diff --git a/clamav.spec b/clamav.spec index 4d4fb7e..89f6b9e 100644 --- a/clamav.spec +++ b/clamav.spec @@ -33,8 +33,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 0.103.8 -Release: 3%{?dist} +Version: 0.103.11 +Release: 2%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -49,16 +49,14 @@ Source0: %{name}-%{version}%{?prerelease}-norar.tar.xz #for server Source3: clamd.logrotate Source5: clamd-README -# To download the *.cvd, go to https://www.clamav.net and use the links -# there (I renamed the files to add the -version suffix for verifying). -# Check the first line of the file for version or run file *cvd -# Attention file < 5.33-7 have bugs see https://bugzilla.redhat.com/show_bug.cgi?id=1539107 +# To download the cvd file run update_clamav.sh 1 +# Need file >= 5.33-7 see https://bugzilla.redhat.com/show_bug.cgi?id=1539107 #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26818.cvd +Source11: daily-27075.cvd #http://database.clamav.net/bytecode.cvd -Source12: bytecode-333.cvd +Source12: bytecode-334.cvd #for update Source200: freshclam-sleep Source201: freshclam.sysconfig @@ -255,12 +253,12 @@ This package contains files which are needed to run the clamav-milter. # No longer support deprecated options in F32+ and EL8+ %if (0%{?fedora} && 0%{?fedora} < 32) || (0%{?rhel} && 0%{?rhel} < 8) -%patch0 -p1 -b .stats-deprecation +%patch -P0 -p1 -b .stats-deprecation %endif -%patch1 -p1 -b .default_confs -%patch2 -p1 -b .private -%patch5 -p1 -b .clamonacc-service -%patch6 -p1 -b .freshclam-service +%patch -P1 -p1 -b .default_confs +%patch -P2 -p1 -b .private +%patch -P5 -p1 -b .clamonacc-service +%patch -P6 -p1 -b .freshclam-service install -p -m0644 %{SOURCE300} clamav-milter/ @@ -590,6 +588,21 @@ test -e %{freshclamlog} || { %changelog +* Mon Mar 18 2024 Sérgio Basto - 0.103.11-2 +- (#1679375) fixes syntax error in /etc/logrotate.d/clamd.exim + +* Sun Oct 29 2023 Orion Poplawski - 0.103.11-1 +- Update to 0.103.11 + +* Thu Aug 31 2023 Sérgio Basto - 0.103.10-1 +- Update to 0.103.10 + +* Fri Aug 18 2023 Orion Poplawski - 0.103.9-1 +- Update to 0.103.9 CVE-2023-20197 (bz#2232508) + +* Fri Feb 24 2023 Sérgio Basto - 0.103.8-4 +- Update data files with help of Cisco-Talos/cvdupdate + * Mon Feb 20 2023 Orion Poplawski - 0.103.8-3 - Fix daily.cvd file diff --git a/clamd.logrotate b/clamd.logrotate index 45dc48d..dde4e44 100644 --- a/clamd.logrotate +++ b/clamd.logrotate @@ -4,6 +4,6 @@ missingok postrotate - pkill -u -HUP -f '/usr/sbin/clamd -c /etc/clamd.d/.conf >/dev/null 2>&1 || : + pkill -u -HUP -f "/usr/sbin/clamd -c /etc/clamd.d/.conf" >/dev/null 2>&1 || : endscript } diff --git a/sources b/sources index 89cd53d..fe684f4 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-0.103.8-norar.tar.xz) = ce27f7fe133f73af43a28483f5e9ae8562c6ea964761ac5a1f7950f11ebb6d3ee8e84cd30f63c1f1152a8a361ba81c58227dbd07a8de9b5a00e354e9137754b2 +SHA512 (clamav-0.103.11-norar.tar.xz) = a215a48be417d351353babf8a54778f35a2ce88c8b90431f983d890a1cfa19715896bab7655c5fa50961997861884a09193e1a0da76dc22817b9b144b400778f SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07 -SHA512 (daily-26818.cvd) = d817c34c4f3576e2752f9eb5b438d0dd040f2084c3c855b5c91ba083abfc8ef58f5426d48917a37b0b22324bd38670d641a00051cec86324ed4453b88dc980e4 +SHA512 (daily-27075.cvd) = 4cc826f58a45ceb28faba4bf7dd9f8c5ec47f5c0467e73c70d76f415ba3e36cb8585c8924fad59e8818a6e33499744e04378adc27abcca018d2b5ece4cd6a52f +SHA512 (bytecode-334.cvd) = 83478af4e097b4b3fe136c943d3dd018f3e678c6859873dc1aef527db40a018b77439be2113ac251dfb797074ef8c201336570c3fe03c7ac507d5b94ab6d61c9 diff --git a/update_clamav.sh b/update_clamav.sh index