| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
changes since 0.82 (summarized):
* clamd: change default value of StreamMaxPort to 2048
* freshclam: add support for Foreground (requested by Jeremy Kitchen
<kitchen*scriptkitchen.com>)
* clamav-milter: Added --whistlist-file and --sendmail-cf options
When in SESSION mode, not all sessions would send END
other changes are documentation and misc. bug fixes.
|
|
|
|
changes since 0.80 (summarized to include only the significant
changes. other changes are documentation updates and misc. bug fixes.
see the full ChangeLog for details).
Sat Feb 5 16:48:46 CET 2005 (tk)
---------------------------------
* libclamav: activate RIFF code (patch by Trog)
Sat Feb 5 16:17:41 CET 2005 (tk)
---------------------------------
* libclamav/scanners.c: do not report Suspected.Zip on standard breaking zip
archives created by ICEOWS (problem reported by
Hamacker <sirhamacker*vidy.com.br> and Dirk Mueller
<mueller*kde.org>)
Sat Feb 5 09:39:48 GMT 2005 (trog)
-----------------------------------
* libclamav/special.c: support for big-endian system in RIFF code.
Fri Feb 4 10:02:08 GMT 2005 (trog)
-----------------------------------
* libclamav/special.c: check RIFF files for MS05-002. Not yet activated.
Thu Feb 3 21:09:34 GMT 2005 (njh)
----------------------------------
* libclamav/mbox.c: Speed improvements in the handling of bounce messages
Wed Feb 2 08:32:46 GMT 2005 (njh)
----------------------------------
* clamav-milter: Call watchdog when neither SESSION nor --external is
given
Tue Feb 1 14:47:21 GMT 2005 (njh)
----------------------------------
* libclamav/blob.c: Sanitise tab characters in filenames ("Heinz Martin"
<Martin*hemag.ch>)
Decode encapsulated messages that have for some reason
been base64 encoded (even though they're already
7 bit)
Tue Feb 1 08:54:46 GMT 2005 (njh)
----------------------------------
* clamav-milter: Delete X-Virus-Status in clamfi_eom not in
clamfi_header. Patch by Jef Poskanzer
<jef*acme.com>
X-Virus-Status now says that virus that it's infected
with. Suggestion by "Hank Beatty"
<hbeatty*starband.net>
Mon Jan 31 11:05:20 GMT 2005 (njh)
----------------------------------
* libclamav/mbox.c: Empty lines should the end of the headers,
but some base64 decoders, e.g. uudeview, are
broken and will handle this type of entry,
decoding the base64 content that's after the
text that's after the header
Sun Jan 30 15:18:02 GMT 2005 (njh)
----------------------------------
* clamav-milter: SESSION is on now by default, to test clamd
PACKADDR is now uses unsinged to remove warning on
Sun's C compiler, patch by
"Dugal James P." <jpd*louisiana.edu>
Don't check compatibility with sendmail.cf if sendmail
is running on a different machine
Fri Jan 28 08:51:08 GMT 2005 (njh)
----------------------------------
* clamav-milter: Some error messages still talked about --internal
Scanmail not set warning is now only given if
DisableDefaultScanOptions is set
Thu Jan 27 14:11:13 GMT 2005 (njh)
----------------------------------
* libclamav/mbox.c: Scan sendmail queue df* files
Thu Jan 27 10:55:35 GMT 2005 (njh)
----------------------------------
* clamav-milter: Don't scan emails intended for the --quarantine address,
that stops scanning of emails generated with
viruses if --outgoing has been set
Downgraded scanmail not defined if --external isn't
given from error to warning
Added -i flag when calling sendmail, suggested by
Michal Jaegermann <michal*harddata.com>
Thu Jan 27 01:35:35 CET 2005 (tk)
---------------------------------
* freshclam/manager.c: add support for HTTP/1.0 ansers in IMS (--no-dns) mode
(patch by Sven Strickroth <sstrickroth*gym-oha.de>)
Wed Jan 26 19:27:57 CET 2005 (tk)
---------------------------------
V 0.81
Tue Jan 25 08:12:51 GMT 2005 (njh)
----------------------------------
* clamav-milter: Internal mode is now the default. Removed --internal
option, added --external.
