https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0360 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0361
https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html need up to 0.100.1
@arches, please test and stablize. Thank you for the reporting.
@ Arches, please test and mark stable: =app-antivirus/clamav-0.100.1 Some architectures still have to re-keyword, see bug 653016.
Removing CVE-2017-16932: CVE-2017-16932 only affects Windows build. Because ebuild defines no direct dep on libxml2 and fix is not in clamav source code itself, this CVE doesn't apply here.
An automated check of this bug failed - repoman reported dependency errors (75 lines truncated): > dependency.bad app-antivirus/clamav/clamav-0.100.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0) ['dev-libs/libmspack'] > dependency.bad app-antivirus/clamav/clamav-0.100.1.ebuild: RDEPEND: alpha(default/linux/alpha/13.0) ['dev-libs/libmspack'] > dependency.bad app-antivirus/clamav/clamav-0.100.1.ebuild: DEPEND: alpha(default/linux/alpha/13.0/desktop) ['dev-libs/libmspack']
@zlogene that is why there is a keyword request, which unfortunately is stalled..
x86 stopped stabilization due to bug 661234.
amd64 stable
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2bdbc3641ed8e8b258f9e30ea802f3857ea63b1d commit 2bdbc3641ed8e8b258f9e30ea802f3857ea63b1d Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-07-20 08:03:33 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-07-20 08:07:33 +0000 app-antivirus/clamav: stable 0.100.1 for ia64, bug #660820 Bug: https://bugs.gentoo.org/660820 Package-Manager: Portage-2.3.43, Repoman-2.3.10 RepoMan-Options: --include-arches="ia64" app-antivirus/clamav/clamav-0.100.1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e234e68e65f6a7474e51654aeed8918e5d11c75f commit e234e68e65f6a7474e51654aeed8918e5d11c75f Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-07-20 07:59:38 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-07-20 08:07:22 +0000 dev-libs/libmspack: stable 0.6_alpha for ia64, bug #660820 Bug: https://bugs.gentoo.org/660820 Package-Manager: Portage-2.3.43, Repoman-2.3.10 RepoMan-Options: --include-arches="ia64" dev-libs/libmspack/libmspack-0.6_alpha.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=68cfe0ea0dc6d8ee0ddd7fc7151a561cef3f824c commit 68cfe0ea0dc6d8ee0ddd7fc7151a561cef3f824c Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-07-20 22:40:51 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-07-20 22:44:39 +0000 app-antivirus/clamav: stable 0.100.1 for ppc64, bug #660820 Bug: https://bugs.gentoo.org/660820 Package-Manager: Portage-2.3.43, Repoman-2.3.10 RepoMan-Options: --include-arches="ppc64" app-antivirus/clamav/clamav-0.100.1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9235dc0bc0d3cba5ccba3bf1f5b8c73a79a32952 commit 9235dc0bc0d3cba5ccba3bf1f5b8c73a79a32952 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-07-20 22:29:12 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-07-20 22:44:20 +0000 dev-libs/libmspack: stable 0.6_alpha for ppc64, bug #660820 Bug: https://bugs.gentoo.org/660820 Package-Manager: Portage-2.3.43, Repoman-2.3.10 RepoMan-Options: --include-arches="ppc64" dev-libs/libmspack/libmspack-0.6_alpha.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f192b116f17956ef87fea7c56908d5a2c42b8e6f commit f192b116f17956ef87fea7c56908d5a2c42b8e6f Author: Tobias Klausmann <klausman@gentoo.org> AuthorDate: 2018-10-18 11:44:01 +0000 Commit: Tobias Klausmann <klausman@gentoo.org> CommitDate: 2018-10-18 11:44:01 +0000 dev-libs/libmspack-0.6_alpha-r0: alpha stable Bug: http://bugs.gentoo.org/660820 Signed-off-by: Tobias Klausmann <klausman@gentoo.org> dev-libs/libmspack/libmspack-0.6_alpha.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=abe15f46c0b4269d84ed50db30be58b849253c3f commit abe15f46c0b4269d84ed50db30be58b849253c3f Author: Tobias Klausmann <klausman@gentoo.org> AuthorDate: 2018-10-18 11:44:01 +0000 Commit: Tobias Klausmann <klausman@gentoo.org> CommitDate: 2018-10-18 11:44:01 +0000 app-antivirus/clamav-0.100.1-r0: alpha stable Bug: http://bugs.gentoo.org/660820 Signed-off-by: Tobias Klausmann <klausman@gentoo.org> app-antivirus/clamav/clamav-0.100.1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Stable on alpha.