ed3da17..aaf9897 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,5 +1,6 @@ -VERSION=0.103.8 -REPOS="f36 f35 epel9 epel8 epel7" +# this script is to run on branch f37 +VERSION=0.103.11 +REPOS="epel8 epel7" if [ -z "$1" ] then @@ -14,8 +15,8 @@ TARBALL=${NAME}-${VERSION}.tar.gz echo "Usage: $0 stage" echo "stage 0: prepare sources" -echo "stage 1: get cvd (not working at all) the donwload needs to be done manually" -echo "stage 2: upload sources and ask for scratch build" +echo "stage 1: get cvd using cvdupdate https://pypi.org/project/cvdupdate/" +echo "stage 2: ask for scratch build and upload sources" echo "stage 3: push and build on rawhide" echo "stage 4: build on others branches" echo "" @@ -23,22 +24,28 @@ echo "" if test $stage -le 0 then echo STAGE 0 -echo Press enter to prepare sources or n to skip ; read dummy; +echo Press enter to prepare sources and bump version or n to skip ; read dummy; if [[ "$dummy" != "n" ]]; then wget -c https://www.clamav.net/downloads/production/${TARBALL} wget -c https://www.clamav.net/downloads/production/${TARBALL}.sig gpg --verify ${TARBALL}.sig ${TARBALL} zcat ${TARBALL} | tar --delete -f - '*/libclamunrar/*' | xz -c > ${TARBALL_CLEAN} +git checkout f37 +git pull +rpmdev-bumpspec -n $VERSION -c "Update to $VERSION" clamav.spec fi fi -# WIP clouflare don't allow wget we need download with browser -#wget https://database.clamav.net/main.cvd -#wget https://database.clamav.net/daily.cvd -#wget https://database.clamav.net/bytecode.cvd +#python3 -m pip install --user cvdupdate +#python -m cvdupdate.cvdupdate --help +cvd config set --dbdir my_dbs +cvdupdate list +cvdupdate update +pushd my_dbs main_ver=$(file main.cvd | sed -e 's/.*version /main-/;s/,.*/.cvd/') daily_ver=$(file daily.cvd | sed -e 's/.*version /daily-/;s/,.*/.cvd/') bytecode_ver=$(file bytecode.cvd | sed -e 's/.*version /bytecode-/;s/,.*/.cvd/') +popd if test $stage -le 1 then @@ -46,9 +53,11 @@ echo STAGE 1 echo Press enter convert cvd into spec or n to skip ; read dummy; if [[ "$dummy" != "n" ]]; then -cp -f main.cvd $main_ver -cp -f daily.cvd $daily_ver -cp -f bytecode.cvd $bytecode_ver +pushd my_dbs +cp -f main.cvd ../$main_ver +cp -f daily.cvd ../$daily_ver +cp -f bytecode.cvd ../$bytecode_ver +popd sed -i "s|^Source10: .*|Source10: $main_ver|" clamav.spec sed -i "s|^Source11: .*|Source11: $daily_ver|" clamav.spec @@ -59,8 +68,6 @@ fi if test $stage -le 2 then echo STAGE 2 -rpmdev-bumpspec -n $VERSION -c "Update to $VERSION" clamav.spec -echo fedpkg new-sources ${TARBALL_CLEAN} $main_ver $daily_ver $bytecode_ver echo Press enter scratch-build or n to skip ; read dummy; if [[ "$dummy" != "n" ]]; then #fkinit -u sergiomb @@ -68,6 +75,7 @@ fedpkg scratch-build --srpm fi echo Press enter to upload sources and commit or n to skip; read dummy; if [[ "$dummy" != "n" ]]; then +echo fedpkg new-sources ${TARBALL_CLEAN} $main_ver $daily_ver $bytecode_ver fedpkg new-sources ${TARBALL_CLEAN} $(spectool -l clamav.spec | grep -P "Source10|Source11|Source12" | sed 's/.* //') fedpkg ci -c && git show fi @@ -76,7 +84,7 @@ fi if test $stage -le 3 then echo STAGE 3 -echo Press enter to build rawhide or n to skip; read dummy; +echo Press enter to build f37 or n to skip; read dummy; if [[ "$dummy" != "n" ]]; then git push && fedpkg build --nowait fi @@ -86,7 +94,7 @@ echo STAGE 4 for repo in $REPOS ; do echo Press enter to build on branch $repo or n to skip; read dummy; if [[ "$dummy" != "n" ]]; then -git checkout $repo && git merge rawhide && fedpkg push && fedpkg build --nowait; git checkout rawhide +git checkout $repo && git merge f37 && fedpkg push && fedpkg build --nowait; git checkout f37 fi done