in freshclam's DatabaseDirectory default value
(closes: #598084).
clamav (0.96.3+dfsg-1ubuntu4) maverick; urgency=low
* debian/usr.sbin.clamd: updated to give read access to
@{PROC}/[0-9]*/status and @{PROC}/filesystems. The latter is covered by
the base abstraction, but we add it here to ease backporting.
- LP: #645956
clamav (0.96.3+dfsg-1ubuntu3) maverick; urgency=low
* Change from upstream to fix clamd/clamd.c to only check RLIMIT_DATA on
FreeBSD since the check is not relevant to Linux (See clamav bug #1941 for
details)
clamav (0.96.3+dfsg-1ubuntu2) maverick; urgency=low
* debian/usr.bin.freshclam: updated to give read access to
@{PROC}/[0-9]*/status and @{PROC}/filesystems. The latter is covered by
the base abstraction, but we add it here to ease backporting.
- LP: #645061
clamav (0.96.3+dfsg-1ubuntu1) maverick; urgency=low
* Merge new upstream release from Debian Unstable. FFe (LP: #644707).
Also fixes (LP: #643682). Remaining Ubuntu changes:
- Drop initial signature definitions from clamav-base
- Drop build-dep on electric-fence (in Universe)
- Add apparmor profiles for clamd and freshclam along with maintainer
script changes
* Fix NotifyClamd configurate in debian/clamav-freshclam.postinst
- Cherry pick from Debian pkg-clamav Git, Thanks to Stephen Gran
clamav (0.96.3+dfsg-1) unstable; urgency=high
[ Stephen Gran ]
* Fixed NotifyClamd config options handling.
[ Alberto WU ]
* New upstream release
- urgency=high as this addresses CVE-2010-0405
- Reset MaxFileSize to default value if set to 0 (closes: #585479)
- New config option ExtendedDetectionInfo (clamd.conf)
[ Michael Tautschnig ]
* Set data segment limit in tests to 524288 to make kfreebsd-i386 systems
happy (closes: #591245).
* Bumped Standards-Version to 3.9.1, no changes needed.
* Preserve order of database mirrors (closes: #592322).
* Added Vcs-Git and Vcs-Browser control fields.
* Debconf translation updates
- Italian (closes: #597307)
* We'll stay with 1.0 Debian source format for now, added proper
debian/source/format
clamav (0.96.1+dfsg-3ubuntu5.1) maverick; urgency=low
* SECURITY UPDATE: fix integer overflow in BZ2_decompress()
- libclamav/nsis/bzlib.c: return error if N is larger than 2*1024^2 which
keeps us from overflowing but leaves enough room for the 900k maximum
value of the RUNA/RUNB encoding
- patch based on upstream bzip2
- LP: #625849
- CVE-2010-0405
clamav (0.96.1+dfsg-3ubuntu5) maverick; urgency=low
* Revert bump in debhelper version requirement since we aren't using
dh_apparmor
clamav (0.96.1+dfsg-3ubuntu4) maverick; urgency=low
* debian/rules, debian/clamav-daemon.post{inst.in,rm},
debian/clamav-freshclam.post{inst.in,rm}: don't use dh_apparmor but
instead put it would dh_apparmor would do, since dh_apparmor isn't
available in backports. Thanks to Scott Kitterman for pointint this
out.