Don't use clamd's SESSION mode, since that causes
problems with clamd/freshclam when freshclam
is run. SESSION mode can be enabled from
the source code. Most people can use SESSION
mode safely, but it has caused problems on BSD
Mon Jan 24 13:56:19 GMT 2005 (njh)
----------------------------------
* libclamav/message.c: Some Exploit.IE.CrashSOS were not being caught,
found by Carsten.Borchardt*drs-systemberatung.de
Sat Jan 22 13:45:42 GMT 2005 (njh)
----------------------------------
* clamav-milter: If forwarding to a quarantine user fails log as LOG_ERR
not LOG_DEBUG
Try to santity check that the input socket name is the
same as the same given to sendmail
Redirect stdout and stderr to LogFile, if that is set
--quarantine didn't redirect to the given email address
if --internal was used (reported by N Fung
<nsfung*yahoo.com>)
Sun Jan 16 06:28:59 CET 2005 (tk)
---------------------------------
* libclamav/pe.c: attempt to detect W32.Parite.B using cryptanalysis (thanks
to aCaB for info on detection)
Fri Jan 14 16:12:21 GMT 2005 (trog)
-----------------------------------
* libclamav/filetypes.c: add a few more HTML filetype markers
Fri Jan 14 14:53:59 GMT 2005 (trog)
-----------------------------------
* libclamav/htmlnorm.c: RFC2397 ("data" URL scheme) support.
* libclamav/scanner.c: scan RFC2397 data.
Wed Jan 12 08:58:29 GMT 2005 (njh)
----------------------------------
* clamav-milter: Fixed DNS resolution error messages which could print
the incorrect hostname that is not being resolved. Patch from
Yar Tikhiy <yar*comp.chem.msu.su>
Tue Jan 11 02:27:24 CET 2005 (tk)
---------------------------------
* libclamav/scanners.c: Fix possible crash when handling file information in
corrupted zip archives (problem reported by
Reinhard Max <max*suse.de>)
Sun Jan 9 21:24:58 GMT 2005 (njh)
----------------------------------
* libclamav/mbox.c: Some HTML.Phishing.Bank-41 were getting through
Sun Jan 9 11:38:39 GMT 2005 (njh)
----------------------------------
* libclamav/mbox.c: Add support for messages that break RFC2047
Sat Jan 8 02:53:20 CET 2005 (tk)
---------------------------------
* libclamav/filetypes.c: Add support for mail files parsed by CMU Sieve
(samples provided by Stefan Kaltenbrunner
<stefan*kaltenbrunner.cc>)
Wed Jan 5 21:09:14 GMT 2005 (njh)
----------------------------------
* libclamav/message.c: Fix crash caused when looking for non-existant
uuencoded files. This happens when the stated encoding
method is wrong so we have to try all methods and
including those which will fail
Mon Dec 27 05:01:54 CET 2004 (tk)
---------------------------------
* freshclam/manager.c: use If-Modified-Since in --no-dns mode (based on code
by Reini Urban <rurban*x-ray.at>)
Mon Dec 27 01:09:20 CET 2004 (tk)
---------------------------------
* libclamav/scanners.c: Add missing ArchiveBlockMax rule for recursion limit
(reported by HR <haavard*zyf.no-ip.org>)
Sun Dec 19 17:01:56 GMT 2004 (njh)
----------------------------------
* clamav-milter: Correctly warn that --max_childen must be given in SESSION
mode if LocalSocket is used and MaxThreads isn't given in
clamd.conf. max_children is needed to know how many sessions
to initiate to clamd(s)
Tue Dec 14 11:36:43 GMT 2004 (trog)
-----------------------------------
* libclamav/vba_extract.c:
- Add signature for MacOffice 2004
- Guess endianness of unknown versions of MS Office.
