UbuntuUpdates.org

Package "clamav-base"

Name: clamav-base

Description:

anti-virus utility for Unix - base package

Latest version: 0.102.4+dfsg-0ubuntu0.12.04.1
Release: precise (12.04)
Level: security
Repository: main
Head package: clamav
Homepage: https://www.clamav.net/

Links


Download "clamav-base"


Other versions of "clamav-base" in Precise

Repository Area Version
base main 0.97.3+dfsg-2.1ubuntu1
updates main 0.102.4+dfsg-0ubuntu0.12.04.1

Changelog

Version: 0.102.4+dfsg-0ubuntu0.12.04.1 2021-05-03 14:07:14 UTC

  clamav (0.102.4+dfsg-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to 0.102.2 to fix security issues
    - debian/libclamav9.symbols: updated for new version.
    - debian/rules: bumped CL_FLEVEL to 115.
    - CVE-2020-3327
    - CVE-2020-3350
    - CVE-2020-3481

 -- <email address hidden> (Leonidas S. Barbosa) Fri, 24 Jul 2020 10:33:01 -0300

Source diff to previous version
CVE-2020-3327 A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacke
CVE-2020-3350 A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the runn
CVE-2020-3481 A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remo

Version: 0.99.2+addedllvm-0ubuntu0.12.04.1 2016-09-28 18:06:36 UTC

  clamav (0.99.2+addedllvm-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to 0.99.2 to fix multiple security issues
    - CVE-2016-1371
    - CVE-2016-1372
    - CVE-2016-1405
  * Removed patches no longer required
    - 0003-unit_tests-increment-test-timeout-from-40secs-to-5mi.patch
    - 0006-remove-unnecessary-harmful-flags-from-libclamav.pc.patch
    - 0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - 0018-llvm-don-t-use-system-libs.patch
  * debian/clamav-base.postinst.in: updated to handle new options
    - OnAccessMountPath
    - OnAccessDisableDDD
    - OnAccessPrevention
    - OnAccessExtraScanning
    - PCREMatchLimit
    - PCRERecMatchLimit
    - PCREMaxFileSize
    - ScanXMLDOCS
    - ScanHWP3
    - MaxRecHWP3
  * debian/*: rename libclamav6 to libclamav7.
  * debian/control: add libpcre3-dev to Build-Depends as new signatures
    rely on PCRE support.

 -- Marc Deslauriers <email address hidden> Tue, 20 Sep 2016 14:58:40 -0400

Source diff to previous version
CVE-2016-1405 libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-1

Version: 0.98.7+dfsg-0ubuntu0.12.04.1 2015-05-05 18:06:36 UTC

  clamav (0.98.7+dfsg-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to 0.98.7 to fix multiple issues
    - CVE-2015-2170
    - CVE-2015-2221
    - CVE-2015-2222
    - CVE-2015-2305
    - CVE-2015-2668
  * Refreshed patches for 0.98.7:
    - d/p/0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - d/p/0018-llvm-don-t-use-system-libs.patch

 -- Marc Deslauriers <email address hidden> Mon, 04 May 2015 15:50:41 -0400

Source diff to previous version
CVE-2015-2170 Crash in upx decoder with crafted file
CVE-2015-2221 Infinite loop condition on crafted y0da cryptor file
CVE-2015-2222 Crash on crafted petite packed file
CVE-2015-2305 Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in Net
CVE-2015-2668 Infinite loop condition on a crafted "xz" archive file

Version: 0.98.6+dfsg-0ubuntu0.12.04.1 2015-02-02 20:06:42 UTC

  clamav (0.98.6+dfsg-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to 0.98.6 to fix security issues, including CVE-2014-9328.
  * Removed upstreamed patches:
    - d/p/0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch
    - d/p/0017-Bump-.so-version-number.patch
 -- Marc Deslauriers <email address hidden> Fri, 30 Jan 2015 09:01:52 -0500

Source diff to previous version

Version: 0.98.5+addedllvm-0ubuntu0.12.04.1 2014-11-26 20:06:28 UTC

  clamav (0.98.5+addedllvm-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to 0.98.5 to fix security issues, including CVE-2013-6497.
  * Removed patches no longer needed:
    - d/p/0002-Sebastian-Andrzej-Siewior.patch
    - d/p/0003-configure-use-pkg-config-for-check-so-test-is-detect.patch
    - d/p/0004-Stop-using-a-cargo-culted-syscall-table-and-trust-th.patch
    - d/p/0005-configure.ac-patches-to-got-with-autoreconf-and-auto.patch
    - d/p/0006-Fix-STAT64-definition-and-add-missing-includes.patch
  * Added patches from vivid to fix FTBFS, .so version and other issues:
    - d/p/0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch
    - d/p/0003-unit_tests-increment-test-timeout-from-40secs-to-5mi.patch
    - d/p/0006-remove-unnecessary-harmful-flags-from-libclamav.pc.patch
    - d/p/0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - d/p/0017-Bump-.so-version-number.patch
    - d/p/0018-llvm-don-t-use-system-libs.patch
  * debian/clamav-docs.docs: use wildcards, as some docs have changed.
  * debian/clamav-base.postinst.in: added new options.
  * debian/clamav-base.config.in: added new options.
  * debian/clamav-base.templates: added new options.
  * debian/control: added libssl-dev BuildDepends.
  * clamav-testfiles.install: removed rar files.
 -- Marc Deslauriers <email address hidden> Fri, 21 Nov 2014 09:58:30 -0500




About   -   Send Feedback to @ubuntu_updates