diff --git a/bytecode-330.cvd b/bytecode-330.cvd deleted file mode 100644 index 21dff1f87776e10643192605224cb81850012c15..0000000000000000000000000000000000000000 Binary files a/bytecode-330.cvd and /dev/null differ diff --git a/bytecode-333.cvd b/bytecode-333.cvd new file mode 100644 index 0000000000000000000000000000000000000000..9a9a98fa16c9f154c59d654f902c06ba3e2e391e Binary files /dev/null and b/bytecode-333.cvd differ diff --git a/clamav-0.103.6.tar.gz b/clamav-0.103.8.tar.gz similarity index 66% rename from clamav-0.103.6.tar.gz rename to clamav-0.103.8.tar.gz index 385c5779ac4f13d14b9b295935074c06d7ad0425..3e10415bde395b608db27969fbc4de0612e4ccd4 100644 Binary files a/clamav-0.103.6.tar.gz and b/clamav-0.103.8.tar.gz differ diff --git a/clamav-freshclam.service.patch b/clamav-freshclam.service.patch index c1ff9bc0922a1892c466263d8f0ad98b17386fac..2c29f03305d7e8f2add4e02ea0a86182a5d4181d 100644 --- a/clamav-freshclam.service.patch +++ b/clamav-freshclam.service.patch @@ -1,6 +1,13 @@ ---- ./freshclam/clamav-freshclam.service.in.orig 2021-02-01 20:49:25.000000000 +0000 -+++ ./freshclam/clamav-freshclam.service.in 2021-03-07 22:59:34.476455890 +0000 -@@ -8,7 +8,6 @@ After=network-online.target +--- ./freshclam/clamav-freshclam.service.in.orig 2021-06-14 10:36:39.029730737 +0100 ++++ ./freshclam/clamav-freshclam.service.in 2021-06-14 10:37:53.621423748 +0100 +@@ -2,13 +2,12 @@ + Description=ClamAV virus database updater + Documentation=man:freshclam(1) man:freshclam.conf(5) https://docs.clamav.net/ + # If user wants it run from cron, don't start the daemon. +-ConditionPathExists=!/etc/cron.d/clamav-freshclam ++# ConditionPathExists=!/etc/cron.d/clamav-update + Wants=network-online.target + After=network-online.target [Service] ExecStart=@prefix@/bin/freshclam -d --foreground=true diff --git a/clamav-type-conversion.patch b/clamav-type-conversion.patch deleted file mode 100644 index 10ec3575620629ed6b2651adc9600493de907840..0000000000000000000000000000000000000000 --- a/clamav-type-conversion.patch +++ /dev/null @@ -1,57 +0,0 @@ -From adcae42c2094096606a26976fb5829aa1ce5937b Mon Sep 17 00:00:00 2001 -From: caodongxia <315816521@qq.com> -Date: Mon, 31 May 2021 16:43:12 +0800 -Subject: [PATCH] create patch - ---- - libclamav/upx.c | 6 +++--- - libclammspack/mspack/cabd.c | 2 +- - 2 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/libclamav/upx.c b/libclamav/upx.c -index 4663861..0e7b2c8 100644 ---- a/libclamav/upx.c -+++ b/libclamav/upx.c -@@ -333,7 +333,7 @@ int upx_inflate2b(const char *src, uint32_t ssize, char *dst, uint32_t *dsize, u - return -1; - if (backbytes & 0xff000000) - return -1; -- backbytes <<= 8; -+ backbytes = (int32_t)((uint32_t)(backbytes) << 8); - backbytes += (unsigned char)(src[scur++]); - backbytes ^= 0xffffffff; - -@@ -425,7 +425,7 @@ int upx_inflate2d(const char *src, uint32_t ssize, char *dst, uint32_t *dsize, u - return -1; - if (backbytes & 0xff000000) - return -1; -- backbytes <<= 8; -+ backbytes = (int32_t)((uint32_t)(backbytes) << 8); - backbytes += (unsigned char)(src[scur++]); - backbytes ^= 0xffffffff; - -@@ -517,7 +517,7 @@ int upx_inflate2e(const char *src, uint32_t ssize, char *dst, uint32_t *dsize, u - return -1; - if (backbytes & 0xff000000) - return -1; -- backbytes <<= 8; -+ backbytes = (int32_t)((uint32_t)(backbytes) << 8); - backbytes += (unsigned char)(src[scur++]); - backbytes ^= 0xffffffff; - -diff --git a/libclammspack/mspack/cabd.c b/libclammspack/mspack/cabd.c -index 75ef277..4dffd6b 100644 ---- a/libclammspack/mspack/cabd.c -+++ b/libclammspack/mspack/cabd.c -@@ -1398,7 +1398,7 @@ static unsigned int cabd_checksum(unsigned char *data, unsigned int bytes, - unsigned int len, ul = 0; - - for (len = bytes >> 2; len--; data += 4) { -- cksum ^= ((data[0]) | (data[1]<<8) | (data[2]<<16) | (data[3]<<24)); -+ cksum ^= ((data[0]) | ((unsigned int)(data[1])<<8) | ((unsigned int)(data[2])<<16) | ((unsigned int)(data[3])<<24)); - } - - switch (bytes & 3) { --- -2.27.0 - diff --git