Tue Dec 14 11:15:22 GMT 2004 (trog)
-----------------------------------
* sigtool/options.c sigtool/sigtool.c: New options: --vba and --vba-hex
* sigtool/vba.c sigtool/vba.h: New files. Code to extract VBA/Word6 macros
Tue Dec 7 23:40:30 CET 2004 (tk)
---------------------------------
* configure: added --disable-zlib-vcheck (allows building on potentially
buggy zlib versions (1.2.0 & 1.2.1))
Tue Dec 7 19:25:06 GMT 2004 (njh)
----------------------------------
* clamav-milter: Ensure that the daily quarantine directory is created
Tue Dec 7 02:48:08 CET 2004 (tk)
---------------------------------
* clamd: added support for file descriptor passing (patch by Richard Lyons
<frob-clamav*webcentral.com.au>)
Mon Dec 6 22:33:26 GMT 2004 (njh)
----------------------------------
* clamav-milter: Ensure the date is kept in the quarantine path
Wed Dec 1 22:29:33 GMT 2004 (njh)
----------------------------------
* clamav-milter: Added --internal flag (some functionality to do)
SESSIONS: Don't hang when StreamMaxLength is hit
Wed Dec 1 13:14:33 GMT 2004 (njh)
----------------------------------
* libclamav/mbox.c: Decode text/plain parts marked as being encoded,
reported by Trog
Mon Nov 29 00:23:55 CET 2004 (tk)
---------------------------------
* clamdscan: add support for --move and --remove options
Sun Nov 28 16:30:18 GMT 2004 (njh)
----------------------------------
* libclamav/message.c: Allow lower case hex in quoted-printable
messages
Sat Nov 27 14:40:55 GMT 2004 (njh)
----------------------------------
* libclamav/mbox.c: Honour section 7.2.6 of RFC1521
Sat Nov 27 13:18:42 GMT 2004 (njh)
----------------------------------
* libclamav: Assume x-uue is the same as x-uuencode
If uudecoding fails and other possibilities have been
registered, don't take the failure as fatal, also try
the other decoding methods
Thu Nov 25 18:38:06 CET 2004 (tk)
---------------------------------
* clamd: new directives StreamMinPort and StreamMaxPort (allow port range
specification for stream mode). Patch by Alexander Marx
<mad-ml*madness.at>)
Thu Nov 18 20:28:13 CET 2004 (tk)
---------------------------------
* libclamav: add support for Mac's HQX file format (patch by Nigel)
Thu Nov 18 11:03:14 CET 2004 (tk)
---------------------------------
* libclamav: try to detect (and mark as Suspected.Zip) zip archives with
modified information in local header
Fri Nov 12 09:44:23 GMT 2004 (njh)
----------------------------------
* libclamav/mbox.c: Draft of RFC1341 support is now on by default.
Fragments arriving out of order are not scanned (yet).
If you use clamav-milter to load balance clamd across
servers you will need to ensure that the partial
directory is on a shared directory (e.g. NFS)
Mon Nov 8 15:24:18 CET 2004 (tk)
---------------------------------
* clamd: new directive ExitOnOOM (stop deamon when libclamav reports out of
memory condition)
Wed Nov 3 12:47:41 GMT 2004 (njh)
----------------------------------
* libclamav/clamav-milter: Save the original subject as X-Original-Subject
when running in advisory or qurantine mode
SESSION mode: warn when no clamd can be reached
Wed Oct 27 13:36:14 BST 2004 (njh)
----------------------------------
* clamav-milter: Remove X-VIRUS-STATUS on incoming messages
Plug remote possibility of file descriptor leak
Return EX_OSERR if fork fails, not EX_TEMPFAIL
If clamav-milter points to more than one server, ensure
that the version information for that server is
added to the header
Update version information in the watchdog. There may
therefore be a delay between the server updating
and this being reflected in the headers
|
|
|
|
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.
This is from ideas from Greg Woods and others.
Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).
|
|
|
|
given (-c 2). Patch submitted by Koji Mori in PR pkg/27734.
|
|
format string.
|
|
change the rc.d script to look for that one.
