There is new version.
*** Bug 355421 has been marked as a duplicate of this bug. ***
In the last days I worked on the ClamAV ebuild in my local overlay and I hope that these changes help to improve the ebuild in the portage tree. I will attach my clamav-0.97.ebuild (and a clamav-0.97-nls.patch) which has the following modifications:
** Do not install signatures anymore. This modification resolves problems while upgrading and reinstalling ClamAV. After upgrading from an older ebuild or installing a fresh install you have to manually download the newest signatures with /usr/bin/freshclam. Fixes Gentoo Bugs #336842 and #345965.
* Update ebuild to EAPI 4.
* Simplify ebuild for release candidates.
* Fix zlib dependency.
* Remove 'system set' dependencies for sys-apps/sed and sys-apps/grep. Mentioned in Gentoo Bug #345965.
* Remove unneeded 'ht_fix_file configure'.
* Install all bundled documentations.
* Remove old warning.
* Some stylistic changes.
Created attachment 263047 [details]
Created attachment 263049 [details, diff]
It is good to know something is eventually moving around the app-antivirus/clamav package. I would like to plaud to Bernd's efforts respect to this.
Hope this will result in a prompt availability of the 0.97 version to Gentoo users!
It may be a security issue according to http://comments.gmane.org/gmane.comp.security.oss.general/4227
Maintainers, please do the version bump.
CVE-2011-1003 assigned per http://www.openwall.com/lists/oss-security/2011/02/21/4.
Current stable portage (18.104.22.168) does not support EAPI4, does it means that we have to install unstable portage (and deps) to get the "possible" security fix in latest clamav ?
# emerge -va1 =app-antivirus/clamav-0.97
!!! One of the following masked packages is required to complete your request:
- app-antivirus/clamav-0.97 (masked by: EAPI 4)
That is of course unacceptable. Please provide an ebuild that is installable on stable gentoo.
(In reply to comment #10)
> That is of course unacceptable. Please provide an ebuild that is installable on
> stable gentoo.
Oops, sorry. I thought about that but it slipped my mind when committing the ebuild changes.
I reverted the ebuild in CVS back to EAPI 2 like the rest of the clamav ebuilds.
Secunia confirms the vulnerability: http://secunia.com/advisories/43392
Arches, please stabilize =app-antivirus/clamav-0.97
works on amd64
Tested on x86 also, looks good here!
Tested on SPARC, looks fine. clamscan works well.
(In reply to comment #16)
> Tested on SPARC, looks fine. clamscan works well.
Thanks. Stable for HPPA SPARC.
(In reply to comment #18)
> ppc done
you forgot to remove ppc from CC list :)
amd64 done. Thanks Agostino
Stable on alpha.
Thanks, everyone. Added to existing GLSA request.
Tahnks for new version.
Double free vulnerability in the vba_read_project_strings function in
vba_extract.c in libclamav in ClamAV before 0.97 might allow remote
attackers to execute arbitrary code via crafted Visual Basic for
Applications (VBA) data in a Microsoft Office document. NOTE: some of these
details are obtained from third party information.
Rerating B1 since clamav often runs in automated systems where it simply scans all email processed, i.e. no user action is required to be exploited.
This issue was resolved and addressed in
GLSA 201110-20 at http://security.gentoo.org/glsa/glsa-201110-20.xml
by GLSA coordinator Tim Sammut (underling).