| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Part of PR/32554
|
|
* libclamav/pdf.c: fix crashes
* libclamav/pe_icons.c: off by one while
* libclamav: fix detection of embedded executables
* libclamav/matcher-ac.c: fix offset handling for sigs with {x-y} wildcards
* freshclam/manager.c: fix error path infinite loop
* clamd/clamd.c: fix RLIMIT_DATA setting on BSD
* freshclam: improve mirror management
* libclamav: fix possible use of uninitialized values
* libclamav: Set the unreliability flag on (un)packed files
* libclamav/c++: Update embedded copy of LLVM to version 2.8
* freshclam: make query format backward compatible
* freshclam: get detection stats directly from clamd
* libclamav/cache.c,c++/bytecode2llvm.cpp}: make cl_load thread safe
* freshclam: load database in subprocess
* clamd: add new commands DETSTATS and DETSTATSCLEAR
* libclamav/7z.c: fix file descriptor leak
* clamd, libclamavll: add ability to logg messages from libclamav
* libclamav/builtin_bytecodes.h: Don't disable JIT on pentium4
|
|
|
|
fail to parse some PDF files. Bump PKGREVISION.
|
|
* This is a bugfix release recommended for all users.
|
|
This release fixes problems with the PDF parser and the internal bzip2 library.
A complete list of changes is available in the Changelog file.
|
|
|
|
* contrib: add safe_clamd from Luca
* freshclam: uses private symbol which changed proto, change name to prevent
crash
* libclamav: fix callback_sigload
* clamdscan: fix parsing of virus names in extended mode and --stream
* libclamav/c++/detect.cpp: Mac OS X can run 64-bit apps on 32-bit kernel
* libclamav/others.h: bump f-level
* sigtool/sigtool.c: fix handling of --datadir
* libclamav/matcher-ac.c: improve offset handling
* libclamav/7z/Archive/7z/7zDecode.c: shut up a warning
* libclamav/autoit.c: properly resume from empty files regression introduced
in ac867aad
* libclamav/elf.c: fix zero mem alloc warning
* win32: fix libclamav's triple and fix GetVersion
* libclamav/bytecode.c: save lsig counts/offsets
* libclamav/{bytecode,matcher}.c: matchicon API
* libclamav/pe_icons.c: BE fixes
* more...
|
|
* Lots of bug fixes
|
|
This release of ClamAV introduces new malware detection mechanisms and other
significant improvements to the scan engine. The key features include:
- The Bytecode Interpreter: the interpreter built into LibClamAV allows
the signature writers to create and distribute very complex detection
routines and remotely enhance the scanner's functionality
- Heuristic improvements: improve the PE heuristics detection engine by
adding support of bogus icons and fake PE header information. In a
nutshell, ClamAV can now detect malware that tries to disguise itself
as a harmless application by using the most common Windows program icons.
- Signature Improvements: logical signature improvements to allow more
detailed matching and referencing groups of signatures. Additionally,
improvements to wildcard matching on word boundaries and newlines.
- Support for new archives: 7zip, InstallShield and CPIO. LibClamAV
can now transparently unpack and inspect their contents.
- Support for new executable file formats: 64-bit ELF files and OS X
Universal Binaries with Mach-O files. Additionally, the PE module
can now decompress and inspect executables packed with UPX 3.0.
- Support for DazukoFS in clamd
- Performance improvements: overall performance improvements and memory
optimizations for a better overall resource utilization experience.
- Native Windows Support: ClamAV will now build natively under Visual
Studio. This will allow 3rd Party application developers on Windows
to easily integrate LibClamAV into their applications.
The complete list of changes is available in the ChangeLog file. For upgrade
notes and tips please see: https://wiki.clamav.net/Main/UpgradeNotes096
|
|
|
|
* bug fixes
|
|
* Lots of bug fixes (see the ChangeLog for details)
|
|
|
|
Lots of bug fixes, see http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog
for details.
|
|
* Google Safe Browsing support.
* New clamav-milter.
* Clamd extensions.
* Improved API.
* ClamdTOP.
* Memory Pool Allocator.
