1
clamav (0.96.5+dfsg-1ubuntu1.10.04.4) lucid-security; urgency=low
3
* SECURITY UPDATE: fix detection bypass via malformed tar entry with
4
length that exceeds tar size
5
- libclamav/untar.c: scan output at end of truncated tar
6
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=8e199ae3cfb2b862b8bc36d9a01c8f8d716169ab
8
* SECURITY UPDATE: fix detection bypass via crafted reset interval in
10
- libclamav/mspack.c: properly scan chm with invalid handling.
11
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=a58b68f8adf2466b761ce05f74a4580c1f74fbe6
12
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=9d6be7c56091f012e90074122db4ec12d3516011
14
* SECURITY UPDATE: fix detection bypass via tar archive with invalid
16
- libclamav/untar.c: improve logic, look at checksums
17
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=c3c807d78b09b3f64630601002fdc7db257d89da
18
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=9d6be7c56091f012e90074122db4ec12d3516011
21
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 18 Jun 2012 10:28:54 -0400
23
clamav (0.96.5+dfsg-1ubuntu1.10.04.3) lucid-security; urgency=low
25
* SECURITY UPDATE: fix recursion level crash
26
- libclamav/bytecode.c, libclamav/bytecode_api.c:adjust recursion level
27
before and after calling cli_magic_scandesc()
28
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=patch;h=3d664817f6ef833a17414a4ecea42004c35cc42f
31
-- Jamie Strandboge <jamie@ubuntu.com> Fri, 28 Oct 2011 08:43:28 -0500
33
clamav (0.96.5+dfsg-1ubuntu1.10.04.2) lucid-security; urgency=low
35
* SECURITY UPDATE: denial of service via double free in vba processing
36
- libclamav/vba_extract.c: set buf to NULL when it gets freed.
37
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=d21fb8d975f8c9688894a8cef4d50d977022e09f
40
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 23 Feb 2011 14:31:05 -0500
42
clamav (0.96.5+dfsg-1ubuntu1.10.04.1) lucid-proposed; urgency=low
44
* Microversion update for Lucid (LP: #691414)
45
- Improved database login times
46
- Expanded use of new bytecode signatures
47
- Other bugfixes/improvements
49
-- Scott Kitterman <scott@kitterman.com> Fri, 17 Dec 2010 12:30:20 -0500
1
clamav (0.97.7+dfsg-1ubuntu0.10.04.1) lucid-security; urgency=low
3
* SECURITY UPDATE: Updated to 0.97.7 to fix multiple security issues.
7
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 19 Mar 2013 15:36:31 -0400
9
clamav (0.97.7+dfsg-1ubuntu1) raring; urgency=low
11
* Merge from Debian unstable. Remaining changes:
12
- Drop build-dep on electric-fence (in Universe)
13
- Add apparmor profiles for clamd and freshclam along with maintainer
16
-- Scott Kitterman <scott@kitterman.com> Tue, 19 Mar 2013 06:38:51 -0400
18
clamav (0.97.7+dfsg-1) unstable; urgency=medium
20
* New upstream release
21
* Update libclamav6 lintian override to match updated soversion
22
* Urgency medium due to security fixes
24
-- Scott Kitterman <scott@kitterman.com> Mon, 18 Mar 2013 22:28:02 -0400
26
clamav (0.97.6+dfsg-1ubuntu1) quantal; urgency=low
28
* Merge from Debian unstable. Remaining changes:
29
- Drop build-dep on electric-fence (in Universe)
30
- Add apparmor profiles for clamd and freshclam along with maintainer
33
-- Scott Kitterman <scott@kitterman.com> Mon, 08 Oct 2012 12:29:39 -0400
35
clamav (0.97.6+dfsg-1) unstable; urgency=low
37
* New upstream release (Closes: #689487)
38
* Update libclamav6 lintian override to match updated soversion
40
-- Scott Kitterman <scott@kitterman.com> Mon, 08 Oct 2012 12:11:43 -0400
42
clamav (0.97.5+dfsg-6ubuntu2) quantal; urgency=low
44
* debian/clamav-base.install, debian/source_clamav.py: Install apport
45
hook so we can get AppArmor denials in bug reports.