a/clamav-update.crond b/clamav-update.crond index dc8574555b2b74f3f092251eede7ac8f75f4f759..7454bd0e944e4340754f206cf231f262e142e1f4 100644 --- a/clamav-update.crond +++ b/clamav-update.crond @@ -3,4 +3,4 @@ MAILTO=root ## It is ok to execute it as root; freshclam drops privileges and becomes ## user 'clamupdate' as soon as possible -0 */3 * * * root /usr/share/clamav/freshclam-sleep +0 */3 * * * root /usr/share/clamav/freshclam-sleep > /dev/null diff --git a/clamav-update.logrotate b/clamav-update.logrotate index 0de60624f69fd6fe5ab761bf09cd039d733b73f2..3cd28f08957067fb944bc9d481d392cf014e33de 100644 --- a/clamav-update.logrotate +++ b/clamav-update.logrotate @@ -1,4 +1,8 @@ /var/log/freshclam.log { monthly notifempty + missingok + postrotate + systemctl try-restart clamav-freshclam.service + endscript } diff --git a/clamav.spec b/clamav.spec index 3814d92521cebf722841b5e063d68b382f6e3ba9..504fd7990fabad1d466a86680391bf8c6ba4e4e1 100644 --- a/clamav.spec +++ b/clamav.spec @@ -1,16 +1,16 @@ Name: clamav Summary: End-user tools for the Clam Antivirus scanner -Version: 0.103.6 -Release: 3 +Version: 0.103.8 +Release: 1 License: GPLv2 and Public Domain and bzip2-1.0.6 and Zlib and Apache-2.0 URL: https://www.clamav.net/ Source0: https://www.clamav.net/downloads/production/clamav-%{version}.tar.gz Source1: clamd.sysconfig Source2: clamd.logrotate -Source3: main-58.cvd -Source4: daily-25550.cvd -Source5: bytecode-330.cvd +Source3: main-62.cvd +Source4: daily-26818.cvd +Source5: bytecode-333.cvd Source7: freshclam-sleep Source8: freshclam.sysconfig Source9: clamav-update.crond @@ -26,10 +26,9 @@ Patch0002: clamav-default_confs.patch Patch0003: clamav-0.99-private.patch Patch0005: clamav-clamonacc-service.patch Patch0006: clamav-freshclam.service.patch -Patch0007: clamav-type-conversion.patch -Patch0008: clamav-clamonacc-version-return.patch -Patch0009: fix-clamonacc-w-error.patch -Patch0010: fix-the-failure-to-execute-the-clambc-command-under-the-clamav-package.patch +Patch0007: clamav-clamonacc-version-return.patch +Patch0008: fix-clamonacc-w-error.patch +Patch0019: fix-the-failure-to-execute-the-clambc-command-under-the-clamav-package.patch BuildRequires: autoconf automake gettext-devel libtool libtool-ltdl-devel BuildRequires: gcc-c++ zlib-devel bzip2-devel gmp-devel curl-devel json-c-devel @@ -414,6 +413,9 @@ test -e %_var/log/clamav-milter.log || { %changelog +* Wed Mar 15 2023 yaoxin - 0.103.8-1 +- Update to 0.103.8 to fix CVE-2023-20032 and CVE-2023-20052 + * Thu May 26 2022 liyanan - 0.103.6-3 - Fix the failure to execute the clambc command under the clamav package - Fix clamonacc -w error diff --git a/clamd@.service b/clamd@.service index 952a93745589eb91aadcac1486391df6e6aa640b..2e3011b472dafe40decabbce489fb2e6f0caaea8 100644 --- a/clamd@.service +++ b/clamd@.service @@ -7,7 +7,7 @@ After = syslog.target nss-lookup.target network.target Type = forking ExecStart = /usr/sbin/clamd -c /etc/clamd.d/%i.conf # Reload the database -# ExecReload=/bin/kill -USR2 $MAINPID +ExecReload=/bin/kill -USR2 $MAINPID Restart = on-failure TimeoutStartSec=420 diff --git a/daily-25550.cvd b/daily-26818.cvd similarity index 68% rename from daily-25550.cvd rename to daily-26818.cvd index a50b9856f49a42488a60e82eaaf7256d088fd55c..270d1411e5afcb6e14eb70976e48b73cff846a33 100644 Binary files a/daily-25550.cvd and b/daily-26818.cvd differ diff --git a/freshclam-sleep b/freshclam-sleep old mode 100755 new mode 100644 index fddb922604262525f2c1900a0c9eeb2db264d6a2..5d3d5b361b3f7fd1e5630339fc357a6d015c604b --- a/freshclam-sleep +++ b/freshclam-sleep @@ -49,4 +49,4 @@ WARNING: update of clamav database is disabled; please see ;; esac -/usr/bin/freshclam --quiet +/usr/bin/freshclam --quiet > /dev/null diff --git a/main-58.cvd b/main-62.cvd similarity index 67% rename from main-58.cvd rename to main-62.cvd index ffb1af1f3fef864526bd37693c2159bd83bfc0d1..9a117207e20b7ca7d2f09d58ab2b7d6ecbac405f 100644 Binary files a/main-58.cvd and b/main-62.cvd differ