* Unified Option Parser.
|
|
Lots of bug fixes, including
* clamd: LogFileUnlock was not working correctly (bb#1304)
* freshclam/manager.c: add support for http proxy in SubmitDetectionStats
(bb#1284)
* unit_tests/valgrind.supp: add more valgrind suppressions (bb#1283,#1286,#1294)
* libclamav/readdb.c: fix handling of malformed ldb sigs (bb#1292)
* freshclam/manager.c: improve reporting of server failures (bb#777)
* clamscan/manager.c: fix double-slash when scanning the root dir (bb#1263)
* libclamav/nsis: improve lateny (bb#1180)
* libclamunrar/unrar.c: avoid rar_malloc warnings on damaged files (bb #1290)
* libclamav/htmlnorm.c: fix memory leak (bb #1291)
|
|
* Bug fixes
|
|
* Lots of bug fixes
I removed patch-ba and tested this on NetBSD/i386 3.1.1_PATCH and
NetBSD/amd64 4.0_STABLE and everything seems to work...
|
|
* fix handling of .cld files
* libclamav/ole2_extract.c, sigtool: make sigtool compatible with the new
OLE2 scan scheme (bb#1086)
* libclamav/petite.c: fix another out of bounds memory read (bb#1000)
Reported by Secunia (CVE-2008-2713)
* clamd/others.c: add missing checks for recv() failures (bb#1079)
* libclamav/scanners.c: add missing check for file open failure (bb #1083).
* sigtool/sigtool.c: make use of the UNLINK command in cdiffs (bb#1080)
* sigtool/sigtool.c: verify MD5's in --run-cdiff
* libclamav/matcher-ac.c: fix handling of nodes which also match single
bytes (bb#1054)
* libclamav: faster loading of uncompressed .cld files, also fixes bb#1064
* merge r3816 from trunk (bb #947, AIX name collisions)
* freshclam/manager.c: add missing closesocket on error path (bb #1073).
|
|
* libclamav/petite.c: fix possible invalid memory access (bb#1000)
Reported by Damian Put
* clamdscan/clamdscan.c: don't show scan summary when clamd cannot be
contacted (bb#1041)
* libclamav/hashtab.[ch], scanners.c: avoid using C99 flexible array members
(bb #1039)
* libclamav/unzip.c: correct the previous fix
* libclamav/unzip.c: check for unprefixed bz2 - bb#1038
* libclamav/ole2_extract.c: revert last commit
* libclamav/ole2_extract.c: use cli_unlink
* libclamav/ole2_extract.c: partial scan of broken ole files
* contrib/init/RedHat: check for already running clamav-milter (bb #823)
* libclamav/regex: avoid name collisions on AIX (bb #947)
sync with libc: minor cleanups
* doc/clamdoc.tex: add a note about forking daemons (bb#906)
* libclamav/Makefile.am: link .la files first, this
should avoid linking to old libclamav as in bb #931
* libclamav/readdb.h: read daily.cfg stored inside .cld containers (bb#1006)
* libclamav/mbox.c, shared/network.c: prevent uninitialized use of hostent
structure (bb #1003).
* libclamav/mspack.c: downgrade some error messages (bb#911)
* clamav-milter: retrieve db version from daily.cld (bb#942)
* libclamav/scanners.c: don't return CL_EMAX* error codes to
applications (bb#1001)
* clamscan/manager.c: print information about clean files when the RAR
code is not compiled-in (bb#999)
* libclamav/unzip.c: remove detection of Suspect.Zip and
Exploit.Zip.ModifiedHeaders (bb#997)
* libclamav: scan for embedded PEs inside OLE2 files (bb#914)
* libclamav/cvd.c: add work-around for zlib issues with mixed data (bb#932)
* libclamav/others.h: explicitely cast some constants (bb#936)
* sigtool/sigtool.c: bb#938 (sigtool --list-sigs not working with .cld files)
* libclamav/dconf.h: fix flag code assignment (bb #952)
* libclamav/iana_tld.h, libclamav/phishcheck.c: update TLD list (bb #925)
|
|
http://secunia.com/secunia_research/2008-11/advisory/
http://www.frsirt.com/english/advisories/2008/1218
Changes since 0.92.1
This release introduces many new features and engine enhancements, please
see the notes below for the list of major changes. The most visible one
is the new logic in scan limits which affects some command line and config
options of clamscan and clamd. Please see clamscan(1) and clamd.conf(5)
and the example config file for more information on the new options.