47
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 22 Aug 2012 08:33:24 -0400
49
clamav (0.97.5+dfsg-6ubuntu1) quantal; urgency=low
51
* Merge from Debian unstable (LP: #1015405). Remaining changes:
52
- Drop build-dep on electric-fence (in Universe)
53
- Add apparmor profiles for clamd and freshclam along with maintainer
56
-- Scott Kitterman <scott@kitterman.com> Tue, 14 Aug 2012 21:29:59 -0400
58
clamav (0.97.5+dfsg-6) unstable; urgency=medium
60
* Urgency medium for RC bug fix the addressess regression from 0.97.3
61
* Add changes from upstream commit 6a879ad98460303b23a6fc119769a3b463a902f8
62
to fix unpack errors for various compressed files including some .bz2,
63
.xls, .doc, and PDF (Closes: #684697)
65
-- Scott Kitterman <scott@kitterman.com> Tue, 14 Aug 2012 12:11:19 -0400
67
clamav (0.97.5+dfsg-5) unstable; urgency=low
69
* Drop /var/run/clamav from the directories shipped in clamav-base (policy
70
9.1.4) and trust it will get cleaned up on boot
71
- Thanks to Andreas Beckmann for the cluebat
73
-- Scott Kitterman <scott@kitterman.com> Thu, 19 Jul 2012 10:51:59 -0400
75
clamav (0.97.5+dfsg-4) unstable; urgency=low
77
* Drop postrm snippets from clamav-base, clamav-freshclam, clamav-daemon,
78
and clamav-milter that remove /var/log/clamav, /var/lib/clamav,
79
/var/run/clamav, and /etc/clamav and and let dpkg remove the directories
80
once they are empty in order to fix problems with directory removal by a
81
package that did not own the directory (Closes: #681960)
82
* Add /var/run/clamav to directories shipped by clamav-base so dpkg cleanup
85
-- Scott Kitterman <scott@kitterman.com> Wed, 18 Jul 2012 09:29:50 -0400
87
clamav (0.97.5+dfsg-3ubuntu1) quantal; urgency=low
89
* Merge from Debian unstable. Remaining changes:
90
- Drop build-dep on electric-fence (in Universe)
91
- Add apparmor profiles for clamd and freshclam along with maintainer
94
-- Scott Kitterman <scott@kitterman.com> Mon, 09 Jul 2012 19:22:18 -0400
96
clamav (0.97.5+dfsg-3) unstable; urgency=low
98
* Fix proxy port configuration handling in clamav-freshclam.postinst so that
99
failure to specify port does not result in an invalid configuration
100
(Closes: #678247), (LP: #784797)
102
-- Scott Kitterman <scott@kitterman.com> Sat, 30 Jun 2012 21:35:33 -0400
104
clamav (0.97.5+dfsg-2ubuntu1) quantal; urgency=low
106
* Merge from Debian Unstable. Remaining Ubuntu changes:
107
- Drop build-dep on electric-fence (in Universe)
108
- Add apparmor profiles for clamd and freshclam along with maintainer
111
-- Scott Kitterman <scott@kitterman.com> Tue, 19 Jun 2012 21:39:28 -0400
113
clamav (0.97.5+dfsg-2) unstable; urgency=medium
115
* Medium urgency due to security fixes
116
* Update debian/clamav-base.postinst.in to test for the existence of the
117
actual .cvd files before trying to install them and not just the directory
118
they should be in (Closes: #678019)
119
* Remove /var/run/clamav on purge (LP: #829945)
120
- Thanks to Imre Gergely for the patch
121
* Add call to /sbin/restorecon in debian/common_functions make_directory to
122
to label the /run directory for SE Linux (Closes: #677686)
123
- Thanks to Russell Coker for the patch
124
* Remove obsolete reference to clamav-data package in clamav-daemon init log
127
-- Scott Kitterman <scott@kitterman.com> Mon, 18 Jun 2012 20:32:06 -0400
129
clamav (0.97.5+dfsg-1ubuntu1) quantal; urgency=low
131
* Merge from Debian Unstable. Remaining Ubuntu changes:
132