Fix suggested by Mirko Thiesen in PR pkg/27618
Bump PKGREVISION
|
|
|
|
|
|
|
|
Schöler.
bump PKGREVISION.
|
|
maintaining this package.
|
|
signatures require 0.80.
|
|
update.
|
|
many changes since 0.75.1, most notably, the latest virus databases
need at least 0.80.
see the ChangeLog for full details.
|
|
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
|
|
All library names listed by *.la files no longer need to be listed
in the PLIST, e.g., instead of:
lib/libfoo.a
lib/libfoo.la
lib/libfoo.so
lib/libfoo.so.0
lib/libfoo.so.0.1
one simply needs:
lib/libfoo.la
and bsd.pkg.mk will automatically ensure that the additional library
names are listed in the installed package +CONTENTS file.
Also make LIBTOOLIZE_PLIST default to "yes".
|
|
into the bsd.options.mk framework. Instead of appending to
${PKG_OPTIONS_VAR}, it appends to PKG_DEFAULT_OPTIONS. This causes
the default options to be the union of PKG_DEFAULT_OPTIONS and any
old USE_* and FOO_USE_* settings.
This fixes PR pkg/26590.
|
|
nonlocal TCP socket in the config, clamd needs full networking support.
So, rather, this should be REQUIRE: DAEMON like other generic daemons.
|
|
|
|
from rc.local (since it doesn't have a rc.d script -- yet?).
|
|
|
|
|
|
- Convert to use bsd.options.mk.
- The virus database has been moved to ${VARBASE}/clamav.
* freshclam/clamd: fix crash on PPC when LogFile was enabled together
with LogSyslog
* configure: improve gethostbyname_r check; cleanups
* clamav-milter: Use GETHOSTBYNAME_R_6
Better load balancing if max_children = 0
Fixed warning message when building on FreeBSD4.9
Closed (small) memory leak
Fix crash when the 1st remote service goes down
Only use gethostbyname_r on LINUX for now
Improved load balancing a bit
* clamdscan: fix stdin scanning in local mode
* clamav-milter: %v in the template file handling is now replaced
only with the virus name, no "stream:" appears
* libclamav/mbox.c: Fix crash when debugging on SPARC
* libclamav/message.c: Fix occasional crash when scanning
multipart within multipart e-mails
|
|
This release fixes detection of e-mails generated by Worm.Mydoom.I.
|
|
Bugfixes in this version include crashes with multipart/mixed messages
and corrupted OLE2 and Zip files. Improvements include various optimisations
of mail scanning and clamav-milter and clamdscan behaviour.
|
|
* Bug fixes
|
|
Changes:
0.72
----
Major bugfixes in this release include crashes with corrupted BinHex messages
and some Excel documents. Protection against archive bombs (not fully
functional since 0.70) was improved and a number of other improvements were
made.