Most important changes include:
* libclamav:
- New logic in scan limits: provides much more efficient protection against
DoS attacks but also results in different command line and config options
to clamscan and clamd (see below)
- New/improved modules: unzip, SIS, cabinet, CHM, SZDD, text normalisator,
entity converter
- Improved filetype detection; filetype definitions can be remotely updated
- Support for .cld containers (which replace .inc directories)
- Improved pattern matcher and signature formats
- More efficient scanning of HTML files
- Many other improvements
* clamd:
- NEW CONFIG FILE OPTIONS: MaxScanSize, MaxFileSize, MaxRecursion, MaxFiles
- ** THE FOLLOWING OPTIONS ARE NO LONGER SUPPORTED **: MailMaxRecursion,
ArchiveMaxFileSize, ArchiveMaxRecursion, ArchiveMaxFiles,
ArchiveMaxCompressionRatio, ArchiveBlockMax
* clamscan:
- NEW CMDLINE OPTIONS: --max-filesize, --max-scansize
- REMOVED OPTIONS: --block-max, --max-space, --max-ratio
* freshclam:
- NEW CONFIG OPTION CompressLocalDatabase
- NEW CMDLINE SWITCH --no-warnings
- main.inc and daily.inc directories are no longer used by ClamAV; please
remove them manually from your database directory
|
|
* Fix pkg/36853 with patch from Christos Zoulas (patch-ba)
* Lots of bug fixes since 0.92
|
|
This release provides various bugfixes, optimisations and improvements
to the scanning engine. The new features include support for ARJ and
SFX-ARJ archives, AutoIt, basic SPF parser in clamav-milter (to reduce
phishing false-positives), faster scanning and others (see ChangeLog).
To get a consistent behaviour of the anti-phishing module on all platforms,
libclamav now includes the regex library from OpenBSD.
|
|
* Bugfixes and changes since 0.91.1:
- libclamav/rtf.c: fix possible NULL dereference (bb#611)
- libclamav/ole2_extract.c: properly initialise hdr.max_block_no (bb#603)
- libclamav/htmlnorm.c: fix possible NULL dereference (bb#582),
thanks to Stefanos Stamatis
- libclamav/htmlnorm.c: fix call to tolower() (bb#580)
- libclamav/filetypes.c: some embedded PEs were not being detected
- clamav-milter: Fix compilation error on NetBSD2.0
- clamav-milter: Black-hole-mode no longer needs to be run as root
- libclamav/pdf.c: Bug 618, --block-max not always honoured
- libclamav/phishcheck.c, regex_list.c, phish_whitelist.c: make debug
output look better (patch from Sven)
- libclamav/phishcheck.c: Don't report phishing on broken urls containing
'>' in the hostname. (bb #619)
- libclamav, sigtool: add support for PUA databases (.hdu, .mdu, .ndu),
requested by Christoph
- clamscan: add --detect-pua
- clamd, clamd.conf: add DetectPUA
- freshclam/mirman.c: properly handle mirror access times (bb#606, only
outdated installations - three versions behind the latest one were
affected by this problem),
Reported by David F. Skoll <dfs*roaringpenguin.com>
- clamav-milter: Bug 614
- libclamav/pdf.c: Bug 608
- clamav-milter: SPF checking no longer experimental
- libclamav/phishcheck.c: workaround Solaris problem with regexec() [bb #598
]
- libclamav/matcher-ac.c: fix matching of patterns with prefixes and some
other issues spotted by Glen <daineng*gmail.com>
- clamav-milter/clamav-milter.c: Better use of res_init()
- clamav-milter/clamav-milter.c: HP-UX doesn't have EX_CONFIG, reported
by clam * ministry.se
|
|
Fix for https://wwws.clamav.net/bugzilla/show_bug.cgi?id=580
|
|
- libclamav/others.c: bump f-level
- libclamav/unrar/unrarvm.c: fix another occurrence of bb#555, thanks to
Ludwig Nussel <ludwig.nussel*suse.de>
- sigtool/sigtool.c: increase MAX_DEL_LOOKAHEAD, requested by Sven
- libclamav/scanner.c: don't search for embedded PEs in zip files larger
than 1 MB (bb#573)
- clamav-milter: Fix memory leak when load balancing
- clamav-milter: Chroot handling no longer marked as experimental
- libclamav/nsis: fix macro collision on AIX - bb#570
- libclamav/phishcheck.c: fix (null) FOUND
- libclamav: rename x86 macroes due to collisions on HPUX
- libclamav: Fix warnings on HP-UX
|
|
ClamAV 0.91 is the first release to enable the anti-phishing technology
in default builds. This technology combines heuristics with special
signatures and provides effective protection against phishing threats.