- Drop build-dep on electric-fence (in Universe)
133
- Add apparmor profiles for clamd and freshclam along with maintainer
135
* New upstream version no longer includes virus definition files
138
-- Scott Kitterman <scott@kitterman.com> Fri, 15 Jun 2012 21:20:04 -0400
140
clamav (0.97.5+dfsg-1) unstable; urgency=medium
143
* Urgency medium due to security fixes
144
* New upstream release (Closes: #669370)
145
- Addresses possible evasion cases in some archive formats (CVE-2012-1419,
146
CVE-2012-1457, CVE-2012-1458, CVE-2012-1459) (Closes: #668273)
147
- Repack tarball to remove non-free unrar code and win32 directory
148
- Add contrib/split-tarball.sh and docs/man/clambc.1 in the diff.gz
149
(these used to be added to the Debian specific upstream tarball, but
150
aren't upstream so are better in the diff)
151
- Change etc/clamav-milter.conf to Debian defaults
152
* Enabled hardened build flags (Closes: #653958)
153
- Thanks to Moritz Muehlenhoff for the patch
154
* Remove var/lib/clamav/daily.cvd and main.cvd from clamav-base.examples
155
because they aren't installed by the build system anymore (and are
156
provided only as empty files in the upstream tarball)
157
* Fix typos in README.Debian (Closes: #667831)
158
* Update libclamav6 binary lintian override to match current filename
159
* Bump standards version to 3.9.3 without further change
162
- Add a note about RAR functionality to README.Debian (Closes: #652009)
164
-- Scott Kitterman <scott@kitterman.com> Fri, 15 Jun 2012 11:39:26 -0400
166
clamav (0.97.3+dfsg-2.2) unstable; urgency=low
168
* Non-maintainer upload.
169
* Fix "FTBFS: llvm/lib/ExecutionEngine/JIT/Intercept.cpp:69:67: error:
170
'lseek64' was not declared in this scope": add missing <unistd.h> include.
171
Also fixed in upstream git already [bb8ab5c].
174
-- gregor herrmann <gregoa@debian.org> Fri, 01 Jun 2012 16:46:45 +0200
176
clamav (0.97.3+dfsg-2.1ubuntu1) precise; urgency=low
178
* Merge from Debian Unstable. Remaining Ubuntu changes:
179
- Drop build-dep on electric-fence (in Universe)
180
- Add apparmor profiles for clamd and freshclam along with maintainer
183
-- Scott Kitterman <scott@kitterman.com> Sat, 03 Mar 2012 11:44:26 -0500
185
clamav (0.97.3+dfsg-2.1) unstable; urgency=low
187
* Non-maintainer upload.
188
* Fix spelling error in debconf templates. Closes: #660966
189
* Fix pending l10n issues. Debconf translations:
190
- Dutch; (Jeroen Schot). Closes: #651405
191
- German (Thomas Müller). Closes: #653409
192
- Polish (Michał Kułach). Closes: #659369
193
- Japanese (Kenshi Muto). Closes: #659980
194
- Czech (Miroslav Kure). Closes: #660319
195
- Italian (Luca Monducci). Closes: #660475
197
-- Christian Perrier <bubulle@debian.org> Thu, 23 Feb 2012 09:46:53 +0100
199
clamav (0.97.3+dfsg-2ubuntu1) precise; urgency=low
201
* Merge from Debian Unstable. Remaining Ubuntu changes:
202
- Drop build-dep on electric-fence (in Universe)
203
- Add apparmor profiles for clamd and freshclam along with maintainer
206
-- Scott Kitterman <scott@kitterman.com> Fri, 09 Dec 2011 00:31:48 -0500
208
clamav (0.97.3+dfsg-2) unstable; urgency=low
211
* Pass --without-included-ltdl to configure instead of hardcoding
212
--with-ltdl-include= and --with-ltdl-lib= pathnames, the pathnames
213
wouldn't work with multiarch anymore.
214
* rules: let clamav-dbg depend on libclamav6 as it seems to require it and
215
this could make rules -j safe (didn't manage to reproduce the -j2 failure
216
I was getting with the change).
