diff options
| author | bsiegert <bsiegert@pkgsrc.org> | 2020-05-15 16:38:25 +0000 |
|---|---|---|
| committer | bsiegert <bsiegert@pkgsrc.org> | 2020-05-15 16:38:25 +0000 |
| commit | 4fb56a106e1696835296a73a4307b0270ee8f4b4 (patch) | |
| tree | 90468685de118454a8252f562c7812dc995831b0 /security/clamav/Makefile | |
| parent | f2679fe03ff43d781245e100d586595e26ccbf31 (diff) | |
| download | pkgsrc-4fb56a106e1696835296a73a4307b0270ee8f4b4.tar.gz | |
Pullup ticket #6195 - requested by taca
security/clamav: security fix
Revisions pulled up:
- security/clamav/Makefile 1.64-1.65
- security/clamav/Makefile.common 1.16
- security/clamav/distinfo 1.33
---
Module Name: pkgsrc
Committed By: adam
Date: Wed May 6 14:05:09 UTC 2020
Modified Files:
pkgsrc/security/clamav: Makefile
Log Message:
revbump after boost update
---
Module Name: pkgsrc
Committed By: taca
Date: Wed May 13 14:58:58 UTC 2020
Modified Files:
pkgsrc/security/clamav: Makefile Makefile.common distinfo
Log Message:
security/clamav: update to 0.102.3
Update clamav to 0.102.3.
## 0.102.3
ClamAV 0.102.3 is a bug patch release to address the following issues.
- [CVE-2020-3327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327):
Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that
could cause a Denial-of-Service (DoS) condition. Improper bounds checking of
an unsigned variable results in an out-of-bounds read which causes a crash.
Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ
parsing vulnerability.
- [CVE-2020-3341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341):
Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that
could cause a Denial-of-Service (DoS) condition. Improper size checking of
a buffer used to initialize AES decryption routines results in an out-of-
bounds read which may cause a crash. Bug found by OSS-Fuzz.
- Fix "Attempt to allocate 0 bytes" error when parsing some PDF documents.
- Fix a couple of minor memory leaks.
- Updated libclamunrar to UnRAR 5.9.2.
Diffstat (limited to 'security/clamav/Makefile')
| -rw-r--r-- | security/clamav/Makefile | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/security/clamav/Makefile b/security/clamav/Makefile index 256983f56c5..3e3b87beeef 100644 --- a/security/clamav/Makefile +++ b/security/clamav/Makefile @@ -1,6 +1,5 @@ -# $NetBSD: Makefile,v 1.63 2020/03/08 16:51:06 wiz Exp $ +# $NetBSD: Makefile,v 1.63.2.1 2020/05/15 16:38:25 bsiegert Exp $ -PKGREVISION= 1 .include "Makefile.common" COMMENT= Anti-virus toolkit |