diff options
| author | taca <taca@pkgsrc.org> | 2020-05-13 14:58:58 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2020-05-13 14:58:58 +0000 |
| commit | f2e5035757cd6410223f8a9883a34b99ea3b57f6 (patch) | |
| tree | edec09d1909666ed34528fddae6a6b0e6f756a6d /security | |
| parent | 814f7913bb4a832024df28862412d0ddaeebcb0b (diff) | |
| download | pkgsrc-f2e5035757cd6410223f8a9883a34b99ea3b57f6.tar.gz | |
security/clamav: update to 0.102.3
Update clamav to 0.102.3.
## 0.102.3
ClamAV 0.102.3 is a bug patch release to address the following issues.
- [CVE-2020-3327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327):
Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that
could cause a Denial-of-Service (DoS) condition. Improper bounds checking of
an unsigned variable results in an out-of-bounds read which causes a crash.
Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ
parsing vulnerability.
- [CVE-2020-3341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341):
Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that
could cause a Denial-of-Service (DoS) condition. Improper size checking of
a buffer used to initialize AES decryption routines results in an out-of-
bounds read which may cause a crash. Bug found by OSS-Fuzz.
- Fix "Attempt to allocate 0 bytes" error when parsing some PDF documents.
- Fix a couple of minor memory leaks.
- Updated libclamunrar to UnRAR 5.9.2.
Diffstat (limited to 'security')
| -rw-r--r-- | security/clamav/Makefile | 3 | ||||
| -rw-r--r-- | security/clamav/Makefile.common | 4 | ||||
| -rw-r--r-- | security/clamav/distinfo | 10 |
3 files changed, 8 insertions, 9 deletions
diff --git a/security/clamav/Makefile b/security/clamav/Makefile index 4529fc5ab8b..4bec1c33de4 100644 --- a/security/clamav/Makefile +++ b/security/clamav/Makefile @@ -1,6 +1,5 @@ -# $NetBSD: Makefile,v 1.64 2020/05/06 14:04:59 adam Exp $ +# $NetBSD: Makefile,v 1.65 2020/05/13 14:58:58 taca Exp $ -PKGREVISION= 2 .include "Makefile.common" COMMENT= Anti-virus toolkit diff --git a/security/clamav/Makefile.common b/security/clamav/Makefile.common index f7d1f7a8f6b..b226fe936f0 100644 --- a/security/clamav/Makefile.common +++ b/security/clamav/Makefile.common @@ -1,9 +1,9 @@ -# $NetBSD: Makefile.common,v 1.15 2020/02/15 02:40:43 taca Exp $ +# $NetBSD: Makefile.common,v 1.16 2020/05/13 14:58:58 taca Exp $ # # used by security/clamav/Makefile # used by security/clamav-doc/Makefile -DISTNAME= clamav-0.102.2 +DISTNAME= clamav-0.102.3 CATEGORIES= security MASTER_SITES= http://www.clamav.net/downloads/production/ diff --git a/security/clamav/distinfo b/security/clamav/distinfo index 619d90d777a..d0c01f1d478 100644 --- a/security/clamav/distinfo +++ b/security/clamav/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.32 2020/02/15 02:40:43 taca Exp $ +$NetBSD: distinfo,v 1.33 2020/05/13 14:58:58 taca Exp $ -SHA1 (clamav-0.102.2.tar.gz) = 9adabeac41736770aa22ae1ee1f8aba9e253cfaa -RMD160 (clamav-0.102.2.tar.gz) = a1ef9999257f02ca55abc8da73b4456e0f02ec80 -SHA512 (clamav-0.102.2.tar.gz) = 7db53e0e2b4d6b0e4cf5048d3c9dfbcabcffd680c3a2b718c763b9599b0c1c14e56bae70c54c251ee9e8fd1acd3134657196dbaad2d23a16bad76a088c6fc41f -Size (clamav-0.102.2.tar.gz) = 13227538 bytes +SHA1 (clamav-0.102.3.tar.gz) = c6397a35f4ae77a3aa3241551120da45662d1f39 +RMD160 (clamav-0.102.3.tar.gz) = 85d1f1f607edfc9b8deeb68aaba39f0875b31863 +SHA512 (clamav-0.102.3.tar.gz) = d239718814b303fb0f1655d9bdaf3675d888eea57e786d927eafabb7b6f58cd7f5fb7dc149511c2af6f800dcc919f2e1d6954110d45b9e16619c632e8d2b37f2 +Size (clamav-0.102.3.tar.gz) = 13226108 bytes SHA1 (patch-Makefile.in) = a11766ea353d81fb281a07c8120e8a1f5c8dc60f SHA1 (patch-aa) = 8539a90ac5591c86f7e9f6b8c073f36523f221a5 SHA1 (patch-ab) = 78793f0267ce8c820b51937186dc17dabb4a1ccf |