219
* Add VERBOSE=1 to make check
222
* Add myself to uploaders
224
-- Scott Kitterman <scott@kitterman.com> Tue, 06 Dec 2011 16:44:16 -0500
226
clamav (0.97.3+dfsg-1ubuntu3) precise; urgency=low
228
* No-change rebuild to drop spurious libsfgcc1 dependency on armhf.
230
-- Adam Conrad <adconrad@ubuntu.com> Fri, 02 Dec 2011 17:28:45 -0700
232
clamav (0.97.3+dfsg-1ubuntu2) precise; urgency=low
234
* Pass --without-included-ltdl to configure instead of hardcoding
235
--with-ltdl-include= and --with-ltdl-lib= pathnames, the pathnames
236
wouldn't work with multiarch anymore.
237
* rules: let clamav-dbg depend on libclamav6 as it seems to require it and
238
this could make rules -j safe (didn't manage to reproduce the -j2 failure
239
I was getting with the change).
241
-- Loïc Minier <loic.minier@ubuntu.com> Thu, 01 Dec 2011 20:37:48 +0100
243
clamav (0.97.3+dfsg-1ubuntu1) precise; urgency=low
245
* Merge from Debian unstable. Remaining changes:
246
- Drop build-dep on electric-fence (in Universe)
247
- Add apparmor profiles for clamd and freshclam along with maintainer
250
-- Scott Kitterman <scott@kitterman.com> Mon, 24 Oct 2011 11:57:42 -0400
252
clamav (0.97.3+dfsg-1) unstable; urgency=medium
254
[ Michael Tautschnig ]
255
* New upstream release: Fixes potential DoS
257
-- Michael Tautschnig <mt@debian.org> Sun, 23 Oct 2011 23:20:17 +0100
259
clamav (0.97.2+dfsg-1ubuntu2) oneiric; urgency=low
262
* Fix clamd apparmor profile to work with mimedefang (LP: #829089)
263
* Stop samba related log spamming from freshclam apparmor profile
266
-- Scott Kitterman <scott@kitterman.com> Thu, 25 Aug 2011 08:43:22 -0400
268
clamav (0.97.2+dfsg-1ubuntu1) oneiric; urgency=low
270
* Merge from Debian unstable. Remaining changes:
271
- Drop build-dep on electric-fence (in Universe)
272
- Add apparmor profiles for clamd and freshclam along with maintainer
275
-- Scott Kitterman <scott@kitterman.com> Fri, 29 Jul 2011 14:15:15 -0400
277
clamav (0.97.2+dfsg-1) unstable; urgency=low
279
[ Michael Tautschnig ]
280
* New upstream release
281
- Fixes off-by-one-error (closes: #635599)
282
- Fixes opcode 20 is not implemented error (closes: #635340)
283
- New option ExtraDatabase for freshclam
284
* Debconf translation updates
285
- Portuguese (closes: #630954)
286
- French (closes: #631978)
287
- Swedish (closes: #632144)
288
- Danish (closes: #632558)
289
- Spanish (closes: #633883)
290
- Russian (closes: #635145)
292
-- Michael Tautschnig <mt@debian.org> Fri, 29 Jul 2011 16:13:32 +0200
294
clamav (0.97.1+dfsg-1ubuntu3) oneiric; urgency=low
296
* SECURITY UPDATE: denial of service via hash manager off-by-one
297
- libclamav/matcher-hash.c: fix count.
298
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=4842733eb3f09be61caeed83778bb6679141dbc5
301
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 27 Jul 2011 13:28:52 -0400
303
clamav (0.97.1+dfsg-1ubuntu2) oneiric; urgency=low
305
* adjust AppArmor profile for /var/run -> /run (LP: #810270)
307
-- Jamie Strandboge <jamie@ubuntu.com> Thu, 14 Jul 2011 08:36:01 -0500
309
clamav (0.97.1+dfsg-1ubuntu1) oneiric; urgency=low
311
* Merge from debian unstable. Remaining changes:
312
- Drop build-dep on electric-fence (in Universe)
313
- Add apparmor profiles for clamd and freshclam along with maintainer
316
-- Scott Kitterman <scott@kitterman.com> Sat, 18 Jun 2011 11:56:34 -0400
318
clamav (0.97.1+dfsg-1) unstable; urgency=low
320
[ Michael Tautschnig ]
321
* New upstream release
322
- New option ClamukoExcludeUID for clamd
323
* Added debconf question for clamav-milter/LogClean (closes: #617890).
