From d576c80e70aef1d5df3e555645ff3b280847bbf3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Fri, 24 Feb 2023 22:00:16 +0000 Subject: [PATCH 1/4] Update data files with help of Cisco-Talos/cvdupdate --- clamav.spec | 9 ++++++--- update_clamav.sh | 19 ++++++++++++------- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/clamav.spec b/clamav.spec index 4d4fb7e..66f1c28 100644 --- a/clamav.spec +++ b/clamav.spec @@ -34,7 +34,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.103.8 -Release: 3%{?dist} +Release: 4%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -56,9 +56,9 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26818.cvd +Source11: daily-26822.cvd #http://database.clamav.net/bytecode.cvd -Source12: bytecode-333.cvd +Source12: bytecode-334.cvd #for update Source200: freshclam-sleep Source201: freshclam.sysconfig @@ -590,6 +590,9 @@ test -e %{freshclamlog} || { %changelog +* Fri Feb 24 2023 Sérgio Basto - 0.103.8-4 +- Update data files with help of Cisco-Talos/cvdupdate + * Mon Feb 20 2023 Orion Poplawski - 0.103.8-3 - Fix daily.cvd file diff --git a/update_clamav.sh b/update_clamav.sh index ed3da17..48fc3d4 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -32,13 +32,16 @@ zcat ${TARBALL} | tar --delete -f - '*/libclamunrar/*' | xz -c > ${TARBALL_CLEAN fi fi -# WIP clouflare don't allow wget we need download with browser -#wget https://database.clamav.net/main.cvd -#wget https://database.clamav.net/daily.cvd -#wget https://database.clamav.net/bytecode.cvd +#python3 -m pip install --user cvdupdate +#python -m cvdupdate.cvdupdate --help +cvd config set --dbdir my_dbs +cvdupdate list +cvdupdate update +pushd my_dbs main_ver=$(file main.cvd | sed -e 's/.*version /main-/;s/,.*/.cvd/') daily_ver=$(file daily.cvd | sed -e 's/.*version /daily-/;s/,.*/.cvd/') bytecode_ver=$(file bytecode.cvd | sed -e 's/.*version /bytecode-/;s/,.*/.cvd/') +popd if test $stage -le 1 then @@ -46,9 +49,11 @@ echo STAGE 1 echo Press enter convert cvd into spec or n to skip ; read dummy; if [[ "$dummy" != "n" ]]; then -cp -f main.cvd $main_ver -cp -f daily.cvd $daily_ver -cp -f bytecode.cvd $bytecode_ver +pushd my_dbs +cp -f main.cvd ../$main_ver +cp -f daily.cvd ../$daily_ver +cp -f bytecode.cvd ../$bytecode_ver +popd sed -i "s|^Source10: .*|Source10: $main_ver|" clamav.spec sed -i "s|^Source11: .*|Source11: $daily_ver|" clamav.spec From 81faadcf034bb59af66437801888644afdf06344 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 17 Aug 2023 22:36:40 -0600 Subject: [PATCH 2/4] Update to 0.103.9 CVE-2023-20197 (bz#2232508) --- clamav.spec | 9 ++++++--- sources | 6 +++--- update_clamav.sh | 4 ++-- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/clamav.spec b/clamav.spec index 66f1c28..0a9738b 100644 --- a/clamav.spec +++ b/clamav.spec @@ -33,8 +33,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 0.103.8 -Release: 4%{?dist} +Version: 0.103.9 +Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -56,7 +56,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26822.cvd +Source11: daily-26894.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-334.cvd #for update @@ -590,6 +590,9 @@ test -e %{freshclamlog} || { %changelog +* Fri Aug 18 2023 Orion Poplawski - 0.103.9-1 +- Update to 0.103.9 CVE-2023-20197 (bz#2232508) + * Fri Feb 24 2023 Sérgio Basto - 0.103.8-4 - Update data files with help of Cisco-Talos/cvdupdate diff --git a/sources b/sources index 89cd53d..1227090 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-0.103.8-norar.tar.xz) = ce27f7fe133f73af43a28483f5e9ae8562c6ea964761ac5a1f7950f11ebb6d3ee8e84cd30f63c1f1152a8a361ba81c58227dbd07a8de9b5a00e354e9137754b2 +SHA512 (clamav-0.103.9-norar.tar.xz) = a01351fce28a52334d0edf0595f8ad81ac4cbb05d376c892824e41094e6851a3a11187f4582bce9ea9a18bc7e26dfaee88cf6c1422fb3aa7d90655426fc1d192 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07 -SHA512 (daily-26818.cvd) = d817c34c4f3576e2752f9eb5b438d0dd040f2084c3c855b5c91ba083abfc8ef58f5426d48917a37b0b22324bd38670d641a00051cec86324ed4453b88dc980e4 +SHA512 (daily-26894.cvd) = 947f4172f2c9eaa13f29487e966e7d4793f861c0f135290589d2ca8ede5a9724146ef50eced817d2eda722a8bb0d01bd8c303a448678a0a894ca92b7535f8245 +SHA512 (bytecode-334.cvd) = 83478af4e097b4b3fe136c943d3dd018f3e678c6859873dc1aef527db40a018b77439be2113ac251dfb797074ef8c201336570c3fe03c7ac507d5b94ab6d61c9 diff --git a/update_clamav.sh b/update_clamav.sh index 48fc3d4..a9b9345 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,5 +1,5 @@ -VERSION=0.103.8 -REPOS="f36 f35 epel9 epel8 epel7" +VERSION=0.103.9 +REPOS="epel8 epel7" if [ -z "$1" ] then From 94624e24370b719d784c78b4c3b97b38b65c7c05 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Thu, 31 Aug 2023 12:26:23 +0100 Subject: [PATCH 3/4] Update to 0.103.10 --- clamav.spec | 23 ++++++++++++----------- sources | 4 ++-- update_clamav.sh | 19 +++++++++++-------- 3 files changed, 25 insertions(+), 21 deletions(-) diff --git a/clamav.spec b/clamav.spec index 0a9738b..d28cd20 100644 --- a/clamav.spec +++ b/clamav.spec @@ -33,7 +33,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 0.103.9 +Version: 0.103.10 Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ @@ -49,14 +49,12 @@ Source0: %{name}-%{version}%{?prerelease}-norar.tar.xz #for server Source3: clamd.logrotate Source5: clamd-README -# To download the *.cvd, go to https://www.clamav.net and use the links -# there (I renamed the files to add the -version suffix for verifying). -# Check the first line of the file for version or run file *cvd -# Attention file < 5.33-7 have bugs see https://bugzilla.redhat.com/show_bug.cgi?id=1539107 +# To download the cvd file run update_clamav.sh 1 +# Need file >= 5.33-7 see https://bugzilla.redhat.com/show_bug.cgi?id=1539107 #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26894.cvd +Source11: daily-27017.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-334.cvd #for update @@ -255,12 +253,12 @@ This package contains files which are needed to run the clamav-milter. # No longer support deprecated options in F32+ and EL8+ %if (0%{?fedora} && 0%{?fedora} < 32) || (0%{?rhel} && 0%{?rhel} < 8) -%patch0 -p1 -b .stats-deprecation +%patch -P0 -p1 -b .stats-deprecation %endif -%patch1 -p1 -b .default_confs -%patch2 -p1 -b .private -%patch5 -p1 -b .clamonacc-service -%patch6 -p1 -b .freshclam-service +%patch -P1 -p1 -b .default_confs +%patch -P2 -p1 -b .private +%patch -P5 -p1 -b .clamonacc-service +%patch -P6 -p1 -b .freshclam-service install -p -m0644 %{SOURCE300} clamav-milter/ @@ -590,6 +588,9 @@ test -e %{freshclamlog} || { %changelog +* Thu Aug 31 2023 Sérgio Basto - 0.103.10-1 +- Update to 0.103.10 + * Fri Aug 18 2023 Orion Poplawski - 0.103.9-1 - Update to 0.103.9 CVE-2023-20197 (bz#2232508) diff --git a/sources b/sources index 1227090..5e25d34 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-0.103.9-norar.tar.xz) = a01351fce28a52334d0edf0595f8ad81ac4cbb05d376c892824e41094e6851a3a11187f4582bce9ea9a18bc7e26dfaee88cf6c1422fb3aa7d90655426fc1d192 +SHA512 (clamav-0.103.10-norar.tar.xz) = e1474a04e8f71afa7c9a25882c3197b9cd7e30e5ea41268806ab956fc6d493008c0c43e04ae27c098180797b65a013330ce87e7df895092fd5fe9e3587876d9b SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-26894.cvd) = 947f4172f2c9eaa13f29487e966e7d4793f861c0f135290589d2ca8ede5a9724146ef50eced817d2eda722a8bb0d01bd8c303a448678a0a894ca92b7535f8245 +SHA512 (daily-27017.cvd) = 7b8d79ff89b0a1c9dbbe1d5f7fc0b6a9b242d3d99a76ff0cd2aed2d2fbc983d894dd75fcce724a1c00450d99ba6d3093258c2513edc5e974caa161f8226898fd SHA512 (bytecode-334.cvd) = 83478af4e097b4b3fe136c943d3dd018f3e678c6859873dc1aef527db40a018b77439be2113ac251dfb797074ef8c201336570c3fe03c7ac507d5b94ab6d61c9 diff --git a/update_clamav.sh b/update_clamav.sh index a9b9345..8affc84 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,4 +1,5 @@ -VERSION=0.103.9 +# this script is to run on branch f37 +VERSION=0.103.10 REPOS="epel8 epel7" if [ -z "$1" ] @@ -14,8 +15,8 @@ TARBALL=${NAME}-${VERSION}.tar.gz echo "Usage: $0 stage" echo "stage 0: prepare sources" -echo "stage 1: get cvd (not working at all) the donwload needs to be done manually" -echo "stage 2: upload sources and ask for scratch build" +echo "stage 1: get cvd using cvdupdate https://pypi.org/project/cvdupdate/" +echo "stage 2: ask for scratch build and upload sources" echo "stage 3: push and build on rawhide" echo "stage 4: build on others branches" echo "" @@ -23,12 +24,15 @@ echo "" if test $stage -le 0 then echo STAGE 0 -echo Press enter to prepare sources or n to skip ; read dummy; +echo Press enter to prepare sources and bump version or n to skip ; read dummy; if [[ "$dummy" != "n" ]]; then wget -c https://www.clamav.net/downloads/production/${TARBALL} wget -c https://www.clamav.net/downloads/production/${TARBALL}.sig gpg --verify ${TARBALL}.sig ${TARBALL} zcat ${TARBALL} | tar --delete -f - '*/libclamunrar/*' | xz -c > ${TARBALL_CLEAN} +git checkout f37 +git pull +rpmdev-bumpspec -n $VERSION -c "Update to $VERSION" clamav.spec fi fi @@ -64,8 +68,6 @@ fi if test $stage -le 2 then echo STAGE 2 -rpmdev-bumpspec -n $VERSION -c "Update to $VERSION" clamav.spec -echo fedpkg new-sources ${TARBALL_CLEAN} $main_ver $daily_ver $bytecode_ver echo Press enter scratch-build or n to skip ; read dummy; if [[ "$dummy" != "n" ]]; then #fkinit -u sergiomb @@ -73,6 +75,7 @@ fedpkg scratch-build --srpm fi echo Press enter to upload sources and commit or n to skip; read dummy; if [[ "$dummy" != "n" ]]; then +echo fedpkg new-sources ${TARBALL_CLEAN} $main_ver $daily_ver $bytecode_ver fedpkg new-sources ${TARBALL_CLEAN} $(spectool -l clamav.spec | grep -P "Source10|Source11|Source12" | sed 's/.* //') fedpkg ci -c && git show fi @@ -81,7 +84,7 @@ fi if test $stage -le 3 then echo STAGE 3 -echo Press enter to build rawhide or n to skip; read dummy; +echo Press enter to build f37 or n to skip; read dummy; if [[ "$dummy" != "n" ]]; then git push && fedpkg build --nowait fi @@ -91,7 +94,7 @@ echo STAGE 4 for repo in $REPOS ; do echo Press enter to build on branch $repo or n to skip; read dummy; if [[ "$dummy" != "n" ]]; then -git checkout $repo && git merge rawhide && fedpkg push && fedpkg build --nowait; git checkout rawhide +git checkout $repo && git merge f37 && fedpkg push && fedpkg build --nowait; git checkout f37 fi done From 78d93c2ea408b6655ed60142b823dfa70e7ea013 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 29 Oct 2023 09:30:35 -0600 Subject: [PATCH 4/4] Update to 0.103.11 --- clamav.spec | 7 +++++-- sources | 4 ++-- update_clamav.sh | 2 +- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/clamav.spec b/clamav.spec index d28cd20..bc8d2d7 100644 --- a/clamav.spec +++ b/clamav.spec @@ -33,7 +33,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 0.103.10 +Version: 0.103.11 Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ @@ -54,7 +54,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-27017.cvd +Source11: daily-27075.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-334.cvd #for update @@ -588,6 +588,9 @@ test -e %{freshclamlog} || { %changelog +* Sun Oct 29 2023 Orion Poplawski - 0.103.11-1 +- Update to 0.103.11 + * Thu Aug 31 2023 Sérgio Basto - 0.103.10-1 - Update to 0.103.10 diff --git a/sources b/sources index 5e25d34..fe684f4 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-0.103.10-norar.tar.xz) = e1474a04e8f71afa7c9a25882c3197b9cd7e30e5ea41268806ab956fc6d493008c0c43e04ae27c098180797b65a013330ce87e7df895092fd5fe9e3587876d9b +SHA512 (clamav-0.103.11-norar.tar.xz) = a215a48be417d351353babf8a54778f35a2ce88c8b90431f983d890a1cfa19715896bab7655c5fa50961997861884a09193e1a0da76dc22817b9b144b400778f SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-27017.cvd) = 7b8d79ff89b0a1c9dbbe1d5f7fc0b6a9b242d3d99a76ff0cd2aed2d2fbc983d894dd75fcce724a1c00450d99ba6d3093258c2513edc5e974caa161f8226898fd +SHA512 (daily-27075.cvd) = 4cc826f58a45ceb28faba4bf7dd9f8c5ec47f5c0467e73c70d76f415ba3e36cb8585c8924fad59e8818a6e33499744e04378adc27abcca018d2b5ece4cd6a52f SHA512 (bytecode-334.cvd) = 83478af4e097b4b3fe136c943d3dd018f3e678c6859873dc1aef527db40a018b77439be2113ac251dfb797074ef8c201336570c3fe03c7ac507d5b94ab6d61c9 diff --git a/update_clamav.sh b/update_clamav.sh index 8affc84..aaf9897 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,5 +1,5 @@ # this script is to run on branch f37 -VERSION=0.103.10 +VERSION=0.103.11 REPOS="epel8 epel7" if [ -z "$1" ]