From bd3af06ca996551e4ba6137cc27859af56bdb05e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Mon, 27 Dec 2021 01:40:52 +0000 Subject: [PATCH 01/72] minor fixes --- clamav.spec | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/clamav.spec b/clamav.spec index 8ee8428..4e5dacb 100644 --- a/clamav.spec +++ b/clamav.spec @@ -38,13 +38,13 @@ Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} -Source0: https://www.clamav.net/downloads/production/%name-%version%{?prerelease}.tar.gz -Source999: https://www.clamav.net/downloads/production/%name-%version%{?prerelease}.tar.gz.sig +Source0: https://www.clamav.net/downloads/production/%{name}-%{version}%{?prerelease}.tar.gz +Source999: https://www.clamav.net/downloads/production/%{name}-%{version}%{?prerelease}.tar.gz.sig %else # Unfortunately, clamav includes support for RAR v3, derived from GPL # incompatible unrar from RARlabs. We have to pull this code out. # tarball was created with update_clamav.sh -Source0: %name-%version%{?prerelease}-norar.tar.xz +Source0: %{name}-%{version}%{?prerelease}-norar.tar.xz %endif #for server Source3: clamd.logrotate @@ -92,6 +92,7 @@ BuildRequires: automake BuildRequires: gettext-devel BuildRequires: libtool BuildRequires: libtool-ltdl-devel +BuildRequires: make BuildRequires: gcc-c++ BuildRequires: bzip2-devel BuildRequires: curl-devel @@ -100,7 +101,8 @@ BuildRequires: json-c-devel BuildRequires: libprelude-devel # libprelude-config --libs brings in gnutls, pcre # https://bugzilla.redhat.com/show_bug.cgi?id=1830473 -BuildRequires: gnutls-devel pcre-devel +BuildRequires: gnutls-devel +BuildRequires: pcre-devel BuildRequires: libxml2-devel BuildRequires: ncurses-devel BuildRequires: openssl-devel @@ -118,7 +120,6 @@ BuildRequires: nc BuildRequires: systemd-devel #for milter BuildRequires: sendmail-devel -BuildRequires: make Requires: clamav-filesystem = %{version}-%{release} Requires: clamav-lib = %{version}-%{release} From 02b701c4eb9588206123ab030828d0c93fe55e6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Fri, 14 Jan 2022 10:55:07 +0000 Subject: [PATCH 02/72] Update to 0.103.5 --- clamav.spec | 7 +++++-- sources | 4 ++-- update_clamav.sh | 27 +++++++++++++++++++++------ 3 files changed, 28 insertions(+), 10 deletions(-) diff --git a/clamav.spec b/clamav.spec index 4e5dacb..0e01a02 100644 --- a/clamav.spec +++ b/clamav.spec @@ -33,7 +33,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 0.103.4 +Version: 0.103.5 Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ @@ -56,7 +56,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26345.cvd +Source11: daily-26420.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-333.cvd #for update @@ -579,6 +579,9 @@ test -e %{freshclamlog} || { %changelog +* Thu Jan 13 2022 Sérgio Basto - 0.103.5-1 +- Update to 0.103.5 + * Sun Nov 07 2021 Sérgio Basto - 0.103.4-1 - Update to 0.103.4 diff --git a/sources b/sources index 5d699b4..c04039f 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-0.103.4-norar.tar.xz) = bcdb1cc1f5dd1d4a881156e0e2b3a4662a0a67fe944ae1ebae149980149cd14a512d5364fcbdf6d9aa2f4cd843a225057fe044c2fd58bf255fe1fd3fe6422c1e +SHA512 (clamav-0.103.5-norar.tar.xz) = 90a725c3372dd309cd561934030a50fddd451f1e8d5ab525939e381d6f525a8f46cca40948c59ac0ab884a25bfb17dc526c5726419e8b7eb0c4f1aef47793317 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-26345.cvd) = 7a7d004fa26a33b4b46a9ee09fb390865e32f9d746a42fa12d9a2143c2eb1006294ccf758ed1daed7c7e8b826f013e5da020eb271e291b21c3b1ff5ffc71401c +SHA512 (daily-26420.cvd) = c368cc0b9c6e9c1b401f184840178515e37619aaae088edc0bf8d5e403c5c1f49768b987de37fc2e17cd3254f2d1d4e32e4dfb4443889aec512e634775b65423 SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07 diff --git a/update_clamav.sh b/update_clamav.sh index 7c41351..460e040 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,17 +1,31 @@ -VERSION=0.103.4 +VERSION=0.103.5 + +if [ -z "$1" ] +then + stage=0 +else + stage=$1 +fi + NAME=clamav TARBALL_CLEAN=${NAME}-${VERSION}-norar.tar.xz TARBALL=${NAME}-${VERSION}.tar.gz +if test $stage -le 0 +then +echo STAGE 0 wget -c https://www.clamav.net/downloads/production/${TARBALL} wget -c https://www.clamav.net/downloads/production/${TARBALL}.sig gpg --verify ${TARBALL}.sig ${TARBALL} zcat ${TARBALL} | tar --delete -f - '*/libclamunrar/*' | xz -c > ${TARBALL_CLEAN} +fi +echo Press enter convert cvd into spec or n to skip ; read dummy; +if [[ "$dummy" != "n" ]]; then # WIP clouflare don't allow wget we need download with browser -#wget http://database.clamav.net/main.cvd -#get http://database.clamav.net/daily.cvd -#get http://database.clamav.net/bytecode.cvd +#wget https://database.clamav.net/main.cvd +#wget https://database.clamav.net/daily.cvd +#wget https://database.clamav.net/bytecode.cvd main_ver=$(file main.cvd | sed -e 's/.*version /main-/;s/,.*/.cvd/') daily_ver=$(file daily.cvd | sed -e 's/.*version /daily-/;s/,.*/.cvd/') @@ -24,6 +38,7 @@ cp -f bytecode.cvd $bytecode_ver sed -i "s|^Source10: .*|Source10: $main_ver|" clamav.spec sed -i "s|^Source11: .*|Source11: $daily_ver|" clamav.spec sed -i "s|^Source12: .*|Source12: $bytecode_ver|" clamav.spec +fi rpmdev-bumpspec -n $VERSION -c "Update to $VERSION" clamav.spec echo fedpkg new-sources ${TARBALL_CLEAN} $main_ver $daily_ver $bytecode_ver @@ -33,13 +48,13 @@ if [[ "$dummy" != "n" ]]; then fedpkg scratch-build --srpm fi echo Press enter to upload sources and commit ; read dummy; -fedpkg new-sources ${TARBALL_CLEAN} $main_ver $daily_ver $bytecode_ver +fedpkg new-sources ${TARBALL_CLEAN} $(spectool -l clamav.spec | grep -P "Source10|Source11|Source12" | sed 's/.* //') fedpkg ci -c && git show echo Press enter to build rawhide; read dummy; git push && fedpkg build --nowait -for repo in "f35 f34 f33 epel8-playground epel8 epel7" ; do +for repo in "f35 f34 epel8 epel7" ; do echo Press enter to build on branch $repo; read dummy; git checkout $repo && git merge rawhide && fedpkg push && fedpkg build --nowait; git checkout rawhide done From 08f7394c1159da92fe5a1d78e6496cf336651f51 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 19 Jan 2022 23:16:39 +0000 Subject: [PATCH 03/72] - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- clamav.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 0e01a02..6805952 100644 --- a/clamav.spec +++ b/clamav.spec @@ -34,7 +34,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.103.5 -Release: 1%{?dist} +Release: 2%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -579,6 +579,9 @@ test -e %{freshclamlog} || { %changelog +* Wed Jan 19 2022 Fedora Release Engineering - 0.103.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + * Thu Jan 13 2022 Sérgio Basto - 0.103.5-1 - Update to 0.103.5 From 6aa8a08ff209c23d0f544d16e6c7122bec6bcf58 Mon Sep 17 00:00:00 2001 From: Troy Dawson Date: Mon, 31 Jan 2022 09:19:11 -0800 Subject: [PATCH 04/72] epel8-playground decommissioned : https://pagure.io/epel/issue/136 --- .gitignore | 4 - ChangeLog-rpm.old | 279 ------- README.fedora | 118 --- clamav-0.99-private.patch | 27 - clamav-check.patch | 12 - clamav-clamonacc-service.patch | 20 - clamav-default_confs.patch | 87 -- clamav-freshclam.service.patch | 17 - clamav-milter.systemd | 25 - clamav-stats-deprecation.patch | 17 - clamav-update.crond | 6 - clamav-update.logrotate | 8 - clamav.spec | 1368 -------------------------------- clamd-README | 86 -- clamd.logrotate | 9 - clamd@.service | 15 - dead.package | 1 + freshclam-sleep | 52 -- freshclam.sysconfig | 18 - sources | 4 - update_clamav.sh | 53 -- 21 files changed, 1 insertion(+), 2225 deletions(-) delete mode 100644 .gitignore delete mode 100644 ChangeLog-rpm.old delete mode 100644 README.fedora delete mode 100644 clamav-0.99-private.patch delete mode 100644 clamav-check.patch delete mode 100644 clamav-clamonacc-service.patch delete mode 100644 clamav-default_confs.patch delete mode 100644 clamav-freshclam.service.patch delete mode 100644 clamav-milter.systemd delete mode 100644 clamav-stats-deprecation.patch delete mode 100644 clamav-update.crond delete mode 100644 clamav-update.logrotate delete mode 100644 clamav.spec delete mode 100644 clamd-README delete mode 100644 clamd.logrotate delete mode 100644 clamd@.service create mode 100644 dead.package delete mode 100755 freshclam-sleep delete mode 100644 freshclam.sysconfig delete mode 100644 sources delete mode 100755 update_clamav.sh diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 7ed1b8e..0000000 --- a/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -/clamav-*-norar.tar.xz -/main*.cvd -/daily*.cvd -/bytecode*.cvd diff --git a/ChangeLog-rpm.old b/ChangeLog-rpm.old deleted file mode 100644 index 44c8556..0000000 --- a/ChangeLog-rpm.old +++ /dev/null @@ -1,279 +0,0 @@ -* Tue Dec 12 2006 Enrico Scholz - 0.88.7-1 -- updated to 0.88.7 - -* Sun Nov 5 2006 Enrico Scholz - 0.88.6-1 -- updated to 0.88.6 - -* Wed Oct 18 2006 Enrico Scholz - 0.88.5-1 -- updated to 0.88.5 (SECURITY); fixes CVE-2006-4182, CVE-2006-5295 -- added patch to set '__attribute__ ((visibility("hidden")))' for - exported MD5_*() functions (fixes #202043) - -* Thu Oct 05 2006 Christian Iseli 0.88.4-4 - - rebuilt for unwind info generation, broken in gcc-4.1.1-21 - -* Thu Sep 21 2006 Enrico Scholz - 0.88.4-3 -- splitted SysV initscripts of -milter and -server into own subpackages - -* Fri Sep 15 2006 Enrico Scholz - 0.88.4-2 -- rebuilt - -* Tue Aug 8 2006 Enrico Scholz - 0.88.4-1 -- updated to 0.88.4 (SECURITY) - -* Wed Jul 12 2006 Enrico Scholz -- removed the clamdscan(1) manpage from the -server subpackage - -* Sat Jul 8 2006 Enrico Scholz -- removed a superfluous '}' -- removed some code which was relevant for FC-3 only - -* Sat Jul 8 2006 Enrico Scholz - 0.88.3-1 -- updated to 0.88.3 -- updated to new fedora-usermgmt macros - -* Tue May 16 2006 Enrico Scholz - 0.88.2-2 -- cleanups: removed unneeded curlies, use plain command instead of - %%__XXX macro, whitespace cleanup, removed unneeded versioned - dependencies -- added a 'Requires(post): group(clamav)' dependencies for -update and - added the corresponding Provides: to -data -- removed the %%_without_milter conditional; you won't gain anything - when milter would be disabled at buildtime - -* Sun Apr 30 2006 Enrico Scholz - 0.88.2-1 -- updated to 0.88.2 (SECURITY) -- rediffed patches; most issues handled by 0.88.1-2 are fixed in - 0.88.2 - -* Mon Apr 24 2006 Enrico Scholz - 0.88.1-2 -- added patch which fixes some classes of compiler warnings; at least - the using of implicitly declared functions was reported to cause - segfaults on AMD64 (brought to my attention by Marc Perkel) -- added patch which fixes wrong usage of strncpy(3) in unrarlib.c - -* Thu Apr 06 2006 Enrico Scholz - 0.88.1-1 -- updated to 0.88.1 (SECURITY) - -* Sat Feb 18 2006 Enrico Scholz - 0.88-2 -- rebuilt for FC5 - -* Tue Jan 10 2006 Enrico Scholz - 0.88-1 -- updated to 0.88 -- added pseudo-versions for the 'init(...)' provides as a first step - for the support of alternative initmethods - -* Tue Nov 15 2005 Enrico Scholz - 0.87.1-2 -- moved 'freshclam.conf.5' man page into the -update subpackage (#173221) -- ship 'clamd.conf.5' man page in the -server subpackage *too*. The - same file is contained in multiple packages now, but this man-page - can not be removed from the base package because it also applies to - 'clamdscan' there (#173221). - -* Fri Nov 4 2005 Enrico Scholz - 0.87.1-1 -- updated to 0.87.1 - -* Sat Sep 17 2005 Enrico Scholz - 0.87-1 -- updated to 0.87 (SECURITY) -- removed -timeout patch; it is solved upstream -- reverted the -exim changes; they add yet more complexity, their - functionality can go into an own package and they contained flaws - -* Fri Sep 9 2005 David Woodhouse - 0.86.2-5 -- Add clamav-exim configuration package - -* Fri Jul 29 2005 Enrico Scholz - 0.86.2-4 -- [milter] create the milter-logfile in the %%post scriptlet -- [milter] reverted the change of the default child_timeout value; it - was set to 5 minutes in 0.86.2 which conflicts with the internal - mode where a timeout must not be set. So, the clamav-milter would - not run with the default configuration - -* Thu Jul 28 2005 Enrico Scholz - 0.86.2-3 -- Fixed calculation of sleep duration; on some systems/IPs, `hostid` - results in a negative number which is retained by the bash - modulo-operation. So the sleep may get a negative number of seconds - being interpreted as an option. This version makes sure that the - module-operations returns a non-negative value. [BZ #164494, James - Wilkinson] -- added support for a /usr/sbin/clamav-notify-servers.local hook; this - file will be executed (source'd) before all other actions and can - abort the entire processing by invoking 'exit' - -* Mon Jul 25 2005 Enrico Scholz - 0.86.2-2 -- updated to 0.86.2 (SECURITY) -- changed the freshclam updating mechanism (again); now, it consists - of a crontab which does not need to be changed and a helper script - (freshclam-sleep). This helper script is configured by - /etc/sysconfig/freshclam - -* Sat Jun 25 2005 Enrico Scholz - 0.86.1-2 -- updated to 0.86.1 -- fixed randomization in %%post scriptlet: hour should be a range but - not a single number - -* Tue Jun 21 2005 Enrico Scholz - 0.86-1 -- updated to 0.86 -- randomize freshclam startup times in -update's %%post script (suggested - by Stephen Smoogen); this requires some more Requires(post): also - -* Wed May 18 2005 Warren Togami - 0.85.1-4 -- fix dist tagging the way Enrico wants it - -* Tue May 17 2005 Oliver Falk - 0.85.1-2 -- Rebuild - -* Tue May 17 2005 Oliver Falk - 0.85.1-1 -- Update - -* Sat May 14 2005 Enrico Scholz - 0.85-0 -- updated to 0.85 - -* Sun May 1 2005 Enrico Scholz - 0.84-0 -- updated to 0.84 - -* Fri Apr 7 2005 Michael Schwendt -- rebuilt - -* Tue Feb 15 2005 Enrico Scholz - 0:0.83-1 -- updated to 0.83 - -* Tue Feb 8 2005 Enrico Scholz - 0:0.82-1 -- updated to 0.82 -- minor spec cleanups - -* Fri Jan 28 2005 Enrico Scholz - 0:0.81-0.fdr.2 -- build the package with '--disable-zlib-vcheck' because RH is unable to - apply a fix for a 5 month old and solved security issue. Please fill - your comments at https://bugzilla.redhat.com/beta/show_bug.cgi?id=131385 -- added 'BuildRequires: bc' (should work without also, but ./configure - gives out ugly warnings else) - -* Fri Jan 28 2005 Enrico Scholz - 0:0.81-0.fdr.1 -- updated to 0.81 -- do not ship the 'clamd.milter' daemon anymore; clamav-milter supports - an internal mode now which is enabled by default -- updated -milter %%description - -* Thu Jan 20 2005 Enrico Scholz - 0:0.80-0.fdr.2 -- s!cron.d/clamav!cron.d/clamav-update! in the %%description of the -update - subpackage (https://bugzilla.fedora.us/show_bug.cgi?id=1715#c39) - -* Wed Nov 3 2004 Enrico Scholz - 0:0.80-0.fdr.1 -- updated to 0.80 -- removed DMS, FreeBSD-HOWTO and localized docs as it is not shipped anymore -- buildrequire 'curl-devel' -- renamed clamav.conf to clamd.conf (upstream change) -- updated -initoff patch - -* Tue Sep 14 2004 Enrico Scholz - 0:0.75.1-0.fdr.1 -- updated to 0.75.1 -- use %%configure, the problems with the architecture specification - seem to have passed (probably because of an autoconf update) -- set mode 0600 for the cron-script (required by vixie-cron) -- made the cronjob a spambot and send mail about deactivated freshclam - service to nearly everybody... (root, postmaster, webmaster) -- other fixes in the notification cronjob - -* Fri Jul 23 2004 Enrico Scholz - 0:0.75-0.fdr.1 -- updated to 0.75 - -* Thu Jul 15 2004 Enrico Scholz - 0:0.74-0.fdr.2 -- moved /usr/bin/clamav-config from main into -devel - -* Wed Jun 30 2004 Enrico Scholz - 0:0.74-0.fdr.1 -- updated to 0.74 - -* Mon Jun 14 2004 Enrico Scholz - 0:0.73-0.fdr.1 -- updated to 0.73 -- added pkgconfig file - -* Fri Jun 11 2004 Enrico Scholz - 0:0.72-0.fdr.3 -- notify the user about a deactivated clamav-update service -- added clamd-gen script which generates template spec-files for - services using clamd -- copied template configuration files to %pkgdatadir/template (needed - for clamd-gen) -- moved the clamd-wrapper from %_initrddir to %{pkgdatadir}; a symlink - will be provided for compatibility reasons -- conditionalized building of the -milter subpackage ('--without - milter' switch) to enable builds on RH73 (bug #1715, comment #5/#7) - -* Fri Jun 4 2004 Enrico Scholz - 0:0.72-0.fdr.2 -- removed 'BuildRequires: dietlibc'; it was a leftover from the - pre-use-signal era (before 0.70) (bug #1716) - -* Thu Jun 3 2004 Enrico Scholz - 0:0.72-0.fdr.1 -- updated to 0.72 - -* Thu May 20 2004 Enrico Scholz - 0:0.71-0.fdr.2 -- removed the randomization in the cronjob; it seems to be impossible - to use the mod-operator (%%) there. Instead of, the user has to - replace some placeholders... - -* Wed May 19 2004 Enrico Scholz - 0:0.71-0.fdr.1 -- updated to 0.71 - -* Fri May 7 2004 Enrico Scholz - 0:0.70-0.fdr.1.1 -- quote 'EOF' to delay $RANDOM expansion - -* Tue Apr 27 2004 Enrico Scholz - 0:0.70-0.fdr.2 -- updated GECOS entry for the 'clamav' user to describe its purpose - more accurately -- use explicit '-m755' when creating directories with install - -* Tue Apr 20 2004 Enrico Scholz - 0:0.70-0.fdr.1 -- updated to 0.70; rediffed some patches -- updated logrotate script to use signals and documented the steps - which are needed to make it work -- adapted initscript to use signals instead of sockwrite -- removed sockwrite; signals can now be used to reload the database -- added logfile to the -milter subpackage - -* Tue Apr 20 2004 Enrico Scholz - 0:0.68-0.fdr.2.1 -- tagged some Requires:, since clamav-server is required in the milter-%%post* scriptlets - -* Sat Mar 20 2004 Enrico Scholz - 0:0.68-0.fdr.2 -- split the double Requires(...,...): statements; see - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=118773 -- require the recent fedora-usermgmt package (0.7) which fixes similar - ordering issues - -* Thu Mar 18 2004 Enrico Scholz - 0:0.68-0.fdr.1 -- updated to 0.68 (using the -1 version) -- ship milter-files in the -milter instead of the -server subpackage - -* Tue Feb 24 2004 Enrico Scholz - 0:0.67-0.fdr.3 -- fixed ':' vs. '.' in chown - -* Tue Feb 17 2004 Enrico Scholz - 0:0.67-0.fdr.2 -- randomize freshclam startup to prevent server peaks - -* Mon Feb 16 2004 Enrico Scholz - 0:0.67-0.fdr.1 -- updated to 0.67 (using the -1 version) - -* Wed Feb 11 2004 Enrico Scholz - 0:0.66-0.fdr.2 -- updated to 0.66; important, packaging-relevant changes are - freshclam: - * $http_proxy is not supported anymore; you have to configure it in - /etc/freshclam.conf - * the logfile has been renamed to /var/log/freshclam.log -- removed %%check section; buildroot check is implemented in local - testsuite already -- added some %%verify(not mtime) modifiers to avoid unnecessary .rpmnew - files -- added some directory-Requires: -- activated milter-package and made it work -- added patch to disable clamav-milter service by default -- renamed /var/run/clamav. to /var/run/clamd.; this - makes things more consistently but can break backward compatibility. The - initscript should deal with the old version too, but I would not bet on - it... -- updated some descriptions -- fixed the update-mechanism; now it happens in two stages: at first, - the files will be downloaded as user 'clamav' and then, root initiates - the daemon-reload. - -* Mon Feb 9 2004 Enrico Scholz - 0:0.65-0.fdr.5 -- added security fix for - http://www.securityfocus.com/archive/1/353194/2004-02-06/2004-02-12/1 diff --git a/README.fedora b/README.fedora deleted file mode 100644 index e512782..0000000 --- a/README.fedora +++ /dev/null @@ -1,118 +0,0 @@ -Please note for Fedora and EPEL 7+ we use only systemd. -upstart and sysvinit only apply to EPEL 6. - -A clamav-milter setup consists of the following three components: - -* the clamav-milter itself - - --> this is provided by the 'clamav-milter' package plus (alternatively) - 'clamav-milter-upstart' or 'clamav-milter-sysvinit' - - The main configuration is in /etc/mail/clamav-milter.conf and MUST - be changed before first use. - - This can be enabled with: 'systemctl enable clamav-milter.service' - - The -sysvinit package is managed by the traditional tools, but - -upstart requires modification of /etc/event.d/clamav-milter to - enable automatic startup. See comments there for more details. - -* a clamav scanner daemon - - --> this is in the clamd package (or on EL6: - 'clamav-scanner-upstart' or 'clamav-scanner-sysvinit') - - The daemon is configured by /etc/clamd.d/scan.conf (which MUST be - edited before first use). - - This can be enabled with: 'systemctl enable clamd@scan.service' - - The -sysvinit package is managed by the traditional tools, but - -upstart requires modification of /etc/event.d/clamd.scan to enable - automatic startup. See comments there for more details. - -* the MTA (sendmail/postfix) - - --> you should know how to install this... - - When communicating across unix sockets with the clamav-milter, it is - suggested to use the /run/clamav-milter/clamav-milter.socket - path. You have to add something like - - INPUT_MAIL_FILTER(`clamav', `S=local:/run/clamav-milter/clamav-milter.socket, F=, T=S:4m;R:4m')dnl - - to your sendmail.mc. - - -EXAMPLE -======= - -For clamav-milter, a possible setup might be created by - -A) On the MTA (assumed hostname 'host-mta') - - 1. Add to sendmail.mc - - | INPUT_MAIL_FILTER(`clamav', `S=inet:6666@host-milter, F=, T=S:4m;R:4m')dnl - - 2. Rebuild sendmail.cf - - -B) On the clamav-milter host (assumed hostname 'host-milter') - - 1. Install clamav-milter + clamav-milter-upstart packages - - 2. Set in /etc/mail/clamav-milter.conf - - | MilterSocket inet:6666 - | ClamdSocket tcp:host-scanner:6665 - - and all the other options which are required on your system - - 3. Enable clamav-milter.service: - - | systemctl enable clamav-milter.service - - Restart your system or execute - - | systemctl start clamav-milter.service - - 4. Add something like - - | iptables -N IN-cmilt - | iptables -A IN-cmilt -s host-mta -j ACCEPT - | iptables -A IN-cmilt -j DROP - - | iptables -A INPUT -p tcp --dport 6666 -j IN-cmilt - - to your firewall setup - -C) On the clamav-scanner host (assumed hostname 'host-scanner') - - 1. Install clamd - - 2. Add to /etc/clamd.d/scan.conf - - | TCPSocket 6665 - | TCPAddr host-scanner - - comment out possible 'LocalSocket' lines and set all the other - options which are required on your system - - 3. Enable clamd@scan.service: - - | systemctl enable clamd@scan.service - - Restart your system or execute - - | systemctl start clamd@scan.service - - 4. Add something like - - | iptables -N IN-cscan - | iptables -A IN-cscan -s host-milter -j ACCEPT - | iptables -A IN-cscan -j DROP - - | iptables -A INPUT -p tcp --dport 6665 -j IN-csan - - to your firewall setup diff --git a/clamav-0.99-private.patch b/clamav-0.99-private.patch deleted file mode 100644 index 7f9f563..0000000 --- a/clamav-0.99-private.patch +++ /dev/null @@ -1,27 +0,0 @@ ---- clamav-0.99/libclamav.pc.in 2015-09-18 22:48:25.000000000 +0200 -+++ clamav-0.99/libclamav.pc.in.private 2015-12-02 01:30:30.055231319 +0100 -@@ -7,6 +7,6 @@ - Description: A GPL virus scanner - Version: @PACKAGE_VERSION@ - Libs: -L${libdir} -lclamav --Libs.private: @LIBCLAMAV_LIBS@ -+Libs.private: -L${libdir} -lclamav @LIBCLAMAV_LIBS@ - Cflags: -I${includedir} - ---- clamav-0.99/clamav-config.in 2015-05-28 23:56:25.000000000 +0200 -+++ clamav-0.99/clamav-config.in.private 2015-12-02 01:31:34.933705763 +0100 -@@ -54,12 +54,8 @@ - usage 0 - ;; - -- --cflags) -- echo -I@includedir@ @CFLAGS@ -- ;; -- -- --libs) -- echo -L@libdir@ @LIBCLAMAV_LIBS@ -+ (--cflags|--libs) -+ ${PKG_CONFIG:-pkg-config} "$1" libclamav - ;; - - *) diff --git a/clamav-check.patch b/clamav-check.patch deleted file mode 100644 index e3d37a4..0000000 --- a/clamav-check.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up clamav-0.103.0/unit_tests/check_jsnorm.c.check clamav-0.103.0/unit_tests/check_jsnorm.c ---- clamav-0.103.0/unit_tests/check_jsnorm.c.check 2020-09-12 18:27:10.000000000 -0600 -+++ clamav-0.103.0/unit_tests/check_jsnorm.c 2020-09-17 22:15:26.199957518 -0600 -@@ -247,7 +247,7 @@ static void tokenizer_test(const char *i - fd = open(filename, O_RDONLY); - if (fd < 0) { - jstest_teardown(); -- ck_assert_msg("failed to open output file: %s", filename); -+ ck_assert_msg(0, "failed to open output file: %s", filename); - } - - diff_file_mem(fd, expected, len); diff --git a/clamav-clamonacc-service.patch b/clamav-clamonacc-service.patch deleted file mode 100644 index 12439f9..0000000 --- a/clamav-clamonacc-service.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff -up clamav-0.103.0/clamonacc/clamav-clamonacc.service.in.clamonacc-service clamav-0.103.0/clamonacc/clamav-clamonacc.service.in ---- clamav-0.103.0/clamonacc/clamav-clamonacc.service.in.clamonacc-service 2020-09-12 18:27:09.000000000 -0600 -+++ clamav-0.103.0/clamonacc/clamav-clamonacc.service.in 2020-09-18 19:49:35.400152760 -0600 -@@ -4,14 +4,12 @@ - [Unit] - Description=ClamAV On-Access Scanner - Documentation=man:clamonacc(8) man:clamd.conf(5) https://docs.clamav.net/ --Requires=clamav-daemon.service --After=clamav-daemon.service syslog.target network.target -+After=clamd@scan.service syslog.target network.target - - [Service] - Type=simple - User=root --ExecStartPre=/bin/bash -c "while [ ! -S /run/clamav/clamd.ctl ]; do sleep 1; done" --ExecStart=@prefix@/sbin/clamonacc -F --config-file=@APP_CONFIG_DIRECTORY@/clamd.conf --log=/var/log/clamav/clamonacc.log --move=/root/quarantine -+ExecStart=@prefix@/sbin/clamonacc -F --config-file=/etc/clamd.d/scan.conf - - [Install] - WantedBy=multi-user.target diff --git a/clamav-default_confs.patch b/clamav-default_confs.patch deleted file mode 100644 index 97bbc10..0000000 --- a/clamav-default_confs.patch +++ /dev/null @@ -1,87 +0,0 @@ -diff -up clamav-0.103.0/clamconf/clamconf.c.default_confs clamav-0.103.0/clamconf/clamconf.c ---- clamav-0.103.0/clamconf/clamconf.c.default_confs 2020-09-12 18:27:09.000000000 -0600 -+++ clamav-0.103.0/clamconf/clamconf.c 2020-09-17 22:00:20.792879792 -0600 -@@ -63,9 +63,9 @@ static struct _cfgfile { - const char *name; - int tool; - } cfgfile[] = { -- {"clamd.conf", OPT_CLAMD}, -+ {"clamd.d/scan.conf", OPT_CLAMD}, - {"freshclam.conf", OPT_FRESHCLAM}, -- {"clamav-milter.conf", OPT_MILTER}, -+ {"mail/clamav-milter.conf", OPT_MILTER}, - {NULL, 0}}; - - static void printopts(struct optstruct *opts, int nondef) -diff -up clamav-0.103.0/docs/man/clamav-milter.8.in.default_confs clamav-0.103.0/docs/man/clamav-milter.8.in ---- clamav-0.103.0/docs/man/clamav-milter.8.in.default_confs 2020-09-12 18:27:09.000000000 -0600 -+++ clamav-0.103.0/docs/man/clamav-milter.8.in 2020-09-17 22:00:20.793879800 -0600 -@@ -27,7 +27,7 @@ Print the version number and exit. - Read configuration from FILE. - .SH "FILES" - .LP --@CFGDIR@/clamav-milter.conf -+@CFGDIR@/mail/clamav-milter.conf - .SH "AUTHOR" - .LP - aCaB -diff -up clamav-0.103.0/docs/man/clamav-milter.conf.5.in.default_confs clamav-0.103.0/docs/man/clamav-milter.conf.5.in ---- clamav-0.103.0/docs/man/clamav-milter.conf.5.in.default_confs 2020-09-12 18:27:09.000000000 -0600 -+++ clamav-0.103.0/docs/man/clamav-milter.conf.5.in 2020-09-17 22:00:20.794879808 -0600 -@@ -239,7 +239,7 @@ Default: no - All options expressing a size are limited to max 4GB. Values in excess will be reset to the maximum. - .SH "FILES" - .LP --@CFGDIR@/clamav-milter.conf -+@CFGDIR@/mail/clamav-milter.conf - .SH "AUTHOR" - .LP - aCaB -diff -up clamav-0.103.0/docs/man/clamd.8.in.default_confs clamav-0.103.0/docs/man/clamd.8.in ---- clamav-0.103.0/docs/man/clamd.8.in.default_confs 2020-09-12 18:27:09.000000000 -0600 -+++ clamav-0.103.0/docs/man/clamd.8.in 2020-09-17 22:00:20.794879808 -0600 -@@ -7,7 +7,7 @@ clamd \- an anti\-virus daemon - clamd [options] - .SH "DESCRIPTION" - .LP --The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CFGDIR@/clamd.conf -+The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CFGDIR@/clamd.d/scan.conf - .SH "COMMANDS" - .LP - It's recommended to prefix clamd commands with the letter \fBz\fR (eg. zSCAN) to indicate that the command will be delimited by a NULL character and that clamd should continue reading command data until a NULL character is read. The null delimiter assures that the complete command and its entire argument will be processed as a single command. Alternatively commands may be prefixed with the letter \fBn\fR (e.g. nSCAN) to use a newline character as the delimiter. Clamd replies will honour the requested terminator in turn. -@@ -125,7 +125,7 @@ Reload the signature databases. - Perform a clean exit. - .SH "FILES" - .LP --@CFGDIR@/clamd.conf -+@CFGDIR@/clamd.d/scan.conf - .SH "CREDITS" - Please check the full documentation for credits. - .SH "AUTHOR" -diff -up clamav-0.103.0/docs/man/clamd.conf.5.in.default_confs clamav-0.103.0/docs/man/clamd.conf.5.in ---- clamav-0.103.0/docs/man/clamd.conf.5.in.default_confs 2020-09-17 22:00:20.795879816 -0600 -+++ clamav-0.103.0/docs/man/clamd.conf.5.in 2020-09-17 22:01:21.414353121 -0600 -@@ -759,7 +759,7 @@ Default: no - All options expressing a size are limited to max 4GB. Values in excess will be reset to the maximum. - .SH "FILES" - .LP --@CFGDIR@/clamd.conf -+@CFGDIR@/clamd.d/scan.conf - .SH "AUTHORS" - .LP - Tomasz Kojm , Kevin Lin -diff -up clamav-0.103.0/platform.h.in.default_confs clamav-0.103.0/platform.h.in ---- clamav-0.103.0/platform.h.in.default_confs 2020-09-17 22:00:20.796879824 -0600 -+++ clamav-0.103.0/platform.h.in 2020-09-17 22:01:56.842629739 -0600 -@@ -112,9 +112,9 @@ typedef unsigned int in_addr_t; - #endif - - #ifndef _WIN32 --#define CONFDIR_CLAMD CONFDIR PATHSEP "clamd.conf" -+#define CONFDIR_CLAMD CONFDIR PATHSEP "clamd.d/scan.conf" - #define CONFDIR_FRESHCLAM CONFDIR PATHSEP "freshclam.conf" --#define CONFDIR_MILTER CONFDIR PATHSEP "clamav-milter.conf" -+#define CONFDIR_MILTER CONFDIR PATHSEP "mail/clamav-milter.conf" - #endif - - #ifndef WORDS_BIGENDIAN diff --git a/clamav-freshclam.service.patch b/clamav-freshclam.service.patch deleted file mode 100644 index 2c29f03..0000000 --- a/clamav-freshclam.service.patch +++ /dev/null @@ -1,17 +0,0 @@ ---- ./freshclam/clamav-freshclam.service.in.orig 2021-06-14 10:36:39.029730737 +0100 -+++ ./freshclam/clamav-freshclam.service.in 2021-06-14 10:37:53.621423748 +0100 -@@ -2,13 +2,12 @@ - Description=ClamAV virus database updater - Documentation=man:freshclam(1) man:freshclam.conf(5) https://docs.clamav.net/ - # If user wants it run from cron, don't start the daemon. --ConditionPathExists=!/etc/cron.d/clamav-freshclam -+# ConditionPathExists=!/etc/cron.d/clamav-update - Wants=network-online.target - After=network-online.target - - [Service] - ExecStart=@prefix@/bin/freshclam -d --foreground=true --StandardOutput=syslog - - [Install] - WantedBy=multi-user.target diff --git a/clamav-milter.systemd b/clamav-milter.systemd deleted file mode 100644 index 7571038..0000000 --- a/clamav-milter.systemd +++ /dev/null @@ -1,25 +0,0 @@ -[Unit] -Description = Milter module for the Clam Antivirus scanner -After = syslog.target nss-lookup.target network.target -Before = sendmail.service -Before = postfix.service -After = clamd@scan.service - -[Service] -Type = forking -ExecStart = /usr/sbin/clamav-milter -c /etc/mail/clamav-milter.conf -Restart = on-failure - -User=clamilt -Group=clamilt - -PrivateTmp=yes -PrivateDevices=yes -CapabilityBoundingSet=CAP_KILL - -ReadOnlyDirectories=/etc -ReadOnlyDirectories=/usr -ReadOnlyDirectories=/var/lib - -[Install] -WantedBy = multi-user.target diff --git a/clamav-stats-deprecation.patch b/clamav-stats-deprecation.patch deleted file mode 100644 index a12f138..0000000 --- a/clamav-stats-deprecation.patch +++ /dev/null @@ -1,17 +0,0 @@ -diff -up clamav-0.102.0/shared/optparser.c.stats-deprecation clamav-0.102.0/shared/optparser.c ---- clamav-0.102.0/shared/optparser.c.stats-deprecation 2019-10-10 21:55:31.245995091 -0600 -+++ clamav-0.102.0/shared/optparser.c 2019-10-11 20:40:04.580067432 -0600 -@@ -524,6 +524,13 @@ const struct clam_option __clam_options[ - {"ArchiveLimitMemoryUsage", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD | OPT_DEPRECATED, "", ""}, - {"MailFollowURLs", "mail-follow-urls", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", ""}, - {"AllowSupplementaryGroups", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_MILTER | OPT_DEPRECATED, "Initialize a supplementary group access (the process must be started by root).", "no"}, -+ {"StatsHostID", "stats-host-id", 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", "" }, -+ {"StatsEnabled", "enable-stats", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_CLAMSCAN | OPT_DEPRECATED, "", ""}, -+ {"StatsPEDisabled", "disable-pe-stats", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", ""}, -+ {"StatsTimeout", "stats-timeout", 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, -1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_FRESHCLAM | OPT_DEPRECATED, "", ""}, -+ {"SubmitDetectionStats", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", ""}, -+ {"DetectionStatsCountry", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", ""}, -+ {"DetectionStatsHostID", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", ""}, - {"ScanOnAccess", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD | OPT_DEPRECATED, "", ""}, - - /* Milter specific options */ diff --git a/clamav-update.crond b/clamav-update.crond deleted file mode 100644 index 7454bd0..0000000 --- a/clamav-update.crond +++ /dev/null @@ -1,6 +0,0 @@ -## Adjust this line... -MAILTO=root - -## It is ok to execute it as root; freshclam drops privileges and becomes -## user 'clamupdate' as soon as possible -0 */3 * * * root /usr/share/clamav/freshclam-sleep > /dev/null diff --git a/clamav-update.logrotate b/clamav-update.logrotate deleted file mode 100644 index 3cd28f0..0000000 --- a/clamav-update.logrotate +++ /dev/null @@ -1,8 +0,0 @@ -/var/log/freshclam.log { - monthly - notifempty - missingok - postrotate - systemctl try-restart clamav-freshclam.service - endscript -} diff --git a/clamav.spec b/clamav.spec deleted file mode 100644 index 8ee8428..0000000 --- a/clamav.spec +++ /dev/null @@ -1,1368 +0,0 @@ -#global prerelease rc1 - -%global _hardened_build 1 - -## Fedora specific customization below... -%bcond_without clamonacc -%bcond_with unrar -%ifnarch ppc64 -%bcond_without llvm -%else -%bcond_with llvm -%endif - -%if 0%{?fedora} || 0%{?rhel} >= 8 -%bcond_with old_freshclam -%else -%bcond_without old_freshclam -%endif - -%ifnarch s390 s390x -%global have_ocaml 1 -%else -%global have_ocaml 0 -%endif - -%global scanuser clamscan -%global updateuser clamupdate -%global milteruser clamilt - -%global homedir %{_var}/lib/clamav -%global quarantinedir %{_var}/spool/quarantine -%global freshclamlog %{_var}/log/freshclam.log - -Summary: End-user tools for the Clam Antivirus scanner -Name: clamav -Version: 0.103.4 -Release: 1%{?dist} -License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} -URL: https://www.clamav.net/ -%if %{with unrar} -Source0: https://www.clamav.net/downloads/production/%name-%version%{?prerelease}.tar.gz -Source999: https://www.clamav.net/downloads/production/%name-%version%{?prerelease}.tar.gz.sig -%else -# Unfortunately, clamav includes support for RAR v3, derived from GPL -# incompatible unrar from RARlabs. We have to pull this code out. -# tarball was created with update_clamav.sh -Source0: %name-%version%{?prerelease}-norar.tar.xz -%endif -#for server -Source3: clamd.logrotate -Source5: clamd-README -# To download the *.cvd, go to https://www.clamav.net and use the links -# there (I renamed the files to add the -version suffix for verifying). -# Check the first line of the file for version or run file *cvd -# Attention file < 5.33-7 have bugs see https://bugzilla.redhat.com/show_bug.cgi?id=1539107 -#http://database.clamav.net/main.cvd -Source10: main-62.cvd -#http://database.clamav.net/daily.cvd -Source11: daily-26345.cvd -#http://database.clamav.net/bytecode.cvd -Source12: bytecode-333.cvd -#for update -Source200: freshclam-sleep -Source201: freshclam.sysconfig -Source202: clamav-update.crond -Source203: clamav-update.logrotate -#for milter -Source300: README.fedora -#for clamav-milter.systemd -Source330: clamav-milter.systemd -#for scanner-systemd/server-systemd -Source530: clamd@.service - -# Restore some options removed in 0.100 as deprecated -# Could be dropped in F32 with a note -# https://bugzilla.redhat.com/show_bug.cgi?id=1565381#c1 -Patch0: clamav-stats-deprecation.patch -# Change default config locations for Fedora -Patch1: clamav-default_confs.patch -# Fix pkg-config flags for static linking, multilib -Patch2: clamav-0.99-private.patch -# Fix ck_assert_msg() call -# https://github.com/Cisco-Talos/clamav-devel/pull/138 -Patch4: clamav-check.patch -# Modify clamav-clamonacc.service for Fedora compatibility -Patch5: clamav-clamonacc-service.patch - -Patch6: clamav-freshclam.service.patch - -BuildRequires: autoconf -BuildRequires: automake -BuildRequires: gettext-devel -BuildRequires: libtool -BuildRequires: libtool-ltdl-devel -BuildRequires: gcc-c++ -BuildRequires: bzip2-devel -BuildRequires: curl-devel -BuildRequires: gmp-devel -BuildRequires: json-c-devel -BuildRequires: libprelude-devel -# libprelude-config --libs brings in gnutls, pcre -# https://bugzilla.redhat.com/show_bug.cgi?id=1830473 -BuildRequires: gnutls-devel pcre-devel -BuildRequires: libxml2-devel -BuildRequires: ncurses-devel -BuildRequires: openssl-devel -BuildRequires: pcre2-devel -BuildRequires: zlib-devel -#BuildRequires: %%{_includedir}/tcpd.h -BuildRequires: bc -BuildRequires: tcl -BuildRequires: groff -BuildRequires: graphviz -%{?have_ocaml:BuildRequires: ocaml} -# nc required for tests -BuildRequires: nc -%{?systemd_requires} -BuildRequires: systemd-devel -#for milter -BuildRequires: sendmail-devel -BuildRequires: make - -Requires: clamav-filesystem = %{version}-%{release} -Requires: clamav-lib = %{version}-%{release} -Requires: data(clamav) - -%description -Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this -software is the integration with mail servers (attachment scanning). The -package provides a flexible and scalable multi-threaded daemon, a command -line scanner, and a tool for automatic updating via Internet. The programs -are based on a shared library