324
* Clarified text about clamav-milter's temporary directory in debconf
325
question (closes: #617889).
326
* Debconf translation updates
327
- Japanese (closes: #624802)
328
* Remove references to other libraries from dependency_libs field
329
(closes: #621206). Thanks Luk Claes for the patch.
330
* Added doc-base file to clamav-docs (closes: #629357). Thanks John Vogel.
331
* Bumped Standards-Version to 3.9.2, no changes needed.
334
* Update README.Debian to reflect reality for the milter (closes: #597048)
336
-- Michael Tautschnig <mt@debian.org> Fri, 10 Jun 2011 16:09:55 +0200
338
clamav (0.97+dfsg-2ubuntu1) natty; urgency=low
340
* Merge from debian unstable. Remaining Ubuntu changes:
341
- Drop initial signature definitions from clamav-base
342
- Drop build-dep on electric-fence (in Universe)
343
- Add apparmor profiles for clamd and freshclam along with maintainer
346
-- Scott Kitterman <scott@kitterman.com> Fri, 11 Mar 2011 08:07:46 -0500
348
clamav (0.97+dfsg-2) unstable; urgency=low
350
[ Michael Tautschnig ]
352
* More tidy up: new upstream release also fixed problems with
353
ExtendedDetectionInfo (upstream bb#2409, closes: #617262).
355
-- Michael Tautschnig <mt@debian.org> Thu, 10 Mar 2011 22:50:28 +0000
357
clamav (0.97+dfsg-1) UNRELEASED; urgency=low
360
* New upstream release
365
-- Stephen Gran <sgran@debian.org> Fri, 18 Feb 2011 20:52:08 +0000
367
clamav (0.97+dfsg-0ubuntu1) natty; urgency=low
369
* Merge from debian unstable (0ubuntu1 because the Debian upload was
370
inadvertently left marked UNRELEASED). Remaining changes:
371
- Drop initial signature definitions from clamav-base
372
- Drop build-dep on electric-fence (in Universe)
373
- Add apparmor profiles for clamd and freshclam along with maintainer
376
-- Scott Kitterman <scott@kitterman.com> Sat, 19 Feb 2011 09:51:33 -0500
378
clamav (0.97+dfsg-1) UNRELEASED; urgency=low
381
* New upstream release
386
-- Stephen Gran <sgran@debian.org> Fri, 18 Feb 2011 20:52:08 +0000
388
clamav (0.96.5+dfsg-2) UNRELEASED; urgency=low
391
* Remove ucf backup files in cron.d directory (closes: #607053).
393
[ Michael Tautschnig ]
394
* Acknowledge NMU - thanks Christian for fixing my earlier broken upload
395
(probably 0.96.3+dfsg-1) (closes: #610058).
396
* Debconf translation updates
397
- Danish (closes: #605626)
398
- Dutch (closes: #605903)
399
* Cherry-pick bc0ef08bb7312b5f295cd4070d44be96d4aed9d2 to fix crashes in
400
paranoid mode (closes: #606308).
401
* Cherry-pick ee50848a509662aa21c6c6a41b72c4053b1eedf3 to improve scanning
402
of mbox files (closes: #589767).
404
-- Michael Tautschnig <mt@debian.org> Tue, 18 Jan 2011 23:21:34 +0000
406
clamav (0.96.5+dfsg-1.1) unstable; urgency=low
408
* Non-maintainer upload.
409
* Fix encoding of Italian debconf translation.
411
-- Christian Perrier <bubulle@debian.org> Wed, 12 Jan 2011 19:51:36 +0100
51
413
clamav (0.96.5+dfsg-1ubuntu2) natty; urgency=low