Looking good on ppc. Blocked packages are due to USE=libressl. 1 rdep fails tests (see bug #662896), the other one is just bug #661234. # cat clamav-660820.report USE tests started on Do 25. Okt 01:53:11 CEST 2018 FEATURES=' test' failed for =app-antivirus/clamav-0.100.1 USE='-bzip2 clamdtop doc -iconv ipv6 -libressl -metadata-analysis-api -milter -static-libs -system-libmspack' failed for =app-antivirus/clamav-0.100.1 USE='bzip2 clamdtop -doc -iconv -ipv6 libressl metadata-analysis-api -milter -static-libs -system-libmspack' : REQUIRED_USE not satisfied (probably) for =app-antivirus/clamav-0.100.1 USE='bzip2 -clamdtop -doc iconv -ipv6 libressl metadata-analysis-api -milter -static-libs -system-libmspack' : REQUIRED_USE not satisfied (probably) for =app-antivirus/clamav-0.100.1 USE='-bzip2 -clamdtop doc iconv -ipv6 libressl -metadata-analysis-api milter -static-libs -system-libmspack' : REQUIRED_USE not satisfied (probably) for =app-antivirus/clamav-0.100.1 USE='bzip2 clamdtop doc iconv ipv6 -libressl metadata-analysis-api milter -static-libs -system-libmspack' failed for =app-antivirus/clamav-0.100.1 USE='bzip2 clamdtop -doc iconv -ipv6 -libressl -metadata-analysis-api -milter static-libs -system-libmspack' failed for =app-antivirus/clamav-0.100.1 USE='-bzip2 -clamdtop doc -iconv -ipv6 libressl metadata-analysis-api milter static-libs -system-libmspack' : blocked packages (probably) for =app-antivirus/clamav-0.100.1 USE='bzip2 -clamdtop doc -iconv ipv6 -libressl metadata-analysis-api -milter -static-libs system-libmspack' succeeded for =app-antivirus/clamav-0.100.1 USE='bzip2 clamdtop -doc iconv ipv6 -libressl metadata-analysis-api -milter -static-libs system-libmspack' succeeded for =app-antivirus/clamav-0.100.1 USE='-bzip2 clamdtop doc -iconv -ipv6 libressl metadata-analysis-api -milter -static-libs system-libmspack' : REQUIRED_USE not satisfied (probably) for =app-antivirus/clamav-0.100.1 USE='-bzip2 -clamdtop -doc -iconv ipv6 libressl metadata-analysis-api -milter -static-libs system-libmspack' : REQUIRED_USE not satisfied (probably) for =app-antivirus/clamav-0.100.1 USE='-bzip2 clamdtop doc iconv -ipv6 libressl metadata-analysis-api milter -static-libs system-libmspack' : REQUIRED_USE not satisfied (probably) for =app-antivirus/clamav-0.100.1 FEATURES=' test' USE='' succeeded for =dev-libs/libmspack-0.6_alpha USE='-doc -static-libs -utils' succeeded for =dev-libs/libmspack-0.6_alpha USE='doc -static-libs -utils' succeeded for =dev-libs/libmspack-0.6_alpha USE='-doc static-libs -utils' succeeded for =dev-libs/libmspack-0.6_alpha USE='doc static-libs -utils' succeeded for =dev-libs/libmspack-0.6_alpha USE='-doc -static-libs utils' succeeded for =dev-libs/libmspack-0.6_alpha USE='doc -static-libs utils' succeeded for =dev-libs/libmspack-0.6_alpha USE='-doc static-libs utils' succeeded for =dev-libs/libmspack-0.6_alpha USE='doc static-libs utils' succeeded for =dev-libs/libmspack-0.6_alpha revdep tests started on Do 25. Okt 02:22:29 CEST 2018 FEATURES=' test' USE='clamav' succeeded for net-ftp/proftpd USE='clamav' FEATURES=' test' failed for net-mail/cyrus-imapd FEATURES=' test' failed for app-antivirus/clamav
ppc stable thanks to ernsteiswuerfel!
x86 stable
This issue was resolved and addressed in GLSA 201904-12 at https://security.gentoo.org/glsa/201904-12 by GLSA coordinator Aaron Bauman (b-man).