Other important changes and add-ons in this version include:
- unpacker for NSIS (Nullsoft Scriptable Install System) self-extracting
archives
- unpacker for ASPack 2.12
- new implementation of the Aho-Corasick pattern matcher providing
better detection for wildcard enabled signatures
- support for nibble matching and floating offsets
- improved handling of .mdb files (fixes long startup times)
- extraction of PE files embedded into other executables
- better handling of PE & UPX
- removed dependency on libcurl (improves stability)
- libclamav.dll available under Windows
- IPv6 support in clamav-milter
- many other improvements and bugfixes
|
|
Lots of bug fixes since 0.90.2. For details, see ChangeLog.
|
|
This release fixes many problems in libclamav and freshclam.
|
|
Lots of fixes since 0.90. For details, see ChangeLog.
|
|
The 0.9x series introduces lots of improvements in terms of detection
rate and performance, like support for many new packers and decryptors,
RAR3 and SIS archives, and a new phishing signatures format that proves
to be very effective.
|
|
This version improves scanning of mail and tar files.
|
|
- freshclam: apply timeout patch from Everton da Silva Marques
<everton*lab.ipaccess.diveo.net.br> (new options: ConnectTimeout and
ReceiveTimeout)
- clamd: change stack size at the right place (closes bug#103)
Patch from Jonathan Chen <jon+clamav*spock.org>
- libclamav/petite.c: sanity check the number of rebuilt sections (speeds
up handling of malformed files)
|
|
(I tried to contact the MAINTAINER but got no reply. I'm using this in our
production systems so this should work just fine.)
* Bugfixes:
- libclamav/rebuildpe.c: fix possible heap overflow [IDEF1597]
- libclamav/chmunpack.c: fix possible crash [IDEF1736]
- freshclam/manager.c: "Cache-Control: no-cache" is now disabled by default.
If you're behind a broken proxy you can recompile freshclam with
--enable-no-cache.
|
|
Changes:
- libclamav/upx.c: fix possible heap overflow
See http://www.clamav.net/security/0.88.4.html for details.
- libclamav/tnef.c: handle trailing newline at the end of winmail.dat,
bug reported by Menno Smits <menno*netboxblue.com>
- freshclam/manager.c: fix possible infinite loop when read() fails
in get_database(), spotted by Everton da Silva Marques
<everton*lab.ipaccess.diveo.net.br>
|
|
This version fixes handling of large binhex files and multiple alternatives
in virus signatures.
|
|
This release improves virus detection, fixes zip handling on 64-bit
architectures and possible security problem in freshclam.
|
|
changes since 0.88:
* Bugfixes:
- libclamav/matcher.c: properly handle partial reads in cli_scandesc()
- libclamav/mbox.c: sync with CVS, fixes detection of Worm.Bagle.CT
- freshclam: fix support for LocalIPAddress
Patch by Anton Yuzhaninov <citrin*citrin.ru>
- docs/man: multiple manpage typo fixes
Patch by A. Costa <agcosta*gis.net>)
- shared/output.c: properly handle return value of vsnprintf
Thanks to Anton Yuzhaninov <citrin*rambler-co.ru>
- libclamav/htmlnorm.c: fix typo spotted by Gianluigi Tiesi
<sherpya*netfarm.it>
- sigtool/sigtool.c: fix possible crash in build(), thanks to Sven
- clamd/session.c: remove static timeout (5s) for SESSION
Pointed out by Joseph Benden <joe*thrallingpenguin.com>
- libclamav/pe.c: fix possible integer overflow reported by Damian Put
Note: only exploitable if file size limit (ArchiveMaxFileSize) disabled
- libclamav/scanners.c: properly report archive unpacking errors
Problem spotted by David F. Skoll <dfs*roaringpenguin.com>
- libclamav/others.c: fix possible crash in cli_bitset_test()
Reported by David Luyer <david_luyer*pacific.net.au>
- libclamav/zziplib: fix possible crash on FreeBSD
Reported by Robert Rebbun <robert*desertsurf.com>
- clamav-milter: fall back if sendfile() fails
|
|
A possible heap overflow in the UPX code has been fixed. General improvements
include better zip and mail processing, and support for a self-protection mode.