0.71
----
This release fixes all bugs found in 0.70 and introduces a few new features -
the noteworthy changes include:
-) libclamav:
+ support nested OLE2 files
+ support Word6 macro code
+ ignore popular file types (media, graphics)
+ support compress.exe (SZDD) compression (test/test.msc)
+ improve virus detection in e-mails
-) clamscan:
+ automatically decide (by comparing daily.cvd version numbers) which
database directory (hardcoded or clamav.conf's one) to use
+ support compression ratio feature (--max-ratio)
+ allow regular expressions in --[in|ex]clude
+ do not overwrite old files in a quarantine directory but add a numerical
extension to new files
+ respect --tempdir in libclamav
+ fix access problem when calling external unpackers in a superuser mode
+ fix file permission corruption with --deb in a superuser mode
-) clamd
+ support log facility specification in syslog's style (LogFacility)
+ new directive LeaveTemporaryFiles (Debug no longer leaves temporary
files not removed)
-) clamav-milter:
+ include the virus name in the 550 rejection
+ support user defined template for virus notifications (--template-file)
+ sort quarantine messages by date
+ improve thread management
+ add X-Virus-Scanned and X-Infected-Received-From: headers
+ improve load balancing (when using remote servers with --server)
+ send 554 after DATA received, not 550
+ save PID (--pidfile)
-) documentation:
+ German clamdoc.pdf translation (Rupert Roesler-Schmidt and Karina
Schwarz, uplink coherent solutions, http://www.uplink.at)
+ new Japanese documentation (Masaki Ogawa)
|
|
0.70
----
The two major changes in this version are new thread manager in clamd
and support for decoding MS Office VBA macros. Both of them have been
implemented by Trog. Besides, there are many improvements and bugfixes
(all listed in ChangeLog), a short summary:
-) clamd
+ new thread manager (with better SMP support)
+ on-access scanning now also available on FreeBSD (with Dazuko 2.0)
+ new directive ArchiveBlockEncrypted
+ new directive ReadTimeout (replaces ThreadTimeout)
+ handle SIGHUP (re-open logfile) and SIGUSR2 (reload database)
+ respect TCPAddr in stream scanner
-) clamav-milter:
+ TCPWrappers support
-) libclamav:
+ support MS Office documents (OLE2) and VBA macro decoding
+ support encrypted archive detection
+ new flags: CL_OLE2, CL_ENCRYPTED (see clamdoc.pdf, Section 6.1)
+ improve virus detection in big files
+ improve support for multipart, bounce and embedded RFC822 messages
+ improve RAR support
+ include backup snprintf implementation
-) clamscan:
+ new option: --block-encrypted
-) freshclam
+ new option: --pid, -p (write pid file if run as daemon)
+ handle SIGHUP (re-open logfile), SIGTERM (terminate with log message),
SIGALRM and SIGUSR1 (wake up and check mirror)
+ fix bug with -u and -c handling
-) contrib
+ windows clamd client now available with source code
-) documentation:
+ new Polish documentation on ClamAV and Samba integration
+ official documentation updated
|
|
|
|
the RCD_SCRIPTS rc.d script(s) to the PLIST.
This GENERATE_PLIST idea is part of Greg A. Woods'
PR #22954.
This helps when the RC_SCRIPTS are installed to
a different ${RCD_SCRIPTS_EXAMPLEDIR}. (Later,
the default RCD_SCRIPTS_EXAMPLEDIR will be changed
to be more clear that they are the examples.)
These patches also remove the etc/rc.d/ scripts from PLISTs
(of packages that use RCD_SCRIPTS). (This also removes
now unused references from openssh* makefiles. Note that
qmail package has not been changed yet.)
I have been doing automatic PLIST registration for RC_SCRIPTS
for over a year. Not all of these packages have been tested,
but many have been tested and used.
Somethings maybe to do:
- a few packages still manually install the rc.d scripts to
hard-coded etc/rc.d. These need to be fixed.
- maybe remove from mk/${OPSYS}.pkg.dist mtree specifications too.
|
|
compile on platforms afflicted by this (and Solaris, where it compiled fine,
already used the code path to which it was changed).
|
|
0.68-1
------
Fixed RAR support.
0.68
----
This version fixes a crash with some RAR archives generated by the Bagle worm,
also a few important fixes have been backported from CVS.
We strongly encourage users to install the 0.70-rc version (released today).
0.67
----
This release fixes a memory management problem (platform dependent; can lead
to a DoS attack) with messages that only have attachments (reported by Oliver
Brandmueller). It also contains patches for a few problems found in 0.66 and
has better Cygwin support.
|
|
by Piotr Stolc in PR pkg/24644.
|
|
|
|
|
|
enabled.
|
|
Use read(2) instead.
|
|
relative to ${WRKSRC}. Remove redundant LIBTOOL_OVERRIDE settings that
are automatically handled by the default setting in bsd.pkg.mk.
|
|
This version is a response to the "clamav 0.65 remote DOS exploit"
information published on popular security-related mailing lists.