clamav (0.96.1+dfsg-3ubuntu3) maverick; urgency=low
* debian/rules: move dh_apparmor before dh_installinit
* debian/clamav-freshclam.postinst: move #DEBHELPER# to top, so it is
added before starting freshclam
clamav (0.96.1+dfsg-3ubuntu2) maverick; urgency=low
* update to use dh_apparmor:
- debian/rules, debian/clamav-daemon.post{inst.in,rm},
debian/clamav-freshclam.post{inst.in,rm}: updated to use dh_apparmor
- debian/control: Build-Depends on debhelper >= 7.4.20ubuntu5
* debian/usr.sbin.clamd and debian/usr.bin.freshclam: updated to use local
include
clamav (0.96.1+dfsg-3ubuntu1) maverick; urgency=low
* Merge from Debian Unstable. Remaining Ubuntu changes:
- Drop initial signature definitions from clamav-base
- Drop build-dep on electric-fence (in Universe)
- Add apparmor profiles for clamd and freshclam along with maintainer
script changes
- Detect incorrect value for clamav-freshclam/NotifyClamd and set it to
true
- Correct for differences between the Ubuntu and Debian orig.tar.gz in
diff.gz (added win32 makefile targets, contrib/split-tarball.sh, and
docs/man/clambc.1)
clamav (0.96.1+dfsg-3) unstable; urgency=low
[ Michael Tautschnig ]
* Increase memory limit for tests (closes: #590271).
clamav (0.96.1+dfsg-2) unstable; urgency=low
[ Michael Tautschnig ]
* Really ship clamav-milter.conf man page (closes: #585160)
* Really fix PowerPC issue (closes: #587738, #579960)
* Debconf translation updates
- German (closes: #585482)
- Russian (closes: #585691)
- French (closes: #585894)
* Copied BSD license text from concerned files into debian/copyright, as
suggested by lintian.
* Bumped Standards-Version to 3.9.0, no changes needed.
clamav (0.96.1+dfsg-1) unstable; urgency=medium
[ Stephen Gran ]
* Only manipulate /etc/aliases on fresh install (closes: #580020)
* Handle RejectMsg with special care when upgrading (closes: #581410)
* 0 is a valid value for StreamMaxLength, handle it properly (closes: #581408)
[ Alberto WU ]
* New upstream release
- Includes PowerPC workaround (closes: #579960)
- Ships clamav-milter.conf man page (closes: #565208)
- Fixes CVE-2010-1639, CVE-2010-1640 (closes: #584183)
[ Scott Kitterman ]
* Add support for new TestDatabases option in
debian/clamav-freshclam.postinst.in (match upstream default of yes)
* Add VirusAction option to debian/clamav-milter.postinst.in
[ Michael Tautschnig ]
* Debconf translation updates
- French (closes: #579827)
- Swedish (closes: #580143)
- Spanish (closes: #581735)
clamav (0.96.1+dfsg-0ubuntu2) maverick; urgency=low
* Enhance README.Debian discssion of apparmor profiles to include Freshclam
based on the discussion in lp #585026
clamav (0.96.1+dfsg-0ubuntu1) maverick; urgency=low
* New upstream release
- Remove non-free libclamunrar directory and repack +dfsg tarball
- Remove win32/ for size reasons since the tarball is repacked already and
adjust Makefile.in/am
- Add support for new TestDatabases option in debian/clamav-
freshclam.postinst.in (match upstream default of yes)
- Add VirusAction option to debian/clamav-milter.postinst.in
- Drop powerpc clamd fix, incorporated upstream
- Drop diff in docs/man/clamd.conf.5.in, incorporated upstream
- Drop addition of COPYING.llvm, incorporated upstream
* Remaining differences from Debian:
- Drop initial signature definitions from clamav-base
- Drop build-dep on electric-fence (in Universe)
- Add apparmor profiles for clamd and freshclam along with maintainer
script changes
- Detect incorrect value for clamav-freshclam/NotifyClamd and set it to true
clamav (0.96+dfsg-4) unstable; urgency=low
[ Stephen Gran ]
* Fixed typo in clamav-milter's postinst
[ Michael Tautschnig ]
* Fixed typo in clamav-freshclam's postinst (closes: #579271)
* Debconf translation updates
- Portuguese (closes: #579068)
-- Scott Kitterman <scott at kitterman.com> Mon, 11 Oct 2010 09:33:08 -0400
** Changed in: clamav (Ubuntu Lucid)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-0405
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-1639
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-1640
--
Microversion update SRU for clamav in Lucid
https://bugs.launchpad.net/bugs/653738
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to clamav in ubuntu.
More information about the Ubuntu-server-bugs
mailing list