The security of the UPX, FSG and Petite modules has been improved, too.
|
|
changes since 0.87:
* Bugfixes:
- libclamav/petite.c: fix boundary checks (acab)
- libclamav/mbox.c: scan attachments that have no filename (njh)
- libclamav/fsg.c: fix buffer size calculation in unfsg_133
Reported by Zero Day Initiative (ZDI-CAN-004)
- libclamav/tnef.c: fix possible infinite loop
Reported by iDEFENSE (IDEF1169).
- libclamav/mspack/cabd.c: fix possible infinite loop in cabd_find
(tk)
Reported by iDEFENSE (IDEF1180).
- clamd/others.c: fix compilation error on Cobalt Qube 1 (tk)
- clamd: properly handle ReadTimeout in SESSION (tk)
Bug reported by Kamil Kaczkowski <kamil*kamil.eisp.pl>
- libclamav/others.c,h: Add generic bitset implementation (trog)
- libclamav/ole2_extract.c: Make sure the property tree doesn't
loop (trog)
Fixes CAN-2005-3239. Installations with default settings were
not affected by this bug.
|
|
declaration-after-code occurences. Fixes PR #31576.
|
|
This version fixes vulnerabilities in handling of UPX and FSG compressed
executables. Support for PE files, Zip and Cabinet archives has been improved
and other small bugfixes have been made. The new option "--on-outdated-execute"
allows freshclam to run a command when system reports a new engine version.
|
|
changes since 0.86.1:
V 0.86.2
* Fixes backported from CVS:
- configure.in: disable support for URLs downloading with libcurl
(--with-libcurl) by default (tk)
- libclamav/others.c: cli_rmdirs: fix possible infinite loop (tk)
Patch by Mark Pizzolato <clamav-devel*subscriptions.pizzolato.net>
- libclamav/mspack: Some cab archives were not properly decompressed (tk)
Problem reported by Diego d'Ambra <diego*clamav.net>
- libclamav/pe.c: cli_peheader: Sync entry point calculation with
cli_scanpe (tk)
Problem reported by Christoph Cordes <ccordes*clamav.net>
- configure.in: fix compilation error when curl is installed in
a non-standard location (tk)
Reported by Serge van den Boom <svdb*stack.nl>
- configure.in: Add support for DragonFly (tk)
Thanks to Joerg Sonnenberger <joerg*britannica.bec.de>
- clamscan/clamscan.c: Verify arguments passed to --max-dir-recursion and
--max-ratio (tk)
Problem reported by Jo Mills <Jonathan.Mills*frequentis.com>
- libclamav/fsg.c: Fix possible integer overflow (acab)
Reported by Alex Wheeler.
- libclamav/mbox.c: Fix name clash with glibc library (njh)
Reported by Brian Bruns <bruns at 2mbit.com>
- libclamav/others.c: Check for 0 byte allocations in cli_(m|c|re)alloc (tk)
- libclamav/chmunpack.c: Fix possible malloc overflow (trog)
Reported by Alex Wheeler.
- libclamav/tnef.c: Fix possible crash if the length field is 0 or negative
in headers (njh)
Reported by Alex Wheeler (alexbling at gmail.com)
- clamav-milter: Honour LogClean. Only syslog once when storing email in
quarantine (reported by Panagiotis Christias, christias at gmail.com).
Log database reloads to the LogFile (njh)
- clamav-milter: Changed the default child_timeout to 5 minutes. Keep a
copy of the trie root in privdata. Removed trylock/unlock code in
clamfi_abort (njh)
|
|
from Joerg Sonnenberger.
|
|
changes since 0.85.1:
Thu Jun 23 23:13:41 CEST 2005
-----------------------------
V 0.86.1
- libclamav/mspack/qtmd.c: fix possible crash (tk)
Reported by Andrew Toller <atoller*connectfree.co.uk>
and Stefan Kanthak <stefan.kanthak*fujitsu-siemens.com>
Sun Jun 19 21:37:07 CEST 2005
-----------------------------
V 0.86
- libclamav/mspack/cabd.c: fix possible infinite loop (tk)
- libclamav/cvd.c: fix potential directory traversal in cvd unpacker (a low
risk problem since all databases are digitally signed). Pointed out by
Florian Weimer <fw*deneb.enyo.de> (tk)
- libclamav/zziplib/zzip-file.c: add method id for AES encrypted archives
(thanks to David Majorel <dm*lagoon.nc>) (tk)
- clamscan/manager.c: better message on zip/rar unpacking error (tk)
- libclamav/mbox.c: Fix mishandling of fast track uuencoded files (njh)
- clamav-milter: Better error message if the white-list file can't be
opened (njh)
- clamav-milter: When loading a new database when not in external mode,
keep scanning with the old one rather than hold up incoming mails while
waiting for clamav-milter to become idle then reloading the database (njh)
- libclamav/others.c: print warnings and errors in single call to write
(thanks to Denis Vlasenko <vda*ilport.com.ua>) (tk)
- clamscan/others.c: enable REG_EXTENDED in match_regex (tk)
- libclamav/scanners.c: fix file descriptor leaks if cli_msexpand() returns
an error in cli_scanszdd, patch by Mark Pizzolato (tk)
- libclamav/scanners.c: fix file descriptor leak in error path (out of mem)
in cli_scangzip(), patch by Mark Pizzolato (tk)
- clamd/scanner.c: fix error path for a read timeout which logged messages
indicating that both a timeout and a poll error occurred (patch by Mark
Pizzolato <clamav-devel*subscriptions.pizzolato.net>) (tk)
- libclamav: Extract TNEF files even when the filename isn't known,
problem reported by John Miller (contact*glideslopesoftware.co.uk) (njh)
|
|
A problem where an email with more than one content-disposition type line,
one or more of which was empty, could crash libclamav has been fixed. Other
minor bugfixes have been made.
|
|
- freshclam/manager.c: fix socket descriptor leak in --no-dns mode (patch
by GertJan Spoelman <cav*gjs.cc>) (tk)
- clamscan, freshclam: return with 62 (instead of 1) when logger can't be
initialized (tk)
- libclamav/matcher-ac.c, libclamav/matcher-bm.c: fix detection problem
with *.ndb OLE2 signatures (problem reported by Trog) (tk)
- fix signature offset calculation in large files (problem reported by
Christoph) (tk)
- clamav-milter: print segfault diagnostic, even if print_trace is not
available (njh)
- sigtool/sigtool.c: fix support for *.fp databases (tk)
- clamav-milter: Better handling of log file errors. Always send 451 when
loading a new database when --external is not set (njh)
- libclamav/tnef.c: If a parse fails and debugging is on, the file being
scanned is dumped to a temporary file (njh)
- libclamav/scanners.c: do not report I/O error with encrypted zips (tk)
|
|
Changes:
-) libclamav:
+ JPEG exploit detector now also checks embedded Photoshop thumbnail images
+ archive meta-data scanner (improves malware detection within encrypted
archives)
+ support for TNEF (winmail.dat) decoding
+ support for all tar archive formats
+ MD5 implementation replaced with a slightly faster one
+ improved database reloading with reference counter
+ database updateable false positive eliminator
+ speed improvements
+ various bugfixes
-) clamd:
+ VirusEvent now sets CLAM_VIRUSEVENT_FILENAME and CLAM_VIRUSEVENT_VIRUSNAME
environment variables
-) clamav-milter:
+ improved database update detection when not --external
-) clamscan:
+ new options --include-dir and exclude-dir
+ new option --max-dir-recursion
-) freshclam:
+ new directive LocalIPAddress
|
|
|
