Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 41248 - New version of clamav (fixes overflow vulnerability)
Summary: New version of clamav (fixes overflow vulnerability)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: High critical (vote)
Assignee: Gentoo Security
URL: http://www.secunia.com/advisories/10826/
Whiteboard:
Keywords:
: 41237 41686 (view as bug list)
Depends on: 41855
Blocks:
  Show dependency tree
 
Reported: 2004-02-11 07:38 UTC by Thomas Bullinger
Modified: 2004-02-20 19:30 UTC (History)
7 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Bullinger 2004-02-11 07:38:30 UTC
ClamAV v. 0.65 has a serious vulnerability, which version 0.66 fixes.  Also, clamav now has a new download site.

Reproducible: Always
Steps to Reproduce:
See http://www.secunia.com/advisories/10826




new clamav-0.66.ebuils:

# Copyright 1999-2004 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License v2
# $Header: /home/cvsroot/gentoo-x86/net-mail/clamav/clamav-0.65.ebuild,v 1.1
2004/01/20 19:03:02 hanno Exp $

IUSE="milter"

inherit eutils flag-o-matic
has_version =sys-libs/glibc-2.2* && filter-flags -D_FILE_OFFSET_BITS=64
-D_LARGEFILE_SOURCE

DESCRIPTION="Clam Anti-Virus Scanner"
HOMEPAGE="http://www.clamav.net/"
SRC_URI="http://clamav.catt.com/stable/${P}.tar.gz"

LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~x86 ~ppc ~sparc ~mips ~alpha ~arm ~hppa ~amd64"

DEPEND="virtual/glibc"
PROVIDE="virtual/antivirus"

pkg_setup() {
        enewgroup clamav
        enewuser clamav -1 /bin/false /dev/null clamav
        pwconv || die
}

src_compile() {
        local myconf

        use milter && myconf="--enable-milter"

        econf ${myconf} --with-dbdir=/var/lib/clamav || die

        emake || die
}

src_install() {
        make DESTDIR=${D} install || die
        dodoc AUTHORS BUGS NEWS README ChangeLog TODO FAQ INSTALL
        exeinto /etc/init.d ; newexe ${FILESDIR}/clamd.rc clamd
        insinto /etc/conf.d ; newins ${FILESDIR}/clamd.conf clamd
        dodoc ${FILESDIR}/clamav-milter.README.gentoo
}

pkg_postinst() {
        if [ `use milter` ]; then
                einfo "For simple instructions howto setup the clamav-milter..."
                einfo ""
                einfo "less /usr/share/doc/${PVR}/clamav-milter.README.gentoo.gz"
        fi
}

new digest-clamav-0.66:

MD5 f0a5d7f35106fb7b176bca5cd28a1bed clamav-0.66.tar.gz 2275692
Comment 1 Heinrich Wendel (RETIRED) gentoo-dev 2004-02-11 07:42:56 UTC
*** Bug 41237 has been marked as a duplicate of this bug. ***
Comment 2 Aida Escriva-Sammer (RETIRED) gentoo-dev 2004-02-11 11:02:31 UTC
Most archs have 0.65 has unstable, 0.60 is stable for x86, ppc, sparc. 

Hanno, can you take a look at this?


*added package maintainer hanno@gentoo.org
Comment 3 Hanno Böck gentoo-dev 2004-02-16 15:32:43 UTC
*** Bug 41686 has been marked as a duplicate of this bug. ***
Comment 4 Hanno Böck gentoo-dev 2004-02-16 15:59:13 UTC
I've just commited 0.67-ebuild.
We should mark it stable on all platforms as soon as possible.

A GLSA should be written about two issues:
1. the security vulnerability
2. 0.60 uses a deprecated virus-db-format, so you won't get updates for up-to-date viruses
Comment 5 SpanKY gentoo-dev 2004-02-16 17:25:22 UTC
could you arch peeps please emerge 0.67 and make sure everything is ok for stable ?
Comment 6 Jason Wever (RETIRED) gentoo-dev 2004-02-16 20:24:18 UTC
Everything looks good.  Marked stable on sparc.
Comment 7 Aron Griffis (RETIRED) gentoo-dev 2004-02-17 08:23:59 UTC
All set on alpha and ia64
Comment 8 Jason Wever (RETIRED) gentoo-dev 2004-02-20 18:23:08 UTC
As we've already released the GLSA on this, is there any reason not to close?
Comment 9 SpanKY gentoo-dev 2004-02-20 19:30:32 UTC
aight well i just marked it stable for mips/arm/amd64

i'll let hanno clean out the old ebuilds