Other changes include: (see the README for a full list)
-) clamd:
+ fixed database timestamp handling (and a double reload problem reported
by Alex Pleiner and Ole Stanstrup)
+ new directive: ArchiveMaxCompressionRatio
+ new command: SESSION (starts a clamd session and allows to do multiple
commands per TCP session)
+ new directives: TemporaryDirectory, LogClean (Andrey V. Malyshev)
-) freshclam:
+ support for freshclam.conf (that may be optionally merged with
clamav.conf, command line options overwrite config settings)
+ work-around for potential database downgrade (subtle problem
in r-r dns handling) - reported by Daniel Mario Vega and patched
by Luca Gibelli
Fix build by rather patch "configure" directly instead of configure.in
(autoconf failed). Tested on NetBSD-current and Linux (some kind of Debian).
|
|
Somewhat based upon PR 24294 by Eric Schnoebelen.
While at it also fix configure to always install the example config file
to "examples".
Bump PKGREVISION to 1.
|
|
|
|
working on the issue.
Changes:
-) clamd:
+ fixed a race condition in database reloading code (random crashes
under high load)
+ fixed a race condition with the improperly initialized session start time
(thanks to Michael Dankov)
+ fixed PidFile permissions (Magnus Ekdahl, bug reported by Tomasz Papszun)
+ fixed LogFile permissions (Magnus Ekdahl)
+ new directive ScanRAR (bacause RAR support is now disabled by default)
+ new directive VirusEvent
+ new directive FixStaleSocket (Thomas Lamy and Mark Mielke)
+ new directive TCPAddr (Bernard Quatermass, fixed by Damien Curtain)
+ new directive Debug
-) clamav-milter: (Nigel Horne <njh*clamav.net>)
+ new --force-scan flag
+ new -P and -q flags by Nicholas M. Kirsch
WARNING: clamav-milter and our mail scanner are still in high development
and may be unstable. You should always use the CVS version.
-) libclamav:
+ support for a new database container format (CVD) - compressed and
digitally signed
+ better protection against malformed zip archives (such as Mimail)
+ mail decoder fixes (thanks to Rene Bellora, Bernd Kuhls, Thomas Lamy,
Tomasz Papszun) (Nigel Horne)
+ memory leak fixes (Thomas Lamy)
+ new scan option CL_DISABLERAR (disables built-in RAR unpacker)
-) freshclam:
+ fixed --on-error-execute behaviour (David Woakes)
+ new option --user (-u) USER - run as USER instead of the default user.
Patch by Damien Curtain.
+ rewritten to use database.clamav.net and CVD
-) documentation:
+ new Spanish documentation on ClamAV and Sendmail integration by
Erick Ivaan Lopez Carreon
+ included clamdoc.pdf Turkish translation by yavuz kaya and Ýbrahim erken
+ included clamav-mirror-howto.pdf by Luca Gibelli
+ included clamd+daemontools HOWTO by Jesse D. Guardiani
+ included signatures.pdf
+ man pages: updated
+ clamdoc.pdf: rewritten
|
|
|
|
|
|
|
|
However currently milter support is disabled, as it requires strerror_r to
be available, which it isn't on -current.
Note this required the fixing of the milter tests in the configure.in file.
It seemed if you used --disable-milter and the .h file was in the include
path, eg on -current it's in /usr/include/libmilter it was found and used.
We now have a want_milter for the --enable/disable-milter, which will
trigger the tests to setup have_milter.
Once I've sorted out the strerror_r problem in -current I'll enable the
milter support (or if someone tells me it works with pth)
Bump PKGREVISION.
|
|
Also fix pkg/22714, clamav not building, this was due to it rerunning
configure due to dependancy updates, which built a new libtool, replacing
the one we had given it from pkgsrc.
The fix is to run autoconf and automake on the patches, I would have done
diff's post autoconf/automake, but the diffs are much bigger.
Known issue, if you run fetchclam to update the databases you'll find that
pkg_install won't remove the db files as the MD5 checksum has changed, I
may move the db files into etc/clamav and copy them in, then fetchclam can
update as needed.
However I thought that given the current spate of viruses hitting people
they maybe wanting the latest version.
|