distributed with the Clam AntiVirus package, -which you can use with your own software. The virus database is based on -the virus database from OpenAntiVirus, but contains additional signatures -(including signatures for popular polymorphic viruses, too) and is KEPT UP -TO DATE. - -%package filesystem -Summary: Filesystem structure for clamav -# Prevent version mix -Conflicts: %{name} < %{version}-%{release} -Conflicts: %{name} > %{version}-%{release} -Requires(pre): shadow-utils -BuildArch: noarch - -%description filesystem -This package provides the filesystem structure and contains the -user-creation scripts required by clamav. - - -%package lib -Summary: Dynamic libraries for the Clam Antivirus scanner -Requires: data(clamav) -Provides: bundled(libmspack) = 0.5-0.1.alpha.modified_by_clamav - -%description lib -This package contains dynamic libraries shared between applications -using the Clam Antivirus scanner. - - -%package devel -Summary: Header files and libraries for the Clam Antivirus scanner -Requires: clamav-lib = %{version}-%{release} -Requires: clamav-filesystem = %{version}-%{release} -Requires: openssl-devel - -%description devel -This package contains headerfiles and libraries which are needed to -build applications using clamav. - - -%package data -Summary: Virus signature data for the Clam Antivirus scanner -Requires: clamav-filesystem = %{version}-%{release} -Provides: data(clamav) = full -Provides: clamav-db = %{version}-%{release} -Obsoletes: clamav-db < %{version}-%{release} -BuildArch: noarch - -%description data -This package contains the virus-database needed by clamav. This -database should be updated regularly; the 'clamav-update' package -ships a corresponding cron-job. Use this package when you want a -working (but perhaps outdated) virus scanner immediately after package -installation. - - -%package update -Summary: Auto-updater for the Clam Antivirus scanner data-files -Requires: clamav-filesystem = %{version}-%{release} -%if %{with old_freshclam} -Requires: crontabs -Requires: /etc/cron.d -Requires(post): %{__chown} %{__chmod} -%endif -Provides: data(clamav) = empty -Provides: clamav-data-empty = %{version}-%{release} -Obsoletes: clamav-data-empty < %{version}-%{release} - -%description update -This package contains programs which can be used to update the clamav -anti-virus database automatically. It uses the freshclam(1) utility for -this task. To activate it use, uncomment the entry in /etc/cron.d/clamav-update. -Use this package when you go updating the virus database regulary and -do not want to download a >160MB sized rpm-package with outdated virus -definitions. - - -%package -n clamd -Summary: The Clam AntiVirus Daemon -Requires: data(clamav) -Requires: clamav-filesystem = %{version}-%{release} -Requires: clamav-lib = %{version}-%{release} -Requires: coreutils -Requires(pre): shadow-utils -# This is still used by clamsmtp and exim-clamav -Provides: clamav-server = %{version}-%{release} -Provides: clamav-scanner-systemd = %{version}-%{release} -Provides: clamav-server-systemd = %{version}-%{release} -Obsoletes: clamav-scanner-systemd < %{version}-%{release} -Obsoletes: clamav-server-systemd < %{version}-%{release} - -%description -n clamd -The Clam AntiVirus Daemon -See the README file how this can be done with a minimum of effort. -This package contains a generic system wide clamd service which is -e.g. used by the clamav-milter package. - - -%package milter -Summary: Milter module for the Clam Antivirus scanner -# clamav-milter could work without clamd and without sendmail -#Requires: clamd = %%{version}-%%{release} -#Requires: /usr/sbin/sendmail -Requires: clamav-filesystem = %{version}-%{release} -Requires(pre): shadow-utils -Provides: clamav-milter-systemd = %{version}-%{release} -Obsoletes: clamav-milter-systemd < %{version}-%{release} - -%description milter -This package contains files which are needed to run the clamav-milter. - - -%prep -%setup -q -n %{name}-%{version}%{?prerelease} - -# No longer support deprecated options in F32+ and EL8+ -%if (0%{?fedora} && 0%{?fedora} < 32) || (0%{?rhel} && 0%{?rhel} < 8) -%patch0 -p1 -b .stats-deprecation -%endif -%patch1 -p1 -b .default_confs -%patch2 -p1 -b .private -%patch4 -p1 -b .check -%patch5 -p1 -b .clamonacc-service -%patch6 -p1 -b .freshclam-service - -install -p -m0644 %{SOURCE300} clamav-milter/ - -mkdir -p libclamunrar{,_iface} -%{!?with_unrar:touch libclamunrar/{Makefile.in,all,install}} - - -%build -# add -Wl,--as-needed if not exist -export LDFLAGS=$(echo %{?__global_ldflags} | sed '/-Wl,--as-needed/!s/$/ -Wl,--as-needed/') -# IPv6 check is buggy and does not work when there are no IPv6 interface on build machine -export have_cv_ipv6=yes - -rm -rf libltdl autom4te.cache Makefile.in -autoreconf -i -%configure \ - --enable-milter \ - --disable-clamav \ - --disable-static \ - --disable-zlib-vcheck \ - %{!?with_unrar:--disable-unrar} \ - --enable-id-check \ - --enable-dns \ - --with-dbdir=%{homedir} \ - --with-group=%{updateuser} \ - --with-user=%{updateuser} \ - --disable-rpath \ - --disable-silent-rules \ - --enable-clamdtop \ - --enable-prelude \ - %{!?with_clamonacc:--disable-clamonacc} \ - %{!?with_llvm:--disable-llvm} - -# TODO: check periodically that CLAMAVUSER is used for freshclam only - -%make_build - - -%install -rm -rf _doc* -%make_install - -install -d -m 0755 \ - %{buildroot}%{_tmpfilesdir} \ - %{buildroot}%{homedir} \ - %{buildroot}%{quarantinedir} - -rm -f %{buildroot}%{_libdir}/*.la - -### data -install -D -m 0644 -p %{SOURCE10} %{buildroot}%{homedir}/main.cvd -install -D -m 0644 -p %{SOURCE11} %{buildroot}%{homedir}/daily.cvd -install -D -m 0644 -p %{SOURCE12} %{buildroot}%{homedir}/bytecode.cvd - -### The freshclam stuff -sed -ri \ - -e 's!^Example!#Example!' \ - -e 's!^#?(UpdateLogFile )!#\1!g;' \ - -e 's!(DatabaseOwner *)clamav$!\1%{updateuser}!g' %{buildroot}%{_sysconfdir}/freshclam.conf.sample - -mv %{buildroot}%{_sysconfdir}/freshclam.conf{.sample,} -# Can contain HTTPProxyPassword (bugz#1733112) -chmod 600 %{buildroot}%{_sysconfdir}/freshclam.conf - -%if %{with old_freshclam} -install -d -m 0755 %{buildroot}%{_var}/log -install -d -m 0755 %{buildroot}%{_sysconfdir}/logrotate.d -install -D -p -m 0755 %{SOURCE200} %{buildroot}%{_datadir}/%{name}/freshclam-sleep -install -D -p -m 0644 %{SOURCE201} %{buildroot}%{_sysconfdir}/sysconfig/freshclam -install -D -p -m 0600 %{SOURCE202} %{buildroot}%{_sysconfdir}/cron.d/clamav-update -install -D -m 0644 -p %{SOURCE203} %{buildroot}%{_sysconfdir}/logrotate.d/clamav-update -%endif - -### The scanner stuff -install -D -m 0644 -p %{SOURCE3} _doc_server/clamd.logrotate -install -D -m 0644 -p %{SOURCE5} _doc_server/README -## Fixup URL for EPEL -%{?epel:sed -i -e s/product=Fedora/product=Fedora%20EPEL/ _doc_server/README} - -## For compatibility with 0.102.2-7 -ln -s clamav-clamonacc.service %{buildroot}%{_unitdir}/clamonacc.service - -install -D -p -m 0644 %{SOURCE530} %{buildroot}%{_unitdir}/clamd@.service - -sed -ri \ - -e 's!^Example!#Example!' \ - -e 's!^#?(LogFile ).*!#\1/var/log/clamd.!g' \ - -e 's!^#?(LocalSocket ).*!#\1%{_rundir}/clamd./clamd.sock!g' \ - -e 's!^(#?PidFile ).*!\1%{_rundir}/clamd./clamd.pid!g' \ - -e 's!^#?(User ).*!\1!g' \ - -e 's!^#?(AllowSupplementaryGroups|LogSyslog).*!\1 yes!g' \ - -e 's! /usr/local/share/clamav,! %{homedir},!g' \ - %{buildroot}%{_sysconfdir}/clamd.conf.sample - -install -d -m 0755 %{buildroot}%{_sysconfdir}/clamd.d -sed -e 's!!scan!g;s!!%{scanuser}!g' \ - %{buildroot}%{_sysconfdir}/clamd.conf.sample > %{buildroot}%{_sysconfdir}/clamd.d/scan.conf - -mv %{buildroot}%{_sysconfdir}/clamd.conf.sample _doc_server/clamd.conf - -cat << EOF > %{buildroot}%{_tmpfilesdir}/clamd.scan.conf -d %{_rundir}/clamd.scan 0710 %{scanuser} virusgroup -EOF - -### The milter stuff -sed -ri \ - -e 's!^#?(User).*!\1 %{milteruser}!g' \ - -e 's!^#?(AllowSupplementaryGroups|LogSyslog) .*!\1 yes!g' \ - -e 's! /tmp/clamav-milter.socket! %{_rundir}/clamav-milter/clamav-milter.socket!g' \ - -e 's! /var/run/clamav-milter.pid! %{_rundir}/clamav-milter/clamav-milter.pid!g' \ - -e 's!:/var/run/clamd/clamd.socket!:%{_rundir}/clamd.scan/clamd.sock!g' \ - -e 's! /tmp/clamav-milter.log! %{_var}/log/clamav-milter.log!g' \ - %{buildroot}%{_sysconfdir}/clamav-milter.conf.sample - -install -d -m 0755 %{buildroot}%{_sysconfdir}/mail -mv %{buildroot}%{_sysconfdir}/clamav-milter.conf.sample %{buildroot}%{_sysconfdir}/mail/clamav-milter.conf - -install -D -p -m 0644 %{SOURCE330} %{buildroot}%{_unitdir}/clamav-milter.service - -cat << EOF > %{buildroot}%{_tmpfilesdir}/clamav-milter.conf -d %{_rundir}/clamav-milter 0710 %{milteruser} %{milteruser} -EOF - -# TODO: Evaluate using upstream's unit with clamav-daemon.socket -rm %{buildroot}%{_unitdir}/clamav-daemon.* - - -%check -make check - - -%post -%systemd_post clamav-clamonacc.service - -%preun -%systemd_preun clamav-clamonacc.service - -%postun -%systemd_postun_with_restart clamav-clamonacc.service - - -%pre filesystem -getent group %{updateuser} >/dev/null || groupadd -r %{updateuser} -getent passwd %{updateuser} >/dev/null || \ - useradd -r -g %{updateuser} -d %{homedir} -s /sbin/nologin \ - -c "Clamav database update user" %{updateuser} -getent group virusgroup >/dev/null || groupadd -r virusgroup -usermod %{updateuser} -a -G virusgroup -exit 0 - - -%pre -n clamd -getent group %{scanuser} >/dev/null || groupadd -r %{scanuser} -getent passwd %{scanuser} >/dev/null || \ - useradd -r -g %{scanuser} -d / -s /sbin/nologin \ - -c "Clamav scanner user" %{scanuser} -usermod %{scanuser} -a -G virusgroup -exit 0 - -%post -n clamd -# Point to the new service unit -[ -L /etc/systemd/system/multi-user.target.wants/clamd@scan.service ] && - ln -sf /usr/lib/systemd/system/clamd@.service /etc/systemd/system/multi-user.target.wants/clamd@scan.service || : -%systemd_post clamd@scan.service -%if 0%{?rhel} -if [ $1 -eq 1 ] && [ -x /usr/bin/systemctl ]; then -# Initial installation -/bin/systemd-tmpfiles --create %{_tmpfilesdir}/clamd.scan.conf -fi -%endif - -%preun -n clamd -%systemd_preun clamd@scan.service - -%postun -n clamd -%systemd_postun_with_restart clamd@scan.service - - -%triggerin milter -- clamav-scanner -# Add the milteruser to the scanuser group; this is required when -# milter and clamd communicate through local sockets -/usr/sbin/groupmems -g %{scanuser} -a %{milteruser} &>/dev/null || : - -%pre milter -getent group %{milteruser} >/dev/null || groupadd -r %{milteruser} -getent passwd %{milteruser} >/dev/null || \ - useradd -r -g %{milteruser} -d %{_rundir}/clamav-milter -s /sbin/nologin \ - -c "Clamav Milter user" %{milteruser} -usermod %{milteruser} -a -G virusgroup -exit 0 - -%post milter -%systemd_post clamav-milter.service -%if 0%{?rhel} -if [ $1 -eq 1 ] && [ -x /usr/bin/systemctl ]; then -# Initial installation -/bin/systemd-tmpfiles --create %{_tmpfilesdir}/clamav-milter.conf || : -fi -%endif - -%preun milter -%systemd_preun clamav-milter.service - -%postun milter -%systemd_postun_with_restart clamav-milter.service - -%post update -%if %{with old_freshclam} -test -e %{freshclamlog} || { - touch %{freshclamlog} - %{__chmod} 0664 %{freshclamlog} - %{__chown} root:%{updateuser} %{freshclamlog} - ! test -x /sbin/restorecon || /sbin/restorecon %{freshclamlog} -} -#%%else -#if [ $1 -eq 2 ] ; then -# echo "Warning: clamav-update package changed" -# echo "Now we provide clamav-freshclam.service systemd unit instead old scripts and the cron.d entry." -# echo "Unfortunately this may break existing unattended installations." -# echo "Please run 'systemctl enable clamav-freshclam --now' to enable freshclam updates again." -#fi -%endif -%systemd_post clamav-freshclam.service - -%preun update -%systemd_preun clamav-freshclam.service - -%postun update -%systemd_postun_with_restart clamav-freshclam.service - -%ldconfig_scriptlets lib - - -%files -%license COPYING -%doc NEWS.md README.md docs/html -%{_bindir}/clambc -%{_bindir}/clamconf -%{_bindir}/clamdscan -%{_bindir}/clamdtop -%{_bindir}/clamscan -%{_bindir}/clamsubmit -%{_bindir}/sigtool -%if %{with clamonacc} -%{_sbindir}/clamonacc -%endif -%{_mandir}/man[15]/* -%{_mandir}/man8/clamonacc.8* -%exclude %{_mandir}/*/freshclam* -%exclude %{_mandir}/man5/clamd.conf.5* -%{_unitdir}/clamonacc.service -%{_unitdir}/clamav-clamonacc.service -%attr(0750,root,root) %dir %{quarantinedir} - - -%files lib -%{_libdir}/libclamav.so.9* -%{_libdir}/libclammspack.so.0* -%if %{with unrar} -%{_libdir}/libclamunrar*.so.9* -%endif - - -%files devel -%{_includedir}/* -%{_libdir}/*.so -%{_libdir}/pkgconfig/* -%{_bindir}/clamav-config - - -%files filesystem -%attr(-,%{updateuser},%{updateuser}) %dir %{homedir} -%dir %{_sysconfdir}/clamd.d -# Used by both clamd, clamdscan, and clamonacc -%config(noreplace) %{_sysconfdir}/clamd.d/scan.conf - - -%files data -%defattr(-,%{updateuser},%{updateuser},-) -# use %%config to keep files which were updated by 'freshclam' -# already. Without this tag, they would be overridden with older -# versions whenever a new -data package is installed. -%config %verify(not size md5 mtime) %{homedir}/*.cvd - - -%files update -%{_bindir}/freshclam -%{_libdir}/libfreshclam.so.2* -%{_mandir}/*/freshclam* -%{_unitdir}/clamav-freshclam.service -%config(noreplace) %verify(not mtime) %{_sysconfdir}/freshclam.conf -%if %{with old_freshclam} -%{_datadir}/%{name}/freshclam-sleep -%config(noreplace) %{_sysconfdir}/cron.d/clamav-update -%config(noreplace) %{_sysconfdir}/sysconfig/freshclam -%config(noreplace) %verify(not mtime) %{_sysconfdir}/logrotate.d/* -# freshclamlog file is created in post -%ghost %attr(0664,root,%{updateuser}) %verify(not size md5 mtime) %{freshclamlog} -%endif -%ghost %attr(0664,%{updateuser},%{updateuser}) %{homedir}/main.cvd -%ghost %attr(0664,%{updateuser},%{updateuser}) %{homedir}/freshclam.dat -%ghost %attr(0664,%{updateuser},%{updateuser}) %{homedir}/daily.cld -%ghost %attr(0664,%{updateuser},%{updateuser}) %{homedir}/bytecode.cld - - -%files -n clamd -%doc _doc_server/* -%{_mandir}/man5/clamd.conf.5* -%{_mandir}/man8/clamd.8* -%{_sbindir}/clamd -%{_unitdir}/clamd@.service -%{_tmpfilesdir}/clamd.scan.conf - - -%files milter -%doc clamav-milter/README.fedora -%{_sbindir}/*milter* -%{_unitdir}/clamav-milter.service -%{_mandir}/man8/clamav-milter* -%dir %{_sysconfdir}/mail -%config(noreplace) %{_sysconfdir}/mail/clamav-milter.conf -%{_tmpfilesdir}/clamav-milter.conf - - -%changelog -* Sun Nov 07 2021 Sérgio Basto - 0.103.4-1 -- Update to 0.103.4 - -* Sun Oct 03 2021 Sérgio Basto - 0.103.3-9 -- Get rid of pkgdatadir variable %%{_datadir}/%%{name} is more informative -- Get rid og milterlog variable %%{_var}/log/clamav-milter.log is more readable -- we can remove %%{_var}/log/clamav-milter.log because journalctl -u clamav-milter - supersede it -- Fix substitution of /var/run/clamd/clamd.socket on file clamav-milter.conf -- Get rid of scanstatedir and milterstatedir variables -- smartsubst deleted since we notice does not replace anything -- more cleanups -- $RPM_BUILD_ROOT + %{buildroot} -- all variavels with {} -- BR _chmod and chown only in oldfreshclam -- clean rpath clean - -* Sat Oct 02 2021 Sérgio Basto - 0.103.3-8 -- (#2006490) second try to fix epel7, revert previous commit and add on - initial installation (not in updates) run /bin/systemd-tmpfiles --create (...) - -* Wed Sep 22 2021 Sérgio Basto - 0.103.3-7 -- (#2006490) follow the Fedora Packaging Guidelines by adding %%dir - %%attr(0710,%%scanuser,virusgroup) to %%files section, it is needed on epel7 on - initial installation without reboot. - -* Tue Sep 14 2021 Sahana Prasad - 0.103.3-6 -- Rebuilt with OpenSSL 3.0.0 - -* Thu Aug 26 2021 Sérgio Basto - 0.103.3-5 -- Update clamav-data (#1998252) - -* Sat Aug 14 2021 Sérgio Basto - 0.103.3-4 -- Rearrange tmpfiles following packaging guidelines - https://docs.fedoraproject.org/en-US/packaging-guidelines/Tmpfiles.d/ - not running systemd-tmpfiles on post -- Drop build without tmpfiles because we don't have Systemd without tmpfiles -- not ghost .socket files they are tmptifles -- Rearrange some files of milter package -- Move to old_freshclam files %_sysconfdir/logrotate.d/* and %freshclamlog -- Drop ConditionPathExists doesn't work as we expect - -* Wed Jul 21 2021 Fedora Release Engineering - 0.103.3-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild - -* Sat Jul 10 2021 Björn Esser - 0.103.3-2 -- Rebuild for versioned symbols in json-c - -* Tue Jun 22 2021 Sérgio Basto - 0.103.3-1 -- Update to 0.103.3 (#1974601) - -* Mon Jun 14 2021 Sérgio Basto - 0.103.2-2 -- Fix for rhbz #1969240, epel7 only, location of old freshclam update file is - /etc/cron.d/clamav-update, not /etc/cron.d/clamav-freshclam - -* Wed Apr 07 2021 Sérgio Basto - 0.103.2-1 -- Update to 0.103.2 - -* Sun Mar 07 2021 Sérgio Basto - 0.103.1-3 -- clamav-freshclam.service: Standard output type syslog is obsolete (#1933977) -- Quiet proxy on stdout (#1814698) - -* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 0.103.1-2 -- Rebuilt for updated systemd-rpm-macros - See https://pagure.io/fesco/issue/2583. - -* Wed Feb 17 2021 Sérgio Basto - 0.103.1-1 -- Update to 0.103.1 - -* Wed Jan 27 2021 Sérgio Basto - 0.103.0-3 -- Add upstream patch clamonacc: Fix stack buffer overflow with old curl - -* Tue Jan 26 2021 Fedora Release Engineering - 0.103.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - -* Thu Sep 17 2020 Orion Poplawski - 0.103.0-1 -- Update to 0.103.0 - -* Mon Jul 27 2020 Fedora Release Engineering - 0.102.4-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild - -* Fri Jul 17 2020 Orion Poplawski - 0.102.4-1 -- Update to 0.102.4 (bz#1857867,1858262,1858263,1858265,1858266) -- Security fixes CVE-2020-3327 CVE-2020-3350 CVE-2020-3481 - -* Thu May 28 2020 Orion Poplawski - 0.102.3-2 -- Update clamd README file (bz#1798369) - -* Thu May 14 2020 Orion Poplawski - 0.102.3-1 -- Update to 0.102.3 (bz#1834910) -- Security fixes CVE-2020-3327 CVE-2020-3341 - -* Sat May 02 2020 Orion Poplawski - 0.102.2-9 -- Add upstream patch to fix "Attempt to allocate 0 bytes" errors while scanning - certain PDFs - -* Thu Apr 30 2020 Orion Poplawski - 0.102.2-8 -- Enable prelude support (bz#1829726) - -* Wed Apr 29 2020 Orion Poplawski - 0.102.2-7 -- Move /etc/clamd.d/scan.conf to clamav-filesystem -- Add patch to build with EL7 libcurl - re-enable on-access scanning - (bz#1820395) -- Add clamonacc.service - -* Tue Apr 21 2020 Björn Esser - 0.102.2-6 -- Rebuild (json-c) - -* Wed Apr 8 2020 Orion Poplawski - 0.102.2-5 -- Do not log freshclam output to syslog by default - creates double entries - in the journal (bz#1822012) -- (#1820069) add try-restart clamav-freshclam.service on logrotate - -* Mon Mar 16 2020 Orion Poplawski - 0.102.2-4 -- Quiet freshclam-sleep when used with proxy - -* Sat Feb 29 2020 Orion Poplawski - 0.102.2-3 -- Add missingok to clamav-update.logrotate (bz#1807701) - -* Mon Feb 10 2020 Orion Poplawski - 0.102.2-2 -- Keep /var/log/freshclam.log handling - can still be used -- Restore clamav-server provides (bz#1801329) -- Fix old_freshclam cron conditional (bz#1801199) - -* Sun Feb 9 2020 Orion Poplawski - 0.102.2-1 -- Update to 0.102.2 -- Drop supporting deprecated options for F32+ and EL8+ -- Drop old umask patch - -* Sun Feb 09 2020 Orion Poplawski - 0.101.5-10 -- Re-add clamav-update.cron (bz#1800226) -- Add conditional old_freshclam - -* Tue Feb 04 2020 Sérgio Basto - 0.101.5-9 -- Add a message warning that We now provide clamav-freshclam.service systemd - unit instead old scripts - -* Tue Jan 28 2020 Fedora Release Engineering - 0.101.5-8 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - -* Mon Jan 27 2020 Sérgio Basto - 0.101.5-7 -- More cleanups -- Remove llvm-glibc.patch (upstream already fixed it) -- Comment "Example" in scan.conf to make clamd@scan.service works without editing -- Improve description of clamav-update - -* Sun Jan 26 2020 Sérgio Basto - 0.101.5-6 -- Fix clamd scriplets on update and add scriplets for clamav-freshclam.service - -* Fri Jan 24 2020 Sérgio Basto - 0.101.5-5 -- Improve upgrade path -- Get rid of pkgdatadir variable -- Use upstream freshclam systemd unit file, remove freshclam-sleep -- Get rid of %freshclamlog variable -- Get rid of smartsubst function - -* Fri Jan 17 2020 Sérgio Basto - 0.101.5-4 -- Fix scriplets (#1788338) - -* Tue Dec 17 2019 Sérgio Basto - 0.101.5-3 -- Remove old init scripts and use systemd - -* Tue Dec 17 2019 Orion Poplawski - 0.101.5-2 -- Allow building --with unrar again (bz#1782638) - -* Sat Nov 23 2019 Orion Poplawski - 0.101.5-1 -- Update to 0.101.5 (CVE-2019-15961) (bz#1775550) - -* Mon Nov 18 2019 Orion Poplawski - 0.101.4-3 -- Drop clamd@scan.service file (bz#1725810) -- Change /var/run to /run - -* Mon Nov 18 2019 Orion Poplawski - 0.101.4-2 -- Add TimeoutStartSec=420 to clamd@.service to match upstream (bz#1764835) - -* Thu Aug 22 2019 Orion Poplawski - 0.101.4-1 -- Update to 0.101.4 - -* Wed Aug 7 2019 Orion Poplawski - 0.101.3-1 -- Update to 0.101.3 -- Fix permissions on freshclam.conf (bugz#1733112) - -* Wed Jul 24 2019 Fedora Release Engineering - 0.101.2-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - -* Sun Jun 30 2019 Sérgio Basto - 0.101.2-2 -- One year later we may remove pakages workaround of clamav-milter-systemd, - clamav-scanner-systemd and clamav-server-systemd, before I forget it was one - workaround to allow migration of service without stop it and disable it - (#1583599). - -* Thu Mar 28 2019 Sérgio Basto - 0.101.2-1 -- Update to 0.101.2 - -* Thu Jan 31 2019 Fedora Release Engineering - 0.101.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild - -* Thu Jan 10 2019 Sérgio Basto - 0.101.1-1 -- Update to 0.101.1 - -* Thu Jan 3 2019 Orion Poplawski - 0.101.0-3 -- Actually apply patch - -* Thu Jan 3 2019 Orion Poplawski - 0.101.0-2 -- Explicitly list sonames to catch soname bumps -- Backport header fix (bug #1663011) - -* Thu Dec 13 2018 Orion Poplawski - 0.101.0-1 -- Update to 0.101.0 -- Add %%license -- pdf docs replaced with html - -* Thu Oct 04 2018 Sérgio Basto - 0.100.2-2 -- Revert unwanted committed parts of commit "clean whitespace" - -* Thu Oct 04 2018 Sérgio Basto - 0.100.2-1 -- Update to 0.100.2 -- Fix logrotate example (#1610735) -- Improve clamd@.service (enter in commit "clean whitespace" by mistake sorry) - -* Mon Jul 30 2018 Sérgio Basto - 0.100.1-4 -- Change the default location of configuration files in clamconf, binaries and - man pages, replacing with our default packaging (#859339). - -* Sun Jul 29 2018 Sérgio Basto - 0.100.1-3 -- Modify group of /var/run/clamd.scan to virusgroup -- Add some SELinux notes from (#787434) -- Drop pointless clamav-0.99.1-setsebool.patch -- Drop conditionalized build of noarch - -* Thu Jul 12 2018 Fedora Release Engineering - 0.100.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild - -* Wed Jul 11 2018 Sérgio Basto - 0.100.1-1 -- Update to 0.100.1 - -* Mon Jul 02 2018 Sérgio Basto - 0.100.0-3 -- Remove sub-package clamav-data-empty -- Also remove conflicts between clamav-data and clamav-data-empty - -* Sun Jun 03 2018 Sérgio Basto - 0.100.0-2 -- Try to mitigate bug #1583599 -- Move comments one line (to read before starting the scriptlet) -- clamav-milter could work without clamd and without sendmail (#1583599) -- Get rid of provides/requires with updateuser, virusgroup, scanuser and - milteruser and just simply require clamav-filesystem - -* Mon May 28 2018 Robert Scheck - 0.100.0-1 -- Upgrade to 0.100.0 (#1565381) - -* Wed Mar 21 2018 Sérgio Basto - 0.99.4-3 -- Fix data-empty sub-package (ghost the correct files) -- Add Obsoletes systemd sub-packages - -* Mon Mar 12 2018 Sérgio Basto - 0.99.4-2 -- Revert fix for llvm, build using -std=gnu++98 (#1307378) -- Revert CFLAG assignment in commmit a4a6d252 (made in 2006) -- BR systemd-devel to fix detection in configure. -- Disable llvm in ppc64 (#1534071) -- "Disable llvm will use the internal bytecode interpreter rather than the llvm - jit", so drop bytecode build condition and use condional on enable or disable - llvm. - -* Fri Mar 02 2018 Orion Poplawski - 0.99.4-1 -- Update to 0.99.4 -- Security fixes CVE-2012-6706 CVE-2017-6419 CVE-2017-11423 CVE-2018-1000085 - CVE-2018-0202 - -* Tue Feb 13 2018 Sérgio Basto - 0.99.3-7 -- Remove sub-packages sysvinit, upstart and systemd to be more compatible with - el6 . -- Remove provides/obsoletes for very old sub-packges clamav-milter-core, - clamav-milter-sendmail and clamav-milter-core -- Call server and scanner sub-packages as clamd (el6 compatible and as uppstream - call it) -- clamav-data provides clamav-db (el6 compatible) -- Explicitly enable-id-check and enable-dns in configure (as in el6). -- Add missing build-time requirement pcre2-devel (it misses in el6 at least) - -* Fri Feb 09 2018 Igor Gnatenko - 0.99.3-6 -- Escape macros in %%changelog - -* Wed Feb 07 2018 Fedora Release Engineering - 0.99.3-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild - -* Sat Feb 03 2018 Sérgio Basto - 0.99.3-4 -- Last Epel 7 macro already have systemctl daemon-reload, reverting 0.99.3-3 release -- Remove BR _includedir/tcpd.h due: - https://fedoraproject.org/wiki/Changes/Deprecate_TCP_wrappers - -* Wed Jan 31 2018 Sérgio Basto - 0.99.3-3 -- Use systemctl daemon-reload because we change services and epel7 seems not - reload services and break conditional restart. - -* Wed Jan 31 2018 Sérgio Basto -- Fix and organize systemd scriptlets, clamd@.service missed systemd_preun macro - and had a wrong systemd_postun_with_restart -- Remove triggerin macros that aren't need it anymore -- Fix scriplet -- Organize startup scriptlets -- Exclude one file listed twice - -* Fri Jan 26 2018 Orion Poplawski - 0.99.3-1 -- Update to 0.99.3 -- Security fixes CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 - CVE-2017-12378 CVE-2017-12379 CVE-2017-12380 (bug #1539030) -- Drop clamav-notify-servers and it's dependency on ncat (bug #1530678) - -* Wed Jan 17 2018 Sérgio Basto - 0.99.2-18 -- Fix type of clamd@ service -- Fix packages name of Obsoletes directives -- Also fix type of clamav-milter.service - -* Thu Jan 11 2018 Sérgio Basto - 0.99.2-17 -- Security fixes CVE-2017-6420 (#1483910), CVE-2017-6418 (#1483908) - -* Tue Jan 09 2018 Sérgio Basto - 0.99.2-16 -- Make sure that Obsoletes sysv and upstart for Epel upgrade and update - -* Mon Jan 08 2018 Sérgio Basto - 0.99.2-15 -- Fix rundir path (#1126595) -- Update main.cvd, daily.cvd and bytecode.cvd -- Fixes for rhbz 1464269 and rhbz 1126625 -- Move Sources and BuildRequires to the beginning -- Build systemd for F22+ and el7+ -- Build sysv and upstart for el6 else build only sysv -- Only enable tmpfiles with systemd enabled -- Move descritions to near the package macro and remove his build - conditionals, this also fix the generation of src.rpm -- Remove hack from 2010 (git show e1a9be60) -- Use autoreconf without --force - -* Thu Jan 04 2018 Sérgio Basto - 0.99.2-14 -- Use 4 spaces instead tabs -- Fix rhbz #1530678 -- Fix rhbz #1518016 -- Simplify conditional builds reference: /usr/lib/rpm/macros -- use make_build and make install macros - -* Sun Nov 26 2017 Robert Scheck - 0.99.2-13 -- Backported upstream patch to unbreak e2guardian vs. temp files - -* Fri Sep 15 2017 Sérgio Basto - 0.99.2-12 -- Try fix rhbz #1473642 - -* Wed Aug 02 2017 Fedora Release Engineering - 0.99.2-11 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild - -* Wed Jul 26 2017 Fedora Release Engineering - 0.99.2-10 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild - -* Mon Jul 17 2017 Sérgio Basto - 0.99.2-9 -- Add patch for openssl-1.1 - -* Mon Mar 27 2017 Orion Poplawski - 0.99.2-8 -- Create virusgroup group and add the various clam* users to it - -* Sun Mar 26 2017 Orion Poplawski - 0.99.2-7 -- Fix clamav-milter startup under selinux (bug #1434176) -- Move /etc/clam.d to clamav-filesystem (bug #1275630) -- Make clamav-milter own /etc/mail (bug #1175473) - -* Sun Mar 26 2017 Orion Poplawski - 0.99.2-6 -- Start clamav-milter after clamd@scan (bug #1356507)) - -* Sun Mar 26 2017 Orion Poplawski - 0.99.2-5 -- Allow freshclam to run automatically on install (bug #1408649) - -* Fri Feb 10 2017 Fedora Release Engineering - 0.99.2-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild - -* Mon Nov 07 2016 Richard W.M. Jones - 0.99.2-3 -- Rebuild for OCaml 4.04.0. - -* Tue Oct 18 2016 Orion Poplawski - 0.99.2-2 -- Also send logrotate script stdout to /dev/null (bug #1376815) - -* Mon Jun 13 2016 Orion Poplawski - 0.99.2-1 -- Update to 0.99.2 -- Drop cliopts patch fixed upstream, use upstream's "--forground" option name -- Fix main.cvd (fedora #1325482, epel #1325717) -- Own bytecode.cld (#1176252) and mirrors.dat, ship bytecode.cvd -- Update daily.cvd -- Fixup Requires(pre) usage (#1319151) - -* Tue Mar 29 2016 Robert Scheck - 0.99.1-1 -- Upgrade to 0.99.1 and updated main.cvd and daily.cvd (#1314115) -- Complain about antivirus_use_jit rather clamd_use_jit (#1295473) - -* Tue Mar 29 2016 Robert Scheck - 0.99-4 -- Link using %%{?__global_ldflags} for hardened builds (#1321173) -- Build using -std=gnu++98 (#1307378, thanks to Yaakov Selkowitz) - -* Wed Feb 03 2016 Fedora Release Engineering - 0.99-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild - -* Sun Dec 06 2015 Robert Scheck - 0.99-2 -- Require openssl-devel for clamav-devel -- Change clamav-milter unit for upstream changes (#1287795) - -* Wed Dec 02 2015 Robert Scheck - 0.99-1 -- Upgrade to 0.99 and updated daily.cvd (#1287327) - -* Tue Jun 30 2015 Robert Scheck - 0.98.7-3 -- Move /etc/tmpfiles.d/ to /usr/lib/tmpfiles.d/ (#1126595) - -* Wed Jun 17 2015 Fedora Release Engineering - 0.98.7-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - -* Wed Apr 29 2015 Robert Scheck - 0.98.7-1 -- Upgrade to 0.98.7 and updated daily.cvd (#1217014) - -* Tue Mar 10 2015 Adam Jackson 0.98.6-2 -- Drop sysvinit subpackages in F23+ - -* Thu Jan 29 2015 Robert Scheck - 0.98.6-1 -- Upgrade to 0.98.6 and updated daily.cvd (#1187050) - -* Wed Nov 19 2014 Robert Scheck - 0.98.5-2 -- Corrected summary of clamav-server-systemd package (#1165672) - -* Wed Nov 19 2014 Robert Scheck - 0.98.5-1 -- Upgrade to 0.98.5 and updated daily.cvd (#1138101) - -* Sat Aug 16 2014 Fedora Release Engineering - 0.98.4-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - -* Sat Jun 21 2014 Robert Scheck - 0.98.4-1 -- Upgrade to 0.98.4 and updated daily.cvd (#1111811) -- Add build requirement to libxml2 for DMG, OpenIOC and XAR - -* Sat Jun 07 2014 Fedora Release Engineering - 0.98.3-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - -* Sat May 10 2014 Robert Scheck - 0.98.3-1 -- Upgrade to 0.98.3 and updated daily.cvd (#1095614) -- Avoid automatic path detection breakage regarding curl -- Added build requirement to openssl-devel for hasing code -- Added clamsubmit to main package - -* Wed Jan 15 2014 Robert Scheck - 0.98.1-1 -- Upgrade to 0.98.1 and updated daily.cvd (#1053400) - -* Wed Oct 09 2013 Dan Horák - 0.98-2 -- Use fanotify from glibc instead of the limited hand-crafted version - -* Sun Oct 06 2013 Robert Scheck - 0.98-1 -- Upgrade to 0.98 and updated main.cvd and daily.cvd (#1010168) - -* Wed Aug 07 2013 Pierre-Yves Chibon - 0.97.8-4 -- Add a missing requirement on crontabs to spec file -- Fix RHBZ#988605 - -* Sat Aug 03 2013 Fedora Release Engineering - 0.97.8-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - -* Thu May 2 2013 Nick Bebout - 0.97.8-1 -- Update to 0.97.8 - -* Wed Apr 10 2013 Jon Ciesla - 0.97.7-2 -- Migrate from fedora-usermgmt to guideline scriptlets. - -* Sat Mar 23 2013 Nick Bebout - 0.97.7-1 -- Update to 0.97.7 - -* Wed Feb 13 2013 Fedora Release Engineering - 0.97.6-1901 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - -* Sat Sep 22 2012 Enrico Scholz - 0.97.6-1900 -- updated to 0.97.6 -- use %%systemd macros - -* Tue Aug 14 2012 Enrico Scholz - 0.97.5-1900 -- disabled upstart support - -* Wed Jul 18 2012 Fedora Release Engineering - 0.97.5-1801 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - -* Sat Jun 16 2012 Enrico Scholz - 0.97.5-1800 -- updated to 0.97.5 -- CVE-2012-1457: allows to bypass malware detection via a TAR archive - entry with a length field that exceeds the total TAR file size -- CVE-2012-1458: allows to bypass malware detection via a crafted - reset interval in the LZXC header of a CHM file -- CVE-2012-1459: allows to bypass malware detection via a TAR archive - entry with a length field corresponding to that entire entry, plus - part of the header of the next entry -- ship local copy of virus database; it was removed by accident from - 0.97.5 tarball -- removed sysv compat stuff - -* Fri Apr 13 2012 Enrico Scholz - 0.97.4-1801 -- build with -fPIE - -* Fri Mar 16 2012 Enrico Scholz - 0.97.4-1800 -- updated to 0.97.4 - -* Sun Feb 5 2012 Enrico Scholz - 0.97.3-1703 -- fixed SELinux restorecon invocation -- added trigger to fix SELinux contexts of logfiles created by old - packages -- fixed build with recent gcc/glibc toolchain - -* Sat Jan 21 2012 Enrico Scholz - 0.97.3-1703 -- rewrote clamav-notify-servers to be init system neutral -- set PrivateTmp systemd option (#782488) - -* Sun Jan 8 2012 Enrico Scholz - 0.97.3-1702 -- set correct SELinux context for logfiles generated in %%post (#754555) -- create systemd tmpfiles in %%post -- created -server-systemd subpackage providing a clamd@.service template -- made script in -scanner-systemd an instance of clamd@.service - -* Tue Oct 18 2011 Nick Bebout - 0.97.3-1700 -- updated to 0.97.3 -- CVE-2011-3627 clamav: Recursion level crash fixed in v0.97.3 - -* Thu Aug 4 2011 Enrico Scholz - 0.97.2-1700 -- moved sysv wrapper script into -sysv subpackage -- start systemd services after network.target and nss-lookup.target - -* Tue Jul 26 2011 Enrico Scholz - 0.97.2-1600 -- updated to 0.97.2 -- CVE-2011-2721 Off-by-one error by scanning message hashes (#725694) -- fixed systemd scripts and their installation - -* Thu Jun 9 2011 Enrico Scholz - 0.97.1-1600 -- updated to 0.97.1 -- fixed Requires(preun) vs. Requires(postun) inconsistency - -* Sat Apr 23 2011 Enrico Scholz - 0.97-1601 -- fixed tmpfiles.d syntax (#696812) - -* Sun Feb 20 2011 Enrico Scholz - 0.97-1600 -- updated to 0.97 -- rediffed some patches - -* Tue Feb 08 2011 Fedora Release Engineering - 0.96.5-1503 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - -* Sat Jan 8 2011 Enrico Scholz - 0.96.5-1502 -- fixed signal specifier in clamd-wrapper (#668131, James Ralston) - -* Fri Dec 24 2010 Enrico Scholz - 0.96.5-1501 -- added systemd init scripts which obsolete to old sysvinit ones -- added tmpfiles.d/ descriptions - -* Sat Dec 4 2010 Enrico Scholz - 0.96.5-1500 -- updated to 0.96.5 -- CVE-2010-4260 Multiple errors within the processing of PDF files can - be exploited to e.g. cause a crash. -- CVE-2010-4261 An off-by-one error within the "icon_cb()" function - can be exploited to cause a memory corruption. - -* Sun Oct 31 2010 Enrico Scholz - 0.96.4-1500 -- updated to 0.96.4 -- execute 'make check' (#640347) but ignore errors for now because - four checks are failing on f13 - -* Wed Sep 29 2010 Enrico Scholz - 0.96.3-1501 -- lowered stop priority of sysv initscripts (#629435) - -* Wed Sep 22 2010 Enrico Scholz - 0.96.3-1500 -- updated to 0.96.3 -- fixes CVE-2010-0405 in shipped bzlib.c copy - -* Sun Aug 15 2010 Enrico Scholz - 0.96.2-1500 -- updated to 0.96.2 -- rediffed patches -- removed the -jit-disable patch which is replaced upstream by a more - detailed configuration option. - -* Wed Aug 11 2010 Enrico Scholz -- removed old %%trigger which renamed the 'clamav' user- and groupnames - to 'clamupdate' -- use 'groupmems', not 'usermod' to add a user to a group because - 'usermod' does not work when user does not exist in local /etc/passwd - -* Tue Jul 13 2010 Dan Horák - 0.96.1-1401 -- ocaml not available (at least) on s390(x) - -* Tue Jun 1 2010 Enrico Scholz - 0.96.1-1400 -- updated to 0.96.1 -- rediffed patches - -* Sat May 29 2010 Rakesh Pandit - 0.96.1403 -- CVE-2010-1639 Clam AntiVirus: Heap-based overflow, when processing malicious PDF file(s) - -* Wed Apr 21 2010 Enrico Scholz - 0.96-1402 -- updated to final 0.96 -- applied upstream patch which allows to disable JIT compiler (#573191) -- build JIT compiler again -- disabled JIT compiler by default -- removed explicit 'pkgconfig' requirements in -devel (#533956) - -* Sat Mar 20 2010 Enrico Scholz - 0.96-0.1401.rc1 -- do not build the bytecode JIT compiler for now until it can be disabled - at runtime (#573191) - -* Thu Mar 11 2010 Enrico Scholz - 0.96-1400.rc1 -- updated to 0.96rc1 -- added some BRs - -* Sun Dec 6 2009 Enrico Scholz - 0.95.3-1301 -- updated -upstart to upstart 0.6.3 - -* Sat Nov 21 2009 Enrico Scholz -- adjusted chkconfig positions for clamav-milter (#530101) -- use %%apply instead of %%patch - -* Thu Oct 29 2009 Enrico Scholz - 0.95.3-1300 -- updated to 0.95.3 - -* Sun Sep 13 2009 Enrico Scholz -- conditionalized build of noarch subpackages to ease packaging under RHEL5 - -* Sun Aug 9 2009 Enrico Scholz - 0.95.2-5 -- modified freshclam configuration to log by syslog by default -- disabled LocalSocket option in sample configuration -- fixed clamav-milter sysv initscript to use bash interpreter and to - be disabled by default - -* Sat Aug 8 2009 Enrico Scholz - 0.95.2-4 -- renamed 'clamav' user/group to 'clamupdate' -- add the '%%milteruser' user to the '%%scanuser' group when the -scanner - subpackage is installed - -* Fri Jul 24 2009 Fedora Release Engineering - 0.95.2-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - -* Thu Jun 11 2009 Enrico Scholz - 0.95.2-1 -- updated to 0.95.2 - -* Sun Apr 19 2009 Enrico Scholz - 0.95.1-3 -- fixed '--without upstart' operation - -* Wed Apr 15 2009 Enrico Scholz - 0.95.1-2 -- added '%%bcond_without upstart' conditional to ease skipping of - -upstart subpackage creation e.g. on EL5 systems -- fixed Provides/Obsoletes: typo in -milter-sysvinit subpackage which - broke update path - -* Fri Apr 10 2009 Robert Scheck - 0.95.1-1 -- Upgrade to 0.95.1 (#495039) - -* Wed Mar 25 2009 Enrico Scholz - 0.95-1 -- updated to final 0.95 -- added ncurses-devel (-> clamdtop) BR -- enforced IPv6 support - -* Sun Mar 8 2009 Enrico Scholz - 0.95-0.1.rc1 -- updated to 0.95rc1 -- added -upstart subpackages -- renamed -sysv to -sysvinit to make -upstart win the default dep resolving -- reworked complete milter stuff -- added -scanner subpackage which contains a preconfigured daemon - (e.g. for use by -milter) -- moved %%changelog entries from 2006 and before into ChangeLog-rpm.old - -* Wed Feb 25 2009 Enrico Scholz - 0.94.2-3 -- made some subpackages noarch -- fixed typo in SysV initscript which removes 'touch' file (#473513) - -* Mon Feb 23 2009 Fedora Release Engineering - 0.94.2-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild - -* Tue Dec 02 2008 Robert Scheck - 0.94.2-1 -- Upgrade to 0.94.2 (#474002) - -* Wed Nov 05 2008 Robert Scheck - 0.94.1-1 -- Upgrade to 0.94.1 - -* Sun Oct 26 2008 Robert Scheck - 0.94-1 -- Upgrade to 0.94 (SECURITY), fixes #461461: -- CVE-2008-1389 Invalid memory access in the CHM unpacker -- CVE-2008-3912 Out-of-memory NULL pointer dereference in mbox/msg -- CVE-2008-3913 Memory leak in code path in freshclam's manager.c -- CVE-2008-3914 Multiple file descriptor leaks on the code paths - -* Sun Jul 13 2008 Enrico Scholz - 0.93.3-1 -- updated to 0.93.3; another fix for CVE-2008-2713 (out-of-bounds read - on petite files) -- put pid instead of pgrp into pidfile of clamav-milter (bz #452359) -- rediffed patches - -* Tue Jun 17 2008 Enrico Scholz - 0.93.1-1 -- updated to 0.93.1 -- rediffed -path patch -- CVE-2008-2713 Invalid Memory Access Denial Of Service Vulnerability - -* Mon Apr 14 2008 Enrico Scholz - 0.93-1 -- updated to final 0.93 -- removed daily.inc + main.inc directories; they are now replaced by - *.cld containers -- trimmed down MAILTO list of cronjob to 'root' again; every well - configured system has an alias for this recipient - -* Wed Mar 12 2008 Enrico Scholz - 0.93-0.1.rc1 -- moved -milter scriptlets into -milter-core subpackage -- added a requirement on the milteruser to the -milter-sendmail - subpackage (reported by Bruce Jerrick) - -* Tue Mar 4 2008 Enrico Scholz - 0.93-0.0.rc1 -- updated to 0.93rc1 -- fixed rpath issues - -* Mon Feb 11 2008 Enrico Scholz - 0.92.1-1 -- updated to 0.92.1 - -* Tue Jan 1 2008 Enrico Scholz - 0.92-6 -- redisabled unrar stuff completely by using clean sources -- splitted -milter subpackage into pieces to allow use without sendmail - (#239037) - -* Tue Jan 1 2008 Enrico Scholz - 0.92-5 -- use a better way to disable RPATH-generation (needed for '--with - unrar' builds) - -* Mon Dec 31 2007 Enrico Scholz - 0.92-4 -- added a README.fedora to the milter package (#240610) -- ship original sources again; unrar is now licensed correctly (no more - stolen code put under GPL). Nevertheless, this license is not GPL - compatible, and to allow libclamav to be used by GPL applications, - unrar is disabled by a ./configure switch. -- use pkg-config in clamav-config to emulate --cflags and --libs - operations (fixes partly multilib issues) -- registered some more auto-updated files and marked them as %%ghost - -* Fri Dec 21 2007 Tom "spot" Callaway - 0.92-3 -- updated to 0.92 (SECURITY): -- CVE-2007-6335 MEW PE File Integer Overflow Vulnerability - -* Mon Oct 29 2007 Tom "spot" Callaway - 0.91.2-3 -- remove RAR decompression code from source tarball because of - legal problems (resolves 334371) -- correct license tag - -* Mon Sep 24 2007 Jesse Keating - 0.91.2-2 -- Bump release for upgrade path. - -* Sat Aug 25 2007 Enrico Scholz - 0.91.2-1 -- updated to 0.91.2 (SECURITY): -- CVE-2007-4510 DOS in RTF parser -- DOS in html normalizer -- arbitrary command execution by special crafted recipients in - clamav-milter's black-hole mode -- fixed an open(2) issue - -* Tue Jul 17 2007 Enrico Scholz - 0.91.1-0 -- updated to 0.91.1 - -* Thu Jul 12 2007 Enrico Scholz - 0.91-1 -- updated to 0.91 - -* Thu May 31 2007 Enrico Scholz - 0.90.3-1 -- updated to 0.90.3 -- BR tcpd.h instead of tcp_wrappers(-devel) to make it build both - in FC6- and F7+ - -* Fri Apr 13 2007 Enrico Scholz - 0.90.2-1 -- [SECURITY] updated to 0.90.2; fixes CVE-2007-1745, CVE-2007-1997 - -* Fri Mar 2 2007 Enrico Scholz - 0.90.1-2 -- BR 'tcp_wrappers-devel' instead of plain 'tcp_wrappers' - -* Fri Mar 2 2007 Enrico Scholz - 0.90.1-1 -- updated to 0.90.1 -- updated %%doc list - -* Sun Feb 18 2007 Enrico Scholz - 0.90-1 -- updated to final 0.90 -- removed -visibility patch since fixed upstream - -* Sun Feb 4 2007 Enrico Scholz - 0.90-0.3.rc3 -- build with -Wl,-as-needed and cleaned up pkgconfig file -- removed old hack which forced installation of freshclam.conf; related - check was removed upstream -- removed static library -- removed %%changelog entries from before 2004 - -* Sat Feb 3 2007 Enrico Scholz - 0.90-0.2.rc3 -- updated to 0.90rc3 -- splitted mandatory parts from the data-file into a separate -filesystem - subpackage -- added a -data-empty subpackage to allow a setup where database is - updated per cron-job and user does not want to download the large - -data package with outdated virus definitations (#214949) -- %%ghost'ed the files downloaded by freshclam diff --git a/clamd-README b/clamd-README deleted file mode 100644 index 371a39e..0000000 --- a/clamd-README +++ /dev/null @@ -1,86 +0,0 @@ -Update 2021: Log to syslog is obsolete, journalctl superseded it - - By default, clamd provides a general "scan" service that requires minimal -configuration. To configure, edit /etc/clamd/scan.conf and: - - * set LocalSocket for localhost access or TCPSocket for network access. - - Default configuration will: - - * Log to syslog - * Run as the user "clamscan" - - When LogFile feature is wanted, it must be writable for the assigned -User. The recommended way is to: - - * make it owned by the User's *group* - * assign at least 0620 (u+rw,g+w) permissions - - A suitable command might be - | # touch - | # chgrp - | # chmod 0620 - | # restorecon - - NEVER use 'clamav' as the user since it can modify the database. This is -the user who is running the application; e.g. for mimedefang -(http://www.roaringpenguin.com/mimedefang), the user might be 'defang'. -Theoretically, distinct users could be used, but it must be made sure that -the application-user can write into the socket-file, and that the clamd-user -can access the files asked by the application to be checked. - - The default service can be enabled and started with: - - systemctl enable clamd@scan.service - systemctl start clamd@scan.service - - To create other individual clamd-instances take the following files in -/usr/share/doc/clamd/ and modify/copy them in the suggested way: - -clamd.conf, copy to /etc/clamd.d/.conf - * Change as to match name of config file - * Any other changes as noted above - -clamd.logrotate: (only when LogFile feature is used) - * set the correct value for the logfile - * place it into /etc/logrotate.d - - Additionally, when using LocalSocket instead of TCPSocket, the directory -for the socket file must be created. For tmpfiles based systems, you might -want to create a file /etc/tmpfiles.d/clamd..conf with a content of - - | d /run/clamd. - - Adjust (0710 should suffice for most cases) and + -so that the socket can be accessed by clamd and by the applications using -clamd. Make sure that the socket is not world accessible; else, DOS attacks -or worse are trivial. - - After emulating these steps by hand (or else rebooting), you still need set -SELinux: - - chcon -t clamd_var_run_t /run/clamd. -or - restorecon -R -v "/run/clamd." - -More SELinux notes: -you may need run: - - setsebool -P antivirus_can_scan_system 1 - -and also maybe this one (I need to confirm that is obsolete) - - setsebool -P antivirus_use_jit 1 - - The new service can be enabled and started with: - - systemctl enable clamd@.service - systemctl start clamd@.service - - -[Disclaimer: - this file and the script/configfiles are not part of the official - clamav package. - - Please send complaints and comments to - https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora&component=clamav] diff --git a/clamd.logrotate b/clamd.logrotate deleted file mode 100644 index 45dc48d..0000000 --- a/clamd.logrotate +++ /dev/null @@ -1,9 +0,0 @@ -/var/log/clamd. { - monthly - notifempty - missingok - - postrotate - pkill -u -HUP -f '/usr/sbin/clamd -c /etc/clamd.d/.conf >/dev/null 2>&1 || : - endscript -} diff --git a/clamd@.service b/clamd@.service deleted file mode 100644 index 2e3011b..0000000 --- a/clamd@.service +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description = clamd scanner (%i) daemon -Documentation=man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/ -After = syslog.target nss-lookup.target network.target - -[Service] -Type = forking -ExecStart = /usr/sbin/clamd -c /etc/clamd.d/%i.conf -# Reload the database -ExecReload=/bin/kill -USR2 $MAINPID -Restart = on-failure -TimeoutStartSec=420 - -[Install] -WantedBy = multi-user.target diff --git a/dead.package b/dead.package new file mode 100644 index 0000000..a72aec0 --- /dev/null +++ b/dead.package @@ -0,0 +1 @@ +epel8-playground decommissioned : https://pagure.io/epel/issue/136 diff --git a/freshclam-sleep b/freshclam-sleep deleted file mode 100755 index 5d3d5b3..0000000 --- a/freshclam-sleep +++ /dev/null @@ -1,52 +0,0 @@ -#! /bin/bash -# Copyright (C) 2005 Enrico Scholz -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -FRESHCLAM_MOD=$[ 3*60 ] # 3 hours - -f=/etc/sysconfig/freshclam -test ! -e "$f" || . "$f" - - -case x"$1" in - (xnow) FRESHCLAM_DELAY=0;; - (x|xrandom) : ${FRESHCLAM_DELAY:=$[ 0x`hostid` ]};; - (*) FRESHCLAM_DELAY=$1;; -esac - -set -e - -case $FRESHCLAM_DELAY in - (disabled-warn) - echo $"\ -WARNING: update of clamav database is disabled; please see - '$f' - for information how to enable the periodic update resp. how to turn - off this message." >&2 - exit 1 - ;; - - (disabled) - exit 0 - ;; - - (*) - let FRESHCLAM_MOD*=60 - sleep $[ (FRESHCLAM_DELAY % FRESHCLAM_MOD + FRESHCLAM_MOD) % FRESHCLAM_MOD ] - ;; -esac - -/usr/bin/freshclam --quiet > /dev/null diff --git a/freshclam.sysconfig b/freshclam.sysconfig deleted file mode 100644 index 417dafc..0000000 --- a/freshclam.sysconfig +++ /dev/null @@ -1,18 +0,0 @@ -## When changing the periodicity of freshclam runs in the crontab, -## this value must be adjusted also. Its value is the timespan between -## two subsequent freshclam runs in minutes. E.g. for the default -## -## | 0 */3 * * * ... -## -## crontab line, the value is 180 (minutes). -# FRESHCLAM_MOD= - -## A predefined value for the delay in seconds. By default, the value is -## calculated by the 'hostid' program. This predefined value guarantees -## constant timespans of 3 hours between two subsequent freshclam runs. -## -## This option accepts two special values: -## 'disabled-warn' ... disables the automatic freshclam update and -## gives out a warning -## 'disabled' ... disables the automatic freshclam silently -# FRESHCLAM_DELAY= diff --git a/sources b/sources deleted file mode 100644 index 5d699b4..0000000 --- a/sources +++ /dev/null @@ -1,4 +0,0 @@ -SHA512 (clamav-0.103.4-norar.tar.xz) = bcdb1cc1f5dd1d4a881156e0e2b3a4662a0a67fe944ae1ebae149980149cd14a512d5364fcbdf6d9aa2f4cd843a225057fe044c2fd58bf255fe1fd3fe6422c1e -SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-26345.cvd) = 7a7d004fa26a33b4b46a9ee09fb390865e32f9d746a42fa12d9a2143c2eb1006294ccf758ed1daed7c7e8b826f013e5da020eb271e291b21c3b1ff5ffc71401c -SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07 diff --git a/update_clamav.sh b/update_clamav.sh deleted file mode 100755 index 7c41351..0000000 --- a/update_clamav.sh +++ /dev/null @@ -1,53 +0,0 @@ -VERSION=0.103.4 -NAME=clamav -TARBALL_CLEAN=${NAME}-${VERSION}-norar.tar.xz -TARBALL=${NAME}-${VERSION}.tar.gz - -wget -c https://www.clamav.net/downloads/production/${TARBALL} -wget -c https://www.clamav.net/downloads/production/${TARBALL}.sig -gpg --verify ${TARBALL}.sig ${TARBALL} -zcat ${TARBALL} | tar --delete -f - '*/libclamunrar/*' | xz -c > ${TARBALL_CLEAN} - -# WIP clouflare don't allow wget we need download with browser -#wget http://database.clamav.net/main.cvd -#get http://database.clamav.net/daily.cvd -#get http://database.clamav.net/bytecode.cvd - -main_ver=$(file main.cvd | sed -e 's/.*version /main-/;s/,.*/.cvd/') -daily_ver=$(file daily.cvd | sed -e 's/.*version /daily-/;s/,.*/.cvd/') -bytecode_ver=$(file bytecode.cvd | sed -e 's/.*version /bytecode-/;s/,.*/.cvd/') - -cp -f main.cvd $main_ver -cp -f daily.cvd $daily_ver -cp -f bytecode.cvd $bytecode_ver - -sed -i "s|^Source10: .*|Source10: $main_ver|" clamav.spec -sed -i "s|^Source11: .*|Source11: $daily_ver|" clamav.spec -sed -i "s|^Source12: .*|Source12: $bytecode_ver|" clamav.spec - -rpmdev-bumpspec -n $VERSION -c "Update to $VERSION" clamav.spec -echo fedpkg new-sources ${TARBALL_CLEAN} $main_ver $daily_ver $bytecode_ver -echo Press enter scratch-build or n to skip ; read dummy; -if [[ "$dummy" != "n" ]]; then -#fkinit -u sergiomb -fedpkg scratch-build --srpm -fi -echo Press enter to upload sources and commit ; read dummy; -fedpkg new-sources ${TARBALL_CLEAN} $main_ver $daily_ver $bytecode_ver -fedpkg ci -c && git show - -echo Press enter to build rawhide; read dummy; -git push && fedpkg build --nowait - -for repo in "f35 f34 f33 epel8-playground epel8 epel7" ; do -echo Press enter to build on branch $repo; read dummy; -git checkout $repo && git merge rawhide && fedpkg push && fedpkg build --nowait; git checkout rawhide -done - -exit -# not finished yet -/usr/bin/bodhi updates new --autokarma --autotime --type bugfix --severity medium --notes "https://blog.clamav.net/2021/06/clamav-01033-patch-release.html" --bugs 1974601 --request testing clamav-0.103.3-1.fc34 -/usr/bin/bodhi updates new --autokarma --autotime --type bugfix --severity medium --notes "https://blog.clamav.net/2021/06/clamav-01033-patch-release.html" --bugs 1974601 --request testing clamav-0.103.3-1.fc33 -/usr/bin/bodhi updates new --autokarma --autotime --type bugfix --severity medium --notes "https://blog.clamav.net/2021/06/clamav-01033-patch-release.html" --bugs 1974601 --request testing clamav-0.103.3-1.el8 - -sha512sum --tag ${TARBALL_CLEAN} $main_ver $daily_ver $bytecode_ver > sources From 32310a5180b05c275b5ee3bdc026d67ca149764b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Tue, 1 Mar 2022 21:46:36 +0000 Subject: [PATCH 05/72] Fix for dnf update clamav-update (#2059618) --- clamav.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 6805952..8ee81f7 100644 --- a/clamav.spec +++ b/clamav.spec @@ -34,7 +34,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.103.5 -Release: 2%{?dist} +Release: 3%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -189,6 +189,7 @@ installation. %package update Summary: Auto-updater for the Clam Antivirus scanner data-files Requires: clamav-filesystem = %{version}-%{release} +Requires: clamav-lib = %{version}-%{release} %if %{with old_freshclam} Requires: crontabs Requires: /etc/cron.d @@ -579,6 +580,9 @@ test -e %{freshclamlog} || { %changelog +* Tue Mar 01 2022 Sérgio Basto - 0.103.5-3 +- Fix for dnf update clamav-update (#2059618) + * Wed Jan 19 2022 Fedora Release Engineering - 0.103.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild From fd5e7f3d2fcb643e8e2875ead10e5cdb833034aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Thu, 5 May 2022 23:35:30 +0100 Subject: [PATCH 06/72] Update to 0.103.6 --- clamav-check.patch | 12 --------- clamav-clamonacc-service.patch | 7 +++-- clamav.spec | 13 +++++----- sources | 4 +-- update_clamav.sh | 47 ++++++++++++++++++++++++++++------ 5 files changed, 50 insertions(+), 33 deletions(-) delete mode 100644 clamav-check.patch diff --git a/clamav-check.patch b/clamav-check.patch deleted file mode 100644 index e3d37a4..0000000 --- a/clamav-check.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up clamav-0.103.0/unit_tests/check_jsnorm.c.check clamav-0.103.0/unit_tests/check_jsnorm.c ---- clamav-0.103.0/unit_tests/check_jsnorm.c.check 2020-09-12 18:27:10.000000000 -0600 -+++ clamav-0.103.0/unit_tests/check_jsnorm.c 2020-09-17 22:15:26.199957518 -0600 -@@ -247,7 +247,7 @@ static void tokenizer_test(const char *i - fd = open(filename, O_RDONLY); - if (fd < 0) { - jstest_teardown(); -- ck_assert_msg("failed to open output file: %s", filename); -+ ck_assert_msg(0, "failed to open output file: %s", filename); - } - - diff_file_mem(fd, expected, len); diff --git a/clamav-clamonacc-service.patch b/clamav-clamonacc-service.patch index 12439f9..c72e806 100644 --- a/clamav-clamonacc-service.patch +++ b/clamav-clamonacc-service.patch @@ -1,6 +1,5 @@ -diff -up clamav-0.103.0/clamonacc/clamav-clamonacc.service.in.clamonacc-service clamav-0.103.0/clamonacc/clamav-clamonacc.service.in ---- clamav-0.103.0/clamonacc/clamav-clamonacc.service.in.clamonacc-service 2020-09-12 18:27:09.000000000 -0600 -+++ clamav-0.103.0/clamonacc/clamav-clamonacc.service.in 2020-09-18 19:49:35.400152760 -0600 +--- ./clamonacc/clamav-clamonacc.service.in.clamonacc-service 2022-05-05 22:36:27.572671129 +0100 ++++ ./clamonacc/clamav-clamonacc.service.in 2022-05-05 22:43:05.204324524 +0100 @@ -4,14 +4,12 @@ [Unit] Description=ClamAV On-Access Scanner @@ -13,7 +12,7 @@ diff -up clamav-0.103.0/clamonacc/clamav-clamonacc.service.in.clamonacc-service Type=simple User=root -ExecStartPre=/bin/bash -c "while [ ! -S /run/clamav/clamd.ctl ]; do sleep 1; done" --ExecStart=@prefix@/sbin/clamonacc -F --config-file=@APP_CONFIG_DIRECTORY@/clamd.conf --log=/var/log/clamav/clamonacc.log --move=/root/quarantine +-ExecStart=@prefix@/sbin/clamonacc -F --log=/var/log/clamav/clamonacc.log --move=/root/quarantine +ExecStart=@prefix@/sbin/clamonacc -F --config-file=/etc/clamd.d/scan.conf [Install] diff --git a/clamav.spec b/clamav.spec index 8ee81f7..8c05fe0 100644 --- a/clamav.spec +++ b/clamav.spec @@ -33,8 +33,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 0.103.5 -Release: 3%{?dist} +Version: 0.103.6 +Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -56,7 +56,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26420.cvd +Source11: daily-26532.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-333.cvd #for update @@ -79,9 +79,6 @@ Patch0: clamav-stats-deprecation.patch Patch1: clamav-default_confs.patch # Fix pkg-config flags for static linking, multilib Patch2: clamav-0.99-private.patch -# Fix ck_assert_msg() call -# https://github.com/Cisco-Talos/clamav-devel/pull/138 -Patch4: clamav-check.patch # Modify clamav-clamonacc.service for Fedora compatibility Patch5: clamav-clamonacc-service.patch @@ -252,7 +249,6 @@ This package contains files which are needed to run the clamav-milter. %endif %patch1 -p1 -b .default_confs %patch2 -p1 -b .private -%patch4 -p1 -b .check %patch5 -p1 -b .clamonacc-service %patch6 -p1 -b .freshclam-service @@ -580,6 +576,9 @@ test -e %{freshclamlog} || { %changelog +* Thu May 05 2022 Sérgio Basto - 0.103.6-1 +- Update to 0.103.6 + * Tue Mar 01 2022 Sérgio Basto - 0.103.5-3 - Fix for dnf update clamav-update (#2059618) diff --git a/sources b/sources index c04039f..97be8dd 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-0.103.5-norar.tar.xz) = 90a725c3372dd309cd561934030a50fddd451f1e8d5ab525939e381d6f525a8f46cca40948c59ac0ab884a25bfb17dc526c5726419e8b7eb0c4f1aef47793317 +SHA512 (clamav-0.103.6-norar.tar.xz) = 2d89b5269e497a8607c0a0a84b6119df006ca77b333608887feae5d93e9a9fc34952490a96d9fd19f8e18eeb9e45f1597daeeb18021cd6009b1218d1d6ea91eb SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-26420.cvd) = c368cc0b9c6e9c1b401f184840178515e37619aaae088edc0bf8d5e403c5c1f49768b987de37fc2e17cd3254f2d1d4e32e4dfb4443889aec512e634775b65423 +SHA512 (daily-26532.cvd) = 548b0c524a8406aaa7bd77fcd7ee7136190c690aa4b80e3c067a9779ec448b888014428a42bbd0bf67c090543f83266a25cd7a5164f26aced009b35ab6698db7 SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07 diff --git a/update_clamav.sh b/update_clamav.sh index 460e040..89eeb15 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,4 +1,5 @@ -VERSION=0.103.5 +VERSION=0.103.6 +REPOS="f36 f35 f34 epel9 epel8 epel7" if [ -z "$1" ] then @@ -11,26 +12,40 @@ NAME=clamav TARBALL_CLEAN=${NAME}-${VERSION}-norar.tar.xz TARBALL=${NAME}-${VERSION}.tar.gz +echo "Usage: $0 stage" +echo "stage 0: prepare sources" +echo "stage 1: get cvd (not working at all) the donwload needs to be done manually" +echo "stage 2: upload sources and ask for scratch build" +echo "stage 3: push and build on rawhide" +echo "stage 4: build on others branches" +echo "" + if test $stage -le 0 then echo STAGE 0 +echo Press enter to prepare sources or n to skip ; read dummy; +if [[ "$dummy" != "n" ]]; then wget -c https://www.clamav.net/downloads/production/${TARBALL} wget -c https://www.clamav.net/downloads/production/${TARBALL}.sig gpg --verify ${TARBALL}.sig ${TARBALL} zcat ${TARBALL} | tar --delete -f - '*/libclamunrar/*' | xz -c > ${TARBALL_CLEAN} fi +fi -echo Press enter convert cvd into spec or n to skip ; read dummy; -if [[ "$dummy" != "n" ]]; then # WIP clouflare don't allow wget we need download with browser #wget https://database.clamav.net/main.cvd #wget https://database.clamav.net/daily.cvd #wget https://database.clamav.net/bytecode.cvd - main_ver=$(file main.cvd | sed -e 's/.*version /main-/;s/,.*/.cvd/') daily_ver=$(file daily.cvd | sed -e 's/.*version /daily-/;s/,.*/.cvd/') bytecode_ver=$(file bytecode.cvd | sed -e 's/.*version /bytecode-/;s/,.*/.cvd/') +if test $stage -le 1 +then +echo STAGE 1 +echo Press enter convert cvd into spec or n to skip ; read dummy; +if [[ "$dummy" != "n" ]]; then + cp -f main.cvd $main_ver cp -f daily.cvd $daily_ver cp -f bytecode.cvd $bytecode_ver @@ -39,7 +54,11 @@ sed -i "s|^Source10: .*|Source10: $main_ver|" clamav.spec sed -i "s|^Source11: .*|Source11: $daily_ver|" clamav.spec sed -i "s|^Source12: .*|Source12: $bytecode_ver|" clamav.spec fi +fi +if test $stage -le 2 +then +echo STAGE 2 rpmdev-bumpspec -n $VERSION -c "Update to $VERSION" clamav.spec echo fedpkg new-sources ${TARBALL_CLEAN} $main_ver $daily_ver $bytecode_ver echo Press enter scratch-build or n to skip ; read dummy; @@ -47,16 +66,28 @@ if [[ "$dummy" != "n" ]]; then #fkinit -u sergiomb fedpkg scratch-build --srpm fi -echo Press enter to upload sources and commit ; read dummy; +echo Press enter to upload sources and commit or n to skip; read dummy; +if [[ "$dummy" != "n" ]]; then fedpkg new-sources ${TARBALL_CLEAN} $(spectool -l clamav.spec | grep -P "Source10|Source11|Source12" | sed 's/.* //') fedpkg ci -c && git show +fi +fi -echo Press enter to build rawhide; read dummy; +if test $stage -le 3 +then +echo STAGE 3 +echo Press enter to build rawhide or n to skip; read dummy; +if [[ "$dummy" != "n" ]]; then git push && fedpkg build --nowait +fi +fi -for repo in "f35 f34 epel8 epel7" ; do -echo Press enter to build on branch $repo; read dummy; +echo STAGE 4 +for repo in $REPOS ; do +echo Press enter to build on branch $repo or n to skip; read dummy; +if [[ "$dummy" != "n" ]]; then git checkout $repo && git merge rawhide && fedpkg push && fedpkg build --nowait; git checkout rawhide +fi done exit From e13a1a4904cd5b4511c03133a1997b927662d6ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Sat, 16 Jul 2022 04:36:05 +0100 Subject: [PATCH 07/72] Make ghost database files as mode 0644 (#2048324) --- clamav.spec | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/clamav.spec b/clamav.spec index 8c05fe0..c01ba89 100644 --- a/clamav.spec +++ b/clamav.spec @@ -550,10 +550,10 @@ test -e %{freshclamlog} || { # freshclamlog file is created in post %ghost %attr(0664,root,%{updateuser}) %verify(not size md5 mtime) %{freshclamlog} %endif -%ghost %attr(0664,%{updateuser},%{updateuser}) %{homedir}/main.cvd -%ghost %attr(0664,%{updateuser},%{updateuser}) %{homedir}/freshclam.dat -%ghost %attr(0664,%{updateuser},%{updateuser}) %{homedir}/daily.cld -%ghost %attr(0664,%{updateuser},%{updateuser}) %{homedir}/bytecode.cld +%ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/main.cvd +%ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/freshclam.dat +%ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/daily.cld +%ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/bytecode.cld %files -n clamd From 578aa780e174404bfbd5cbfcbeb1bf422591173c Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 20 Jul 2022 22:59:53 +0000 Subject: [PATCH 08/72] Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- clamav.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index c01ba89..8014f42 100644 --- a/clamav.spec +++ b/clamav.spec @@ -34,7 +34,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.103.6 -Release: 1%{?dist} +Release: 2%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -576,6 +576,9 @@ test -e %{freshclamlog} || { %changelog +* Wed Jul 20 2022 Fedora Release Engineering - 0.103.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + * Thu May 05 2022 Sérgio Basto - 0.103.6-1 - Update to 0.103.6 From a5a2aef2555ecc0ed661b9153e43850ffb103ecf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Thu, 28 Jul 2022 04:00:46 +0100 Subject: [PATCH 09/72] Update to 0.103.7 --- clamav.spec | 9 ++++++--- sources | 4 ++-- update_clamav.sh | 4 ++-- 3 files changed, 10 insertions(+), 7 deletions(-) diff --git a/clamav.spec b/clamav.spec index 8014f42..e16d06c 100644 --- a/clamav.spec +++ b/clamav.spec @@ -33,8 +33,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 0.103.6 -Release: 2%{?dist} +Version: 0.103.7 +Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -56,7 +56,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26532.cvd +Source11: daily-26614.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-333.cvd #for update @@ -576,6 +576,9 @@ test -e %{freshclamlog} || { %changelog +* Thu Jul 28 2022 Sérgio Basto - 0.103.7-1 +- Update to 0.103.7 + * Wed Jul 20 2022 Fedora Release Engineering - 0.103.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild diff --git a/sources b/sources index 97be8dd..e3f709f 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-0.103.6-norar.tar.xz) = 2d89b5269e497a8607c0a0a84b6119df006ca77b333608887feae5d93e9a9fc34952490a96d9fd19f8e18eeb9e45f1597daeeb18021cd6009b1218d1d6ea91eb +SHA512 (clamav-0.103.7-norar.tar.xz) = 496ba3b2a72ecb534c55bc11a9f050b201da8475b54cfdfb67e559f8e075b8f3d03c58f9bd3a27909985cc563b69f37ca879d9fe596d87ce35a704d48623c5db SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-26532.cvd) = 548b0c524a8406aaa7bd77fcd7ee7136190c690aa4b80e3c067a9779ec448b888014428a42bbd0bf67c090543f83266a25cd7a5164f26aced009b35ab6698db7 +SHA512 (daily-26614.cvd) = 918b4601bf62c9c4ac13e96f39b25121e3b3ade79482081dbf13f6e6d9f9f3ad38a22acdec7e9c44062ed84ef9bb5b40e4c8dc0af766afd0632bb0ba934a1dec SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07 diff --git a/update_clamav.sh b/update_clamav.sh index 89eeb15..b3e5b31 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,5 +1,5 @@ -VERSION=0.103.6 -REPOS="f36 f35 f34 epel9 epel8 epel7" +VERSION=0.103.7 +REPOS="f36 f35 epel9 epel8 epel7" if [ -z "$1" ] then From 2696e558f1a6305805e2fc7e3d4069b252f5ddd8 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Wed, 25 May 2022 20:39:15 -0600 Subject: [PATCH 10/72] Split out documentation into separate -doc sub-package --- clamav.spec | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/clamav.spec b/clamav.spec index e16d06c..38e72ff 100644 --- a/clamav.spec +++ b/clamav.spec @@ -34,7 +34,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.103.7 -Release: 1%{?dist} +Release: 2%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -183,6 +183,15 @@ working (but perhaps outdated) virus scanner immediately after package installation. +%package doc +Summary: Documentation for the Clam Antivirus scanner +Requires: clamav-filesystem = %{version}-%{release} +BuildArch: noarch + +%description doc +This package contains the documentation for clamav. + + %package update Summary: Auto-updater for the Clam Antivirus scanner data-files Requires: clamav-filesystem = %{version}-%{release} @@ -486,7 +495,7 @@ test -e %{freshclamlog} || { %files %license COPYING -%doc NEWS.md README.md docs/html +%doc NEWS.md README.md %{_bindir}/clambc %{_bindir}/clamconf %{_bindir}/clamdscan @@ -536,6 +545,11 @@ test -e %{freshclamlog} || { %config %verify(not size md5 mtime) %{homedir}/*.cvd +%files doc +%license COPYING +%doc docs/html + + %files update %{_bindir}/freshclam %{_libdir}/libfreshclam.so.2* @@ -576,6 +590,9 @@ test -e %{freshclamlog} || { %changelog +* Mon Aug 01 2022 Orion Poplawski - 0.103.7-2 +- Split out documentation into separate -doc sub-package + * Thu Jul 28 2022 Sérgio Basto - 0.103.7-1 - Update to 0.103.7 From 4e9468391035201c07da363cf2b07f48f1b79727 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Tue, 23 Aug 2022 22:11:06 -0600 Subject: [PATCH 11/72] Add BR for systemd-rpm-macros --- clamav.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/clamav.spec b/clamav.spec index 38e72ff..b84d2b7 100644 --- a/clamav.spec +++ b/clamav.spec @@ -115,6 +115,7 @@ BuildRequires: graphviz BuildRequires: nc %{?systemd_requires} BuildRequires: systemd-devel +BuildRequires: systemd-rpm-macros #for milter BuildRequires: sendmail-devel From 35d73944ae2fa9cee3df4729c53a66ba03595d7f Mon Sep 17 00:00:00 2001 From: Kalev Lember Date: Sun, 25 Sep 2022 20:30:38 +0200 Subject: [PATCH 12/72] Fix the build Add missing dependency on systemd as it's the systemd package itself that ships systemd.pc, not systemd-devel. --- clamav.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/clamav.spec b/clamav.spec index b84d2b7..c35375b 100644 --- a/clamav.spec +++ b/clamav.spec @@ -114,6 +114,7 @@ BuildRequires: graphviz # nc required for tests BuildRequires: nc %{?systemd_requires} +BuildRequires: systemd BuildRequires: systemd-devel BuildRequires: systemd-rpm-macros #for milter From de0dea6dd9612dd4586c2501dba4a591b262203a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Wed, 28 Sep 2022 23:59:06 +0100 Subject: [PATCH 13/72] (#2128276) Please port your pcre dependency to pcre2 Explicit dependency on systemd since systemd-devel no longer has this dependency on F37+ --- clamav.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/clamav.spec b/clamav.spec index c35375b..85a1c7f 100644 --- a/clamav.spec +++ b/clamav.spec @@ -34,7 +34,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.103.7 -Release: 2%{?dist} +Release: 3%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -99,7 +99,7 @@ BuildRequires: libprelude-devel # libprelude-config --libs brings in gnutls, pcre # https://bugzilla.redhat.com/show_bug.cgi?id=1830473 BuildRequires: gnutls-devel -BuildRequires: pcre-devel +BuildRequires: pcre2-devel BuildRequires: libxml2-devel BuildRequires: ncurses-devel BuildRequires: openssl-devel @@ -592,6 +592,10 @@ test -e %{freshclamlog} || { %changelog +* Thu Sep 22 2022 Sérgio Basto - 0.103.7-3 +- (#2128276) Please port your pcre dependency to pcre2 +- Explicit dependency on systemd since systemd-devel no longer has this dependency on F37+ + * Mon Aug 01 2022 Orion Poplawski - 0.103.7-2 - Split out documentation into separate -doc sub-package From f438d7e75e5cd3059830d00f1242f0b4f1cf83a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Sun, 6 Nov 2022 23:25:22 +0000 Subject: [PATCH 14/72] Remove a superfluous rm --- clamav.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 85a1c7f..bdb88ba 100644 --- a/clamav.spec +++ b/clamav.spec @@ -301,7 +301,6 @@ autoreconf -i %install -rm -rf _doc* %make_install install -d -m 0755 \ From 7422ed4c2164b5a26e14048de390ab6b7a796b97 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Sun, 6 Nov 2022 23:26:57 +0000 Subject: [PATCH 15/72] (#2136977) not requires data(clamav) on clamav-libs data(clamav) is already required by clamav and by clamd which seems to be enhough --- clamav.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index bdb88ba..4d29f22 100644 --- a/clamav.spec +++ b/clamav.spec @@ -150,7 +150,6 @@ user-creation scripts required by clamav. %package lib Summary: Dynamic libraries for the Clam Antivirus scanner -Requires: data(clamav) Provides: bundled(libmspack) = 0.5-0.1.alpha.modified_by_clamav %description lib From a4863d741de28b8036ea135f2a25cadba3b3483b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Mon, 7 Nov 2022 01:02:52 +0000 Subject: [PATCH 16/72] (#2023371) Add documentation to preserve user permissions of DatabaseOwner --- README.fedora | 23 ++++++++--------------- clamav.spec | 6 +++++- 2 files changed, 13 insertions(+), 16 deletions(-) diff --git a/README.fedora b/README.fedora index e512782..dd9cfe5 100644 --- a/README.fedora +++ b/README.fedora @@ -1,36 +1,21 @@ Please note for Fedora and EPEL 7+ we use only systemd. -upstart and sysvinit only apply to EPEL 6. A clamav-milter setup consists of the following three components: * the clamav-milter itself - --> this is provided by the 'clamav-milter' package plus (alternatively) - 'clamav-milter-upstart' or 'clamav-milter-sysvinit' - The main configuration is in /etc/mail/clamav-milter.conf and MUST be changed before first use. This can be enabled with: 'systemctl enable clamav-milter.service' - The -sysvinit package is managed by the traditional tools, but - -upstart requires modification of /etc/event.d/clamav-milter to - enable automatic startup. See comments there for more details. - * a clamav scanner daemon - --> this is in the clamd package (or on EL6: - 'clamav-scanner-upstart' or 'clamav-scanner-sysvinit') - The daemon is configured by /etc/clamd.d/scan.conf (which MUST be edited before first use). This can be enabled with: 'systemctl enable clamd@scan.service' - The -sysvinit package is managed by the traditional tools, but - -upstart requires modification of /etc/event.d/clamd.scan to enable - automatic startup. See comments there for more details. - * the MTA (sendmail/postfix) --> you should know how to install this... @@ -43,6 +28,14 @@ A clamav-milter setup consists of the following three components: to your sendmail.mc. +* Changing permissions of directory /var/lib/clamav + Whenever ClamAV is upgraded by dnf, the permissions for the /var/lib/clamav directory change to user clamupdate + If for some reason you need DatabaseOwner be another user, you may copy /usr/lib/systemd/system/clamav-freshclam.service to /etc/systemd/system/ + and add ExecStartPre=+/usr/bin/chown youruser:yourgroup /var/lib/clamav and updates won't break your configuration ... + Please add comments to https://bugzilla.redhat.com/show_bug.cgi?id=2023371 if not work for you or if you have any suggestion. + Note: =+ on systemd.service (man 5 systemd.service, Special executable prefixes) + If the executable path is prefixed with "+" then the process is executed with full privileges. + EXAMPLE ======= diff --git a/clamav.spec b/clamav.spec index 4d29f22..4458e10 100644 --- a/clamav.spec +++ b/clamav.spec @@ -34,7 +34,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.103.7 -Release: 3%{?dist} +Release: 4%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -590,6 +590,10 @@ test -e %{freshclamlog} || { %changelog +* Mon Nov 07 2022 Sérgio Basto - 0.103.7-4 +- (#2136977) not requires data(clamav) on clamav-libs +- (#2023371) Add documentation to preserve user permissions of DatabaseOwner + * Thu Sep 22 2022 Sérgio Basto - 0.103.7-3 - (#2128276) Please port your pcre dependency to pcre2 - Explicit dependency on systemd since systemd-devel no longer has this dependency on F37+ From 9c3c5e4c10c6f9ea05a3d0fee7be3f26a05e09f2 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 18 Jan 2023 23:55:04 +0000 Subject: [PATCH 17/72] Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- clamav.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 4458e10..835e625 100644 --- a/clamav.spec +++ b/clamav.spec @@ -34,7 +34,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.103.7 -Release: 4%{?dist} +Release: 5%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -590,6 +590,9 @@ test -e %{freshclamlog} || { %changelog +* Wed Jan 18 2023 Fedora Release Engineering - 0.103.7-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + * Mon Nov 07 2022 Sérgio Basto - 0.103.7-4 - (#2136977) not requires data(clamav) on clamav-libs - (#2023371) Add documentation to preserve user permissions of DatabaseOwner From 1f873aa7f52ef575e997052ff2ae0c107d5709e8 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 14 May 2022 08:04:43 -0600 Subject: [PATCH 18/72] Update to 1.0.0 --- clamav-default_confs.patch | 74 ++++---- clamav-freshclam.service.patch | 15 +- clamav-rpath.patch | 18 ++ clamav-stats-deprecation.patch | 17 -- clamav.spec | 158 ++++++------------ ...pe-Use-endian-wrapper-in-more-places.patch | 91 ++++++++++ sources | 4 +- update_clamav.sh | 4 +- 8 files changed, 209 insertions(+), 172 deletions(-) create mode 100644 clamav-rpath.patch delete mode 100644 clamav-stats-deprecation.patch create mode 100644 libclamav-pe-Use-endian-wrapper-in-more-places.patch diff --git a/clamav-default_confs.patch b/clamav-default_confs.patch index 97bbc10..5b06f9e 100644 --- a/clamav-default_confs.patch +++ b/clamav-default_confs.patch @@ -1,6 +1,6 @@ -diff -up clamav-0.103.0/clamconf/clamconf.c.default_confs clamav-0.103.0/clamconf/clamconf.c ---- clamav-0.103.0/clamconf/clamconf.c.default_confs 2020-09-12 18:27:09.000000000 -0600 -+++ clamav-0.103.0/clamconf/clamconf.c 2020-09-17 22:00:20.792879792 -0600 +diff -up clamav-0.104.3/clamconf/clamconf.c.default_confs clamav-0.104.3/clamconf/clamconf.c +--- clamav-0.104.3/clamconf/clamconf.c.default_confs 2022-05-02 00:24:50.000000000 -0600 ++++ clamav-0.104.3/clamconf/clamconf.c 2022-05-12 22:04:42.883348923 -0600 @@ -63,9 +63,9 @@ static struct _cfgfile { const char *name; int tool; @@ -13,66 +13,66 @@ diff -up clamav-0.103.0/clamconf/clamconf.c.default_confs clamav-0.103.0/clamcon {NULL, 0}}; static void printopts(struct optstruct *opts, int nondef) -diff -up clamav-0.103.0/docs/man/clamav-milter.8.in.default_confs clamav-0.103.0/docs/man/clamav-milter.8.in ---- clamav-0.103.0/docs/man/clamav-milter.8.in.default_confs 2020-09-12 18:27:09.000000000 -0600 -+++ clamav-0.103.0/docs/man/clamav-milter.8.in 2020-09-17 22:00:20.793879800 -0600 +diff -up clamav-0.104.3/docs/man/clamav-milter.8.in.default_confs clamav-0.104.3/docs/man/clamav-milter.8.in +--- clamav-0.104.3/docs/man/clamav-milter.8.in.default_confs 2022-05-12 22:04:42.885348940 -0600 ++++ clamav-0.104.3/docs/man/clamav-milter.8.in 2022-05-12 22:05:25.031719791 -0600 @@ -27,7 +27,7 @@ Print the version number and exit. Read configuration from FILE. .SH "FILES" - .LP --@CFGDIR@/clamav-milter.conf -+@CFGDIR@/mail/clamav-milter.conf + .LP +-@CONFDIR@/clamav-milter.conf ++@CONFDIR@/mail/clamav-milter.conf .SH "AUTHOR" - .LP + .LP aCaB -diff -up clamav-0.103.0/docs/man/clamav-milter.conf.5.in.default_confs clamav-0.103.0/docs/man/clamav-milter.conf.5.in ---- clamav-0.103.0/docs/man/clamav-milter.conf.5.in.default_confs 2020-09-12 18:27:09.000000000 -0600 -+++ clamav-0.103.0/docs/man/clamav-milter.conf.5.in 2020-09-17 22:00:20.794879808 -0600 +diff -up clamav-0.104.3/docs/man/clamav-milter.conf.5.in.default_confs clamav-0.104.3/docs/man/clamav-milter.conf.5.in +--- clamav-0.104.3/docs/man/clamav-milter.conf.5.in.default_confs 2022-05-12 22:04:42.887348958 -0600 ++++ clamav-0.104.3/docs/man/clamav-milter.conf.5.in 2022-05-12 22:05:48.834929418 -0600 @@ -239,7 +239,7 @@ Default: no All options expressing a size are limited to max 4GB. Values in excess will be reset to the maximum. .SH "FILES" - .LP --@CFGDIR@/clamav-milter.conf -+@CFGDIR@/mail/clamav-milter.conf + .LP +-@CONFDIR@/clamav-milter.conf ++@CONFDIR@/mail/clamav-milter.conf .SH "AUTHOR" - .LP + .LP aCaB -diff -up clamav-0.103.0/docs/man/clamd.8.in.default_confs clamav-0.103.0/docs/man/clamd.8.in ---- clamav-0.103.0/docs/man/clamd.8.in.default_confs 2020-09-12 18:27:09.000000000 -0600 -+++ clamav-0.103.0/docs/man/clamd.8.in 2020-09-17 22:00:20.794879808 -0600 +diff -up clamav-0.104.3/docs/man/clamd.8.in.default_confs clamav-0.104.3/docs/man/clamd.8.in +--- clamav-0.104.3/docs/man/clamd.8.in.default_confs 2022-05-12 22:04:42.888348967 -0600 ++++ clamav-0.104.3/docs/man/clamd.8.in 2022-05-12 22:07:01.657570942 -0600 @@ -7,7 +7,7 @@ clamd \- an anti\-virus daemon clamd [options] .SH "DESCRIPTION" - .LP --The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CFGDIR@/clamd.conf -+The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CFGDIR@/clamd.d/scan.conf + .LP +-The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CONFDIR@/clamd.conf ++The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CONFDIR@/clamd.d/scan.conf .SH "COMMANDS" - .LP + .LP It's recommended to prefix clamd commands with the letter \fBz\fR (eg. zSCAN) to indicate that the command will be delimited by a NULL character and that clamd should continue reading command data until a NULL character is read. The null delimiter assures that the complete command and its entire argument will be processed as a single command. Alternatively commands may be prefixed with the letter \fBn\fR (e.g. nSCAN) to use a newline character as the delimiter. Clamd replies will honour the requested terminator in turn. -@@ -125,7 +125,7 @@ Reload the signature databases. +@@ -133,7 +133,7 @@ Reload the signature databases. Perform a clean exit. .SH "FILES" - .LP --@CFGDIR@/clamd.conf -+@CFGDIR@/clamd.d/scan.conf + .LP +-@CONFDIR@/clamd.conf ++@CONFDIR@/clamd.d/scan.conf .SH "CREDITS" Please check the full documentation for credits. .SH "AUTHOR" -diff -up clamav-0.103.0/docs/man/clamd.conf.5.in.default_confs clamav-0.103.0/docs/man/clamd.conf.5.in ---- clamav-0.103.0/docs/man/clamd.conf.5.in.default_confs 2020-09-17 22:00:20.795879816 -0600 -+++ clamav-0.103.0/docs/man/clamd.conf.5.in 2020-09-17 22:01:21.414353121 -0600 -@@ -759,7 +759,7 @@ Default: no +diff -up clamav-0.104.3/docs/man/clamd.conf.5.in.default_confs clamav-0.104.3/docs/man/clamd.conf.5.in +--- clamav-0.104.3/docs/man/clamd.conf.5.in.default_confs 2022-05-12 22:04:42.889348976 -0600 ++++ clamav-0.104.3/docs/man/clamd.conf.5.in 2022-05-12 22:06:21.800219822 -0600 +@@ -765,7 +765,7 @@ Default: no All options expressing a size are limited to max 4GB. Values in excess will be reset to the maximum. .SH "FILES" .LP --@CFGDIR@/clamd.conf -+@CFGDIR@/clamd.d/scan.conf +-@CONFDIR@/clamd.conf ++@CONFDIR@/clamd.d/scan.conf .SH "AUTHORS" .LP Tomasz Kojm , Kevin Lin -diff -up clamav-0.103.0/platform.h.in.default_confs clamav-0.103.0/platform.h.in ---- clamav-0.103.0/platform.h.in.default_confs 2020-09-17 22:00:20.796879824 -0600 -+++ clamav-0.103.0/platform.h.in 2020-09-17 22:01:56.842629739 -0600 +diff -up clamav-0.104.3/platform.h.in.default_confs clamav-0.104.3/platform.h.in +--- clamav-0.104.3/platform.h.in.default_confs 2022-05-02 00:24:50.000000000 -0600 ++++ clamav-0.104.3/platform.h.in 2022-05-12 22:04:42.891348993 -0600 @@ -112,9 +112,9 @@ typedef unsigned int in_addr_t; #endif diff --git a/clamav-freshclam.service.patch b/clamav-freshclam.service.patch index 2c29f03..24295ce 100644 --- a/clamav-freshclam.service.patch +++ b/clamav-freshclam.service.patch @@ -1,17 +1,12 @@ ---- ./freshclam/clamav-freshclam.service.in.orig 2021-06-14 10:36:39.029730737 +0100 -+++ ./freshclam/clamav-freshclam.service.in 2021-06-14 10:37:53.621423748 +0100 -@@ -2,13 +2,12 @@ +diff -up clamav-0.104.3/freshclam/clamav-freshclam.service.in.freshclam-service clamav-0.104.3/freshclam/clamav-freshclam.service.in +--- clamav-0.104.3/freshclam/clamav-freshclam.service.in.freshclam-service 2022-05-12 22:07:25.472780737 -0600 ++++ clamav-0.104.3/freshclam/clamav-freshclam.service.in 2022-05-12 22:08:06.280140224 -0600 +@@ -2,7 +2,7 @@ Description=ClamAV virus database updater Documentation=man:freshclam(1) man:freshclam.conf(5) https://docs.clamav.net/ # If user wants it run from cron, don't start the daemon. -ConditionPathExists=!/etc/cron.d/clamav-freshclam -+# ConditionPathExists=!/etc/cron.d/clamav-update ++# ConditionPathExists=!/etc/cron.d/clamav-freshclam Wants=network-online.target After=network-online.target - [Service] - ExecStart=@prefix@/bin/freshclam -d --foreground=true --StandardOutput=syslog - - [Install] - WantedBy=multi-user.target diff --git a/clamav-rpath.patch b/clamav-rpath.patch new file mode 100644 index 0000000..b55cab9 --- /dev/null +++ b/clamav-rpath.patch @@ -0,0 +1,18 @@ +diff -up clamav-1.0.0/CMakeLists.txt.rpath clamav-1.0.0/CMakeLists.txt +--- clamav-1.0.0/CMakeLists.txt.rpath 2023-01-15 22:04:58.217120124 -0700 ++++ clamav-1.0.0/CMakeLists.txt 2023-01-15 22:05:57.121818812 -0700 +@@ -180,14 +180,6 @@ endif() + + include(GNUInstallDirs) + +-if (NOT DEFINED CMAKE_INSTALL_RPATH) +- if(CMAKE_INSTALL_FULL_LIBDIR) +- set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_FULL_LIBDIR}") +- else() +- set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/lib") +- endif() +-endif() +- + if("${CMAKE_CXX_COMPILER_ID}" MATCHES "Clang") + set(USING_CLANG ON) + else() diff --git a/clamav-stats-deprecation.patch b/clamav-stats-deprecation.patch deleted file mode 100644 index a12f138..0000000 --- a/clamav-stats-deprecation.patch +++ /dev/null @@ -1,17 +0,0 @@ -diff -up clamav-0.102.0/shared/optparser.c.stats-deprecation clamav-0.102.0/shared/optparser.c ---- clamav-0.102.0/shared/optparser.c.stats-deprecation 2019-10-10 21:55:31.245995091 -0600 -+++ clamav-0.102.0/shared/optparser.c 2019-10-11 20:40:04.580067432 -0600 -@@ -524,6 +524,13 @@ const struct clam_option __clam_options[ - {"ArchiveLimitMemoryUsage", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD | OPT_DEPRECATED, "", ""}, - {"MailFollowURLs", "mail-follow-urls", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", ""}, - {"AllowSupplementaryGroups", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_MILTER | OPT_DEPRECATED, "Initialize a supplementary group access (the process must be started by root).", "no"}, -+ {"StatsHostID", "stats-host-id", 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", "" }, -+ {"StatsEnabled", "enable-stats", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_CLAMSCAN | OPT_DEPRECATED, "", ""}, -+ {"StatsPEDisabled", "disable-pe-stats", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", ""}, -+ {"StatsTimeout", "stats-timeout", 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, -1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_FRESHCLAM | OPT_DEPRECATED, "", ""}, -+ {"SubmitDetectionStats", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", ""}, -+ {"DetectionStatsCountry", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", ""}, -+ {"DetectionStatsHostID", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", ""}, - {"ScanOnAccess", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD | OPT_DEPRECATED, "", ""}, - - /* Milter specific options */ diff --git a/clamav.spec b/clamav.spec index 835e625..7b9f6b9 100644 --- a/clamav.spec +++ b/clamav.spec @@ -1,21 +1,12 @@ -#global prerelease rc1 +#global prerelease -rc2 %global _hardened_build 1 ## Fedora specific customization below... %bcond_without clamonacc %bcond_with unrar -%ifnarch ppc64 -%bcond_without llvm -%else -%bcond_with llvm -%endif - -%if 0%{?fedora} || 0%{?rhel} >= 8 -%bcond_with old_freshclam -%else -%bcond_without old_freshclam -%endif +# Failing with llvm 14 https://github.com/Cisco-Talos/clamav/issues/581 +%bcond_with llvm %ifnarch s390 s390x %global have_ocaml 1 @@ -33,8 +24,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 0.103.7 -Release: 5%{?dist} +Version: 1.0.0 +Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -56,7 +47,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26614.cvd +Source11: daily-26722.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-333.cvd #for update @@ -71,39 +62,43 @@ Source330: clamav-milter.systemd #for scanner-systemd/server-systemd Source530: clamd@.service -# Restore some options removed in 0.100 as deprecated -# Could be dropped in F32 with a note -# https://bugzilla.redhat.com/show_bug.cgi?id=1565381#c1 -Patch0: clamav-stats-deprecation.patch # Change default config locations for Fedora Patch1: clamav-default_confs.patch # Fix pkg-config flags for static linking, multilib Patch2: clamav-0.99-private.patch +# Remove rpath +Patch3: clamav-rpath.patch # Modify clamav-clamonacc.service for Fedora compatibility Patch5: clamav-clamonacc-service.patch - +# Allow freshclam service to run if cron.d file is present Patch6: clamav-freshclam.service.patch +# Debian patch to fix big-endian +Patch7: https://salsa.debian.org/clamav-team/clamav/-/raw/unstable/debian/patches/libclamav-pe-Use-endian-wrapper-in-more-places.patch -BuildRequires: autoconf -BuildRequires: automake +BuildRequires: cmake BuildRequires: gettext-devel -BuildRequires: libtool -BuildRequires: libtool-ltdl-devel BuildRequires: make BuildRequires: gcc-c++ +BuildRequires: rust +BuildRequires: rust-packaging +BuildRequires: cargo BuildRequires: bzip2-devel +BuildRequires: check-devel BuildRequires: curl-devel +BuildRequires: git-core BuildRequires: gmp-devel BuildRequires: json-c-devel BuildRequires: libprelude-devel # libprelude-config --libs brings in gnutls, pcre # https://bugzilla.redhat.com/show_bug.cgi?id=1830473 BuildRequires: gnutls-devel -BuildRequires: pcre2-devel BuildRequires: libxml2-devel BuildRequires: ncurses-devel BuildRequires: openssl-devel BuildRequires: pcre2-devel +# Explicitly needed on EL8 +BuildRequires: python3 +BuildRequires: python3-pytest BuildRequires: zlib-devel #BuildRequires: %%{_includedir}/tcpd.h BuildRequires: bc @@ -119,6 +114,7 @@ BuildRequires: systemd-devel BuildRequires: systemd-rpm-macros #for milter BuildRequires: sendmail-devel +BuildRequires: valgrind Requires: clamav-filesystem = %{version}-%{release} Requires: clamav-lib = %{version}-%{release} @@ -197,11 +193,6 @@ This package contains the documentation for clamav. Summary: Auto-updater for the Clam Antivirus scanner data-files Requires: clamav-filesystem = %{version}-%{release} Requires: clamav-lib = %{version}-%{release} -%if %{with old_freshclam} -Requires: crontabs -Requires: /etc/cron.d -Requires(post): %{__chown} %{__chmod} -%endif Provides: data(clamav) = empty Provides: clamav-data-empty = %{version}-%{release} Obsoletes: clamav-data-empty < %{version}-%{release} @@ -252,15 +243,19 @@ This package contains files which are needed to run the clamav-milter. %prep %setup -q -n %{name}-%{version}%{?prerelease} +sed -i -e 's/cbindgen = "0.20"/cbindgen = "0.24"/' libclamav_rust/Cargo.toml +%cargo_prep +cd libclamav_rust +rm -r .cargo +%cargo_prep +cd .. -# No longer support deprecated options in F32+ and EL8+ -%if (0%{?fedora} && 0%{?fedora} < 32) || (0%{?rhel} && 0%{?rhel} < 8) -%patch0 -p1 -b .stats-deprecation -%endif %patch1 -p1 -b .default_confs %patch2 -p1 -b .private +%patch3 -p1 -b .rpath %patch5 -p1 -b .clamonacc-service %patch6 -p1 -b .freshclam-service +%patch7 -p1 -b .big-endian install -p -m0644 %{SOURCE300} clamav-milter/ @@ -268,47 +263,40 @@ mkdir -p libclamunrar{,_iface} %{!?with_unrar:touch libclamunrar/{Makefile.in,all,install}} +%generate_buildrequires +cd libclamav_rust +%cargo_generate_buildrequires + + %build # add -Wl,--as-needed if not exist export LDFLAGS=$(echo %{?__global_ldflags} | sed '/-Wl,--as-needed/!s/$/ -Wl,--as-needed/') # IPv6 check is buggy and does not work when there are no IPv6 interface on build machine export have_cv_ipv6=yes -rm -rf libltdl autom4te.cache Makefile.in -autoreconf -i -%configure \ - --enable-milter \ - --disable-clamav \ - --disable-static \ - --disable-zlib-vcheck \ - %{!?with_unrar:--disable-unrar} \ - --enable-id-check \ - --enable-dns \ - --with-dbdir=%{homedir} \ - --with-group=%{updateuser} \ - --with-user=%{updateuser} \ - --disable-rpath \ - --disable-silent-rules \ - --enable-clamdtop \ - --enable-prelude \ - %{!?with_clamonacc:--disable-clamonacc} \ - %{!?with_llvm:--disable-llvm} +%cmake \ + -DAPP_CONFIG_DIRECTORY=%{_sysconfdir} \ + -DCMAKE_INSTALL_DOCDIR=%{_pkgdocdir} \ + -DCLAMAV_USER=%{updateuser} -DCLAMAV_GROUP=%{updateuser} \ + -DDATABASE_DIRECTORY=%{homedir} \ + %{!?with_clamonacc:-DENABLE_CLAMONACC=OFF} \ + %{?with_llvm:-DBYTECODE_RUNTIME=llvm -D LLVM_FIND_VERSION="3.6.0"} \ + %{!?with_unrar:-DENABLE_UNRAR=OFF} # TODO: check periodically that CLAMAVUSER is used for freshclam only -%make_build +%cmake_build %install -%make_install +rm -rf _doc* +%cmake_install install -d -m 0755 \ %{buildroot}%{_tmpfilesdir} \ %{buildroot}%{homedir} \ %{buildroot}%{quarantinedir} -rm -f %{buildroot}%{_libdir}/*.la - ### data install -D -m 0644 -p %{SOURCE10} %{buildroot}%{homedir}/main.cvd install -D -m 0644 -p %{SOURCE11} %{buildroot}%{homedir}/daily.cvd @@ -324,15 +312,6 @@ mv %{buildroot}%{_sysconfdir}/freshclam.conf{.sample,} # Can contain HTTPProxyPassword (bugz#1733112) chmod 600 %{buildroot}%{_sysconfdir}/freshclam.conf -%if %{with old_freshclam} -install -d -m 0755 %{buildroot}%{_var}/log -install -d -m 0755 %{buildroot}%{_sysconfdir}/logrotate.d -install -D -p -m 0755 %{SOURCE200} %{buildroot}%{_datadir}/%{name}/freshclam-sleep -install -D -p -m 0644 %{SOURCE201} %{buildroot}%{_sysconfdir}/sysconfig/freshclam -install -D -p -m 0600 %{SOURCE202} %{buildroot}%{_sysconfdir}/cron.d/clamav-update -install -D -m 0644 -p %{SOURCE203} %{buildroot}%{_sysconfdir}/logrotate.d/clamav-update -%endif - ### The scanner stuff install -D -m 0644 -p %{SOURCE3} _doc_server/clamd.logrotate install -D -m 0644 -p %{SOURCE5} _doc_server/README @@ -388,7 +367,9 @@ rm %{buildroot}%{_unitdir}/clamav-daemon.* %check -make check +%ctest3 -- -E valgrind +# valgrind tests fail https://github.com/Cisco-Talos/clamav/issues/584 +%ctest3 -- -R valgrind || : %post @@ -424,12 +405,6 @@ exit 0 [ -L /etc/systemd/system/multi-user.target.wants/clamd@scan.service ] && ln -sf /usr/lib/systemd/system/clamd@.service /etc/systemd/system/multi-user.target.wants/clamd@scan.service || : %systemd_post clamd@scan.service -%if 0%{?rhel} -if [ $1 -eq 1 ] && [ -x /usr/bin/systemctl ]; then -# Initial installation -/bin/systemd-tmpfiles --create %{_tmpfilesdir}/clamd.scan.conf -fi -%endif %preun -n clamd %systemd_preun clamd@scan.service @@ -453,12 +428,6 @@ exit 0 %post milter %systemd_post clamav-milter.service -%if 0%{?rhel} -if [ $1 -eq 1 ] && [ -x /usr/bin/systemctl ]; then -# Initial installation -/bin/systemd-tmpfiles --create %{_tmpfilesdir}/clamav-milter.conf || : -fi -%endif %preun milter %systemd_preun clamav-milter.service @@ -467,21 +436,6 @@ fi %systemd_postun_with_restart clamav-milter.service %post update -%if %{with old_freshclam} -test -e %{freshclamlog} || { - touch %{freshclamlog} - %{__chmod} 0664 %{freshclamlog} - %{__chown} root:%{updateuser} %{freshclamlog} - ! test -x /sbin/restorecon || /sbin/restorecon %{freshclamlog} -} -#%%else -#if [ $1 -eq 2 ] ; then -# echo "Warning: clamav-update package changed" -# echo "Now we provide clamav-freshclam.service systemd unit instead old scripts and the cron.d entry." -# echo "Unfortunately this may break existing unattended installations." -# echo "Please run 'systemctl enable clamav-freshclam --now' to enable freshclam updates again." -#fi -%endif %systemd_post clamav-freshclam.service %preun update @@ -513,13 +467,14 @@ test -e %{freshclamlog} || { %{_unitdir}/clamonacc.service %{_unitdir}/clamav-clamonacc.service %attr(0750,root,root) %dir %{quarantinedir} +%{_pkgdocdir}/html/ %files lib -%{_libdir}/libclamav.so.9* +%{_libdir}/libclamav.so.11* %{_libdir}/libclammspack.so.0* %if %{with unrar} -%{_libdir}/libclamunrar*.so.9* +%{_libdir}/libclamunrar*.so.11* %endif @@ -556,14 +511,6 @@ test -e %{freshclamlog} || { %{_mandir}/*/freshclam* %{_unitdir}/clamav-freshclam.service %config(noreplace) %verify(not mtime) %{_sysconfdir}/freshclam.conf -%if %{with old_freshclam} -%{_datadir}/%{name}/freshclam-sleep -%config(noreplace) %{_sysconfdir}/cron.d/clamav-update -%config(noreplace) %{_sysconfdir}/sysconfig/freshclam -%config(noreplace) %verify(not mtime) %{_sysconfdir}/logrotate.d/* -# freshclamlog file is created in post -%ghost %attr(0664,root,%{updateuser}) %verify(not size md5 mtime) %{freshclamlog} -%endif %ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/main.cvd %ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/freshclam.dat %ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/daily.cld @@ -590,6 +537,9 @@ test -e %{freshclamlog} || { %changelog +* Sun Jan 22 2023 Orion Poplawski - 1.0.0-1 +- Update to 1.0.0 + * Wed Jan 18 2023 Fedora Release Engineering - 0.103.7-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild diff --git a/libclamav-pe-Use-endian-wrapper-in-more-places.patch b/libclamav-pe-Use-endian-wrapper-in-more-places.patch new file mode 100644 index 0000000..3053713 --- /dev/null +++ b/libclamav-pe-Use-endian-wrapper-in-more-places.patch @@ -0,0 +1,91 @@ +From 5a7b1cdfadc980fb1c4fa32e6275e7c96a963110 Mon Sep 17 00:00:00 2001 +From: Sebastian Andrzej Siewior +Date: Fri, 6 Jan 2023 21:42:30 +0100 +Subject: libclamav/pe: Use endian wrapper in more places. + +A few user of VirtualAddress and Size in cli_exe_info::pe_image_data_dir +don't use the endian wrapper while other places do. This leads to +testsuite failures on big endian machines. + +Use the endian wrapper in all places across pe.c for the two members. + +Patch-Name: libclamav-pe-Use-endian-wrapper-in-more-places.patch +Signed-off-by: Sebastian Andrzej Siewior +--- + libclamav/pe.c | 18 +++++++++--------- + 1 file changed, 9 insertions(+), 9 deletions(-) + +diff --git a/libclamav/pe.c b/libclamav/pe.c +index f5dcea9..19cd2d4 100644 +--- a/libclamav/pe.c ++++ b/libclamav/pe.c +@@ -2422,22 +2422,22 @@ static cl_error_t hash_imptbl(cli_ctx *ctx, unsigned char **digest, uint32_t *im + + /* If the PE doesn't have an import table then skip it. This is an + * uncommon case but can happen. */ +- if (peinfo->dirs[1].VirtualAddress == 0 || peinfo->dirs[1].Size == 0) { ++ if (EC32(peinfo->dirs[1].VirtualAddress) == 0 || EC32(peinfo->dirs[1].Size) == 0) { + cli_dbgmsg("scan_pe: import table data dir does not exist (skipping .imp scanning)\n"); + status = CL_BREAK; + goto done; + } + + // TODO Add EC32 wrappers +- impoff = cli_rawaddr(peinfo->dirs[1].VirtualAddress, peinfo->sections, peinfo->nsections, &err, fsize, peinfo->hdr_size); +- if (err || impoff + peinfo->dirs[1].Size > fsize) { ++ impoff = cli_rawaddr(EC32(peinfo->dirs[1].VirtualAddress), peinfo->sections, peinfo->nsections, &err, fsize, peinfo->hdr_size); ++ if (err || impoff + EC32(peinfo->dirs[1].Size) > fsize) { + cli_dbgmsg("scan_pe: invalid rva for import table data\n"); + status = CL_BREAK; + goto done; + } + + // TODO Add EC32 wrapper +- impdes = (const struct pe_image_import_descriptor *)fmap_need_off(map, impoff, peinfo->dirs[1].Size); ++ impdes = (const struct pe_image_import_descriptor *)fmap_need_off(map, impoff, EC32(peinfo->dirs[1].Size)); + if (impdes == NULL) { + cli_dbgmsg("scan_pe: failed to acquire fmap buffer\n"); + status = CL_EREAD; +@@ -2447,7 +2447,7 @@ static cl_error_t hash_imptbl(cli_ctx *ctx, unsigned char **digest, uint32_t *im + + /* Safety: We can trust peinfo->dirs[1].Size only because `fmap_need_off()` (above) + * would have failed if the size exceeds the end of the fmap. */ +- left = peinfo->dirs[1].Size; ++ left = EC32(peinfo->dirs[1].Size); + + if (genhash[CLI_HASH_MD5]) { + hashctx[CLI_HASH_MD5] = cl_hash_init("md5"); +@@ -2546,7 +2546,7 @@ static cl_error_t hash_imptbl(cli_ctx *ctx, unsigned char **digest, uint32_t *im + + done: + if (needed_impoff) { +- fmap_unneed_off(map, impoff, peinfo->dirs[1].Size); ++ fmap_unneed_off(map, impoff, EC32(peinfo->dirs[1].Size)); + } + + for (type = CLI_HASH_MD5; type < CLI_HASH_AVAIL_TYPES; type++) { +@@ -3250,7 +3250,7 @@ int cli_scanpe(cli_ctx *ctx) + + /* Trojan.Swizzor.Gen */ + if (SCAN_HEURISTICS && (DCONF & PE_CONF_SWIZZOR) && peinfo->nsections > 1 && fsize > 64 * 1024 && fsize < 4 * 1024 * 1024) { +- if (peinfo->dirs[2].Size) { ++ if (EC32(peinfo->dirs[2].Size)) { + struct swizz_stats *stats = cli_calloc(1, sizeof(*stats)); + unsigned int m = 1000; + ret = CL_CLEAN; +@@ -5292,13 +5292,13 @@ cl_error_t cli_peheader(fmap_t *map, struct cli_exe_info *peinfo, uint32_t opts, + cli_dbgmsg("EntryPoint offset: 0x%x (%d)\n", peinfo->ep, peinfo->ep); + } + +- if (is_dll || peinfo->ndatadirs < 3 || !peinfo->dirs[2].Size) ++ if (is_dll || peinfo->ndatadirs < 3 || !EC32(peinfo->dirs[2].Size)) + peinfo->res_addr = 0; + else + peinfo->res_addr = EC32(peinfo->dirs[2].VirtualAddress); + + while (opts & CLI_PEHEADER_OPT_EXTRACT_VINFO && +- peinfo->ndatadirs >= 3 && peinfo->dirs[2].Size) { ++ peinfo->ndatadirs >= 3 && EC32(peinfo->dirs[2].Size)) { + struct vinfo_list vlist; + const uint8_t *vptr, *baseptr; + uint32_t rva, res_sz; diff --git a/sources b/sources index e3f709f..8a98297 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-0.103.7-norar.tar.xz) = 496ba3b2a72ecb534c55bc11a9f050b201da8475b54cfdfb67e559f8e075b8f3d03c58f9bd3a27909985cc563b69f37ca879d9fe596d87ce35a704d48623c5db +SHA512 (clamav-1.0.0-norar.tar.xz) = 9acae4fb4041b3e482b2cca72e3d2993c90621bc11f3e7d2dc30aa10e2a0dcee4f30163632fa21887a5faa8cbc59a1e6e71f1457af49b542a844215dfeccaad4 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-26614.cvd) = 918b4601bf62c9c4ac13e96f39b25121e3b3ade79482081dbf13f6e6d9f9f3ad38a22acdec7e9c44062ed84ef9bb5b40e4c8dc0af766afd0632bb0ba934a1dec +SHA512 (daily-26722.cvd) = 303307664fb9f245444e472f46acbb80d840a45998a892a9d04405fb15d4d85c96a4aa52b7107005626684ca6ca77a33044248af612ab50c1cfdda1a8d27fb25 SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07 diff --git a/update_clamav.sh b/update_clamav.sh index b3e5b31..274d019 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,5 +1,5 @@ -VERSION=0.103.7 -REPOS="f36 f35 epel9 epel8 epel7" +VERSION=1.0.0 +REPOS="n" if [ -z "$1" ] then From 05338c44df680ac143aa2a9d983f89852edbe958 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 22 Jan 2023 18:56:59 -0700 Subject: [PATCH 19/72] Fix multilib install --- ...0.99-private.patch => clamav-private.patch | 13 +++++++++++-- clamav-types.h | 14 ++++++++++++++ clamav.spec | 19 +++++++++++++++++-- 3 files changed, 42 insertions(+), 4 deletions(-) rename clamav-0.99-private.patch => clamav-private.patch (64%) create mode 100644 clamav-types.h diff --git a/clamav-0.99-private.patch b/clamav-private.patch similarity index 64% rename from clamav-0.99-private.patch rename to clamav-private.patch index 7f9f563..41dd4c5 100644 --- a/clamav-0.99-private.patch +++ b/clamav-private.patch @@ -8,8 +8,17 @@ +Libs.private: -L${libdir} -lclamav @LIBCLAMAV_LIBS@ Cflags: -I${includedir} ---- clamav-0.99/clamav-config.in 2015-05-28 23:56:25.000000000 +0200 -+++ clamav-0.99/clamav-config.in.private 2015-12-02 01:31:34.933705763 +0100 +diff -up clamav-1.0.0/clamav-config.in.private clamav-1.0.0/clamav-config.in +--- clamav-1.0.0/clamav-config.in.private 2023-01-22 17:40:01.711757908 -0700 ++++ clamav-1.0.0/clamav-config.in 2023-01-22 18:01:06.188743168 -0700 +@@ -4,7 +4,6 @@ + prefix=@prefix@ + exec_prefix=@exec_prefix@ + includedir=@includedir@ +-libdir=@libdir@ + + usage() + { @@ -54,12 +54,8 @@ usage 0 ;; diff --git a/clamav-types.h b/clamav-types.h new file mode 100644 index 0000000..ffa83b7 --- /dev/null +++ b/clamav-types.h @@ -0,0 +1,14 @@ +#ifndef CLAMAV_TYPES_H_MULTILIB +#define CLAMAV_TYPES_H_MULTILIB + +#include + +#if __WORDSIZE == 32 +# include "clamav-types-32.h" +#elif __WORDSIZE == 64 +# include "clamav-types-64.h" +#else +# error "unexpected value for __WORDSIZE macro" +#endif + +#endif diff --git a/clamav.spec b/clamav.spec index 7b9f6b9..8f24f73 100644 --- a/clamav.spec +++ b/clamav.spec @@ -25,7 +25,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.0 -Release: 1%{?dist} +Release: 2%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -37,6 +37,8 @@ Source999: https://www.clamav.net/downloads/production/%{name}-%{version}%{?pre # tarball was created with update_clamav.sh Source0: %{name}-%{version}%{?prerelease}-norar.tar.xz %endif +# Multilib headers +Source1: clamav-types.h #for server Source3: clamd.logrotate Source5: clamd-README @@ -65,7 +67,7 @@ Source530: clamd@.service # Change default config locations for Fedora Patch1: clamav-default_confs.patch # Fix pkg-config flags for static linking, multilib -Patch2: clamav-0.99-private.patch +Patch2: clamav-private.patch # Remove rpath Patch3: clamav-rpath.patch # Modify clamav-clamonacc.service for Fedora compatibility @@ -362,6 +364,16 @@ cat << EOF > %{buildroot}%{_tmpfilesdir}/clamav-milter.conf d %{_rundir}/clamav-milter 0710 %{milteruser} %{milteruser} EOF +#Fixup headers and scripts for multilib +%if 0%{?__isa_bits} == 64 +mv %{buildroot}%{_includedir}/clamav-types.h \ + %{buildroot}%{_includedir}/clamav-types-64.h +%else +mv %{buildroot}%{_includedir}/clamav-types.h \ + %{buildroot}%{_includedir}/clamav-types-32.h +%endif +install -m 0644 %SOURCE1 %{buildroot}%{_includedir}/clamav-types.h + # TODO: Evaluate using upstream's unit with clamav-daemon.socket rm %{buildroot}%{_unitdir}/clamav-daemon.* @@ -537,6 +549,9 @@ exit 0 %changelog +* Mon Jan 23 2023 Orion Poplawski - 1.0.0-2 +- Fix multilib install + * Sun Jan 22 2023 Orion Poplawski - 1.0.0-1 - Update to 1.0.0 From dab96dcff26895f79cbc990e8c6a4fafd3b3cb59 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 12 Feb 2023 17:36:52 -0700 Subject: [PATCH 20/72] Make sure RUSTFLAGS are passed to rustc (bz#2167194) --- clamav-rustflags.patch | 57 ++++++++++++++++++++++++++++++++++++++++++ clamav.spec | 10 +++++++- 2 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 clamav-rustflags.patch diff --git a/clamav-rustflags.patch b/clamav-rustflags.patch new file mode 100644 index 0000000..e25b028 --- /dev/null +++ b/clamav-rustflags.patch @@ -0,0 +1,57 @@ +diff --git a/cmake/FindRust.cmake b/cmake/FindRust.cmake +index c9997486c..2b04adeb9 100644 +--- a/cmake/FindRust.cmake ++++ b/cmake/FindRust.cmake +@@ -236,7 +236,7 @@ function(add_rust_executable) + # Build the executable. + add_custom_command( + OUTPUT "${OUTPUT}" +- COMMAND ${CMAKE_COMMAND} -E env "CARGO_TARGET_DIR=${ARGS_BINARY_DIRECTORY}" ${cargo_EXECUTABLE} ARGS ${MY_CARGO_ARGS} ++ COMMAND ${CMAKE_COMMAND} -E env "CARGO_TARGET_DIR=${ARGS_BINARY_DIRECTORY}" ${cargo_EXECUTABLE} ${MY_CARGO_ARGS} + WORKING_DIRECTORY "${ARGS_SOURCE_DIRECTORY}" + DEPENDS ${EXE_SOURCES} + COMMENT "Building ${ARGS_TARGET} in ${ARGS_BINARY_DIRECTORY} with:\n\t ${cargo_EXECUTABLE} ${MY_CARGO_ARGS_STRING}") +@@ -287,17 +287,17 @@ function(add_rust_library) + if("${CMAKE_OSX_ARCHITECTURES}" MATCHES "^(arm64;x86_64|x86_64;arm64)$") + add_custom_command( + OUTPUT "${OUTPUT}" +- COMMAND ${CMAKE_COMMAND} -E env "CARGO_CMD=build" "CARGO_TARGET_DIR=${ARGS_BINARY_DIRECTORY}" "MAINTAINER_MODE=${MAINTAINER_MODE}" "RUSTFLAGS=\"${RUSTFLAGS}\"" ${cargo_EXECUTABLE} ARGS ${MY_CARGO_ARGS} --target=x86_64-apple-darwin +- COMMAND ${CMAKE_COMMAND} -E env "CARGO_CMD=build" "CARGO_TARGET_DIR=${ARGS_BINARY_DIRECTORY}" "MAINTAINER_MODE=${MAINTAINER_MODE}" "RUSTFLAGS=\"${RUSTFLAGS}\"" ${cargo_EXECUTABLE} ARGS ${MY_CARGO_ARGS} --target=aarch64-apple-darwin ++ COMMAND ${CMAKE_COMMAND} -E env "CARGO_CMD=build" "CARGO_TARGET_DIR=${ARGS_BINARY_DIRECTORY}" "MAINTAINER_MODE=${MAINTAINER_MODE}" "RUSTFLAGS=${RUSTFLAGS}" ${cargo_EXECUTABLE} ${MY_CARGO_ARGS} --target=x86_64-apple-darwin ++ COMMAND ${CMAKE_COMMAND} -E env "CARGO_CMD=build" "CARGO_TARGET_DIR=${ARGS_BINARY_DIRECTORY}" "MAINTAINER_MODE=${MAINTAINER_MODE}" "RUSTFLAGS=${RUSTFLAGS}" ${cargo_EXECUTABLE} ${MY_CARGO_ARGS} --target=aarch64-apple-darwin + COMMAND ${CMAKE_COMMAND} -E make_directory "${ARGS_BINARY_DIRECTORY}/${RUST_COMPILER_TARGET}/${CARGO_BUILD_TYPE}" +- COMMAND lipo ARGS -create ${ARGS_BINARY_DIRECTORY}/x86_64-apple-darwin/${CARGO_BUILD_TYPE}/lib${ARGS_TARGET}.a ${ARGS_BINARY_DIRECTORY}/aarch64-apple-darwin/${CARGO_BUILD_TYPE}/lib${ARGS_TARGET}.a -output "${OUTPUT}" ++ COMMAND lipo -create ${ARGS_BINARY_DIRECTORY}/x86_64-apple-darwin/${CARGO_BUILD_TYPE}/lib${ARGS_TARGET}.a ${ARGS_BINARY_DIRECTORY}/aarch64-apple-darwin/${CARGO_BUILD_TYPE}/lib${ARGS_TARGET}.a -output "${OUTPUT}" + WORKING_DIRECTORY "${ARGS_SOURCE_DIRECTORY}" + DEPENDS ${LIB_SOURCES} + COMMENT "Building ${ARGS_TARGET} in ${ARGS_BINARY_DIRECTORY} with: ${cargo_EXECUTABLE} ${MY_CARGO_ARGS_STRING}") + else() + add_custom_command( + OUTPUT "${OUTPUT}" +- COMMAND ${CMAKE_COMMAND} -E env "CARGO_CMD=build" "CARGO_TARGET_DIR=${ARGS_BINARY_DIRECTORY}" "MAINTAINER_MODE=${MAINTAINER_MODE}" "RUSTFLAGS=\"${RUSTFLAGS}\"" ${cargo_EXECUTABLE} ARGS ${MY_CARGO_ARGS} ++ COMMAND ${CMAKE_COMMAND} -E env "CARGO_CMD=build" "CARGO_TARGET_DIR=${ARGS_BINARY_DIRECTORY}" "MAINTAINER_MODE=${MAINTAINER_MODE}" "RUSTFLAGS=${RUSTFLAGS}" ${cargo_EXECUTABLE} ${MY_CARGO_ARGS} + WORKING_DIRECTORY "${ARGS_SOURCE_DIRECTORY}" + DEPENDS ${LIB_SOURCES} + COMMENT "Building ${ARGS_TARGET} in ${ARGS_BINARY_DIRECTORY} with: ${cargo_EXECUTABLE} ${MY_CARGO_ARGS_STRING}") +@@ -443,8 +443,6 @@ if(NOT "${RUST_COMPILER_TARGET}" MATCHES "^universal-apple-darwin$") + list(APPEND CARGO_ARGS "--target" ${RUST_COMPILER_TARGET}) + endif() + +-set(RUSTFLAGS "") +- + if(NOT CMAKE_BUILD_TYPE) + set(CARGO_BUILD_TYPE "debug") + elseif(${CMAKE_BUILD_TYPE} STREQUAL "Release" OR ${CMAKE_BUILD_TYPE} STREQUAL "MinSizeRel") +@@ -453,10 +451,11 @@ elseif(${CMAKE_BUILD_TYPE} STREQUAL "Release" OR ${CMAKE_BUILD_TYPE} STREQUAL "M + elseif(${CMAKE_BUILD_TYPE} STREQUAL "RelWithDebInfo") + set(CARGO_BUILD_TYPE "release") + list(APPEND CARGO_ARGS "--release") +- set(RUSTFLAGS "-g") ++ string(APPEND RUSTFLAGS " -g") + else() + set(CARGO_BUILD_TYPE "debug") + endif() ++string(STRIP "${RUSTFLAGS}" RUSTFLAGS) + + find_package_handle_standard_args(Rust + REQUIRED_VARS cargo_EXECUTABLE diff --git a/clamav.spec b/clamav.spec index 8f24f73..d49b95a 100644 --- a/clamav.spec +++ b/clamav.spec @@ -25,7 +25,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.0 -Release: 2%{?dist} +Release: 3%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -64,6 +64,9 @@ Source330: clamav-milter.systemd #for scanner-systemd/server-systemd Source530: clamd@.service +# Accept RUSTFLAGS +# https://github.com/Cisco-Talos/clamav/pull/835 +Patch0: clamav-rustflags.patch # Change default config locations for Fedora Patch1: clamav-default_confs.patch # Fix pkg-config flags for static linking, multilib @@ -252,6 +255,7 @@ rm -r .cargo %cargo_prep cd .. +%patch0 -p1 -b .rustflags %patch1 -p1 -b .default_confs %patch2 -p1 -b .private %patch3 -p1 -b .rpath @@ -277,6 +281,7 @@ export LDFLAGS=$(echo %{?__global_ldflags} | sed '/-Wl,--as-needed/!s/$/ -Wl,--a export have_cv_ipv6=yes %cmake \ + -DRUSTFLAGS="%build_rustflags" \ -DAPP_CONFIG_DIRECTORY=%{_sysconfdir} \ -DCMAKE_INSTALL_DOCDIR=%{_pkgdocdir} \ -DCLAMAV_USER=%{updateuser} -DCLAMAV_GROUP=%{updateuser} \ @@ -549,6 +554,9 @@ exit 0 %changelog +* Mon Feb 13 2023 Orion Poplawski - 1.0.0-3 +- Make sure RUSTFLAGS are passed to rustc (bz#2167194) + * Mon Jan 23 2023 Orion Poplawski - 1.0.0-2 - Fix multilib install From 0c3590cb237e731747c3ca715f4231ea4126ed21 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 16 Feb 2023 06:45:28 -0700 Subject: [PATCH 21/72] Update to 1.0.1 --- clamav.spec | 9 ++++++--- sources | 4 ++-- update_clamav.sh | 2 +- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/clamav.spec b/clamav.spec index d49b95a..7d58eec 100644 --- a/clamav.spec +++ b/clamav.spec @@ -24,8 +24,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 1.0.0 -Release: 3%{?dist} +Version: 1.0.1 +Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -49,7 +49,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26722.cvd +Source11: daily-26813.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-333.cvd #for update @@ -554,6 +554,9 @@ exit 0 %changelog +* Thu Feb 16 2023 Orion Poplawski - 1.0.1-1 +- Update to 1.0.1 + * Mon Feb 13 2023 Orion Poplawski - 1.0.0-3 - Make sure RUSTFLAGS are passed to rustc (bz#2167194) diff --git a/sources b/sources index 8a98297..a9f1d81 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-1.0.0-norar.tar.xz) = 9acae4fb4041b3e482b2cca72e3d2993c90621bc11f3e7d2dc30aa10e2a0dcee4f30163632fa21887a5faa8cbc59a1e6e71f1457af49b542a844215dfeccaad4 +SHA512 (clamav-1.0.1-norar.tar.xz) = 676ca18c79449a93169653c52793a0beac81238110750f89506542eecb99db6e1a07274f74651a001f169204d2972bbdc721a5a14af08e2601d9ee937282c7ce SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-26722.cvd) = 303307664fb9f245444e472f46acbb80d840a45998a892a9d04405fb15d4d85c96a4aa52b7107005626684ca6ca77a33044248af612ab50c1cfdda1a8d27fb25 +SHA512 (daily-26813.cvd) = 3a9114d93f772568990644dce502e9122c5f2b2ed868915084e28800cbea499aac6746bdbae81cc51b94f672294aed0ae21b96085d3442d11faa43ece0b27dfa SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07 diff --git a/update_clamav.sh b/update_clamav.sh index 274d019..ab70989 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,4 +1,4 @@ -VERSION=1.0.0 +VERSION=1.0.1 REPOS="n" if [ -z "$1" ] From 0b83c9d0f909937993714c9cfb20a55cc0ba3738 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 16 Feb 2023 20:16:21 -0700 Subject: [PATCH 22/72] Update to 0.103.8 --- clamav.spec | 9 ++++++--- sources | 4 ++-- update_clamav.sh | 2 +- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/clamav.spec b/clamav.spec index 85a1c7f..0b21410 100644 --- a/clamav.spec +++ b/clamav.spec @@ -33,8 +33,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 0.103.7 -Release: 3%{?dist} +Version: 0.103.8 +Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -56,7 +56,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26614.cvd +Source11: daily-26813.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-333.cvd #for update @@ -592,6 +592,9 @@ test -e %{freshclamlog} || { %changelog +* Fri Feb 17 2023 Orion Poplawski - 0.103.8-1 +- Update to 0.103.8 + * Thu Sep 22 2022 Sérgio Basto - 0.103.7-3 - (#2128276) Please port your pcre dependency to pcre2 - Explicit dependency on systemd since systemd-devel no longer has this dependency on F37+ diff --git a/sources b/sources index e3f709f..8c53a0e 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-0.103.7-norar.tar.xz) = 496ba3b2a72ecb534c55bc11a9f050b201da8475b54cfdfb67e559f8e075b8f3d03c58f9bd3a27909985cc563b69f37ca879d9fe596d87ce35a704d48623c5db +SHA512 (clamav-0.103.8-norar.tar.xz) = ce27f7fe133f73af43a28483f5e9ae8562c6ea964761ac5a1f7950f11ebb6d3ee8e84cd30f63c1f1152a8a361ba81c58227dbd07a8de9b5a00e354e9137754b2 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-26614.cvd) = 918b4601bf62c9c4ac13e96f39b25121e3b3ade79482081dbf13f6e6d9f9f3ad38a22acdec7e9c44062ed84ef9bb5b40e4c8dc0af766afd0632bb0ba934a1dec +SHA512 (daily-26813.cvd) = 3a9114d93f772568990644dce502e9122c5f2b2ed868915084e28800cbea499aac6746bdbae81cc51b94f672294aed0ae21b96085d3442d11faa43ece0b27dfa SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07 diff --git a/update_clamav.sh b/update_clamav.sh index b3e5b31..ed3da17 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,4 +1,4 @@ -VERSION=0.103.7 +VERSION=0.103.8 REPOS="f36 f35 epel9 epel8 epel7" if [ -z "$1" ] From d643b37511bad37e429ec69ea77ece06ff562226 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 16 Feb 2023 20:16:21 -0700 Subject: [PATCH 23/72] Update to 0.103.8 --- clamav.spec | 9 ++++++--- sources | 4 ++-- update_clamav.sh | 2 +- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/clamav.spec b/clamav.spec index 4458e10..c435fb6 100644 --- a/clamav.spec +++ b/clamav.spec @@ -33,8 +33,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 0.103.7 -Release: 4%{?dist} +Version: 0.103.8 +Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -56,7 +56,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26614.cvd +Source11: daily-26813.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-333.cvd #for update @@ -590,6 +590,9 @@ test -e %{freshclamlog} || { %changelog +* Fri Feb 17 2023 Orion Poplawski - 0.103.8-1 +- Update to 0.103.8 + * Mon Nov 07 2022 Sérgio Basto - 0.103.7-4 - (#2136977) not requires data(clamav) on clamav-libs - (#2023371) Add documentation to preserve user permissions of DatabaseOwner diff --git a/sources b/sources index e3f709f..8c53a0e 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-0.103.7-norar.tar.xz) = 496ba3b2a72ecb534c55bc11a9f050b201da8475b54cfdfb67e559f8e075b8f3d03c58f9bd3a27909985cc563b69f37ca879d9fe596d87ce35a704d48623c5db +SHA512 (clamav-0.103.8-norar.tar.xz) = ce27f7fe133f73af43a28483f5e9ae8562c6ea964761ac5a1f7950f11ebb6d3ee8e84cd30f63c1f1152a8a361ba81c58227dbd07a8de9b5a00e354e9137754b2 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-26614.cvd) = 918b4601bf62c9c4ac13e96f39b25121e3b3ade79482081dbf13f6e6d9f9f3ad38a22acdec7e9c44062ed84ef9bb5b40e4c8dc0af766afd0632bb0ba934a1dec +SHA512 (daily-26813.cvd) = 3a9114d93f772568990644dce502e9122c5f2b2ed868915084e28800cbea499aac6746bdbae81cc51b94f672294aed0ae21b96085d3442d11faa43ece0b27dfa SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07 diff --git a/update_clamav.sh b/update_clamav.sh index b3e5b31..ed3da17 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,4 +1,4 @@ -VERSION=0.103.7 +VERSION=0.103.8 REPOS="f36 f35 epel9 epel8 epel7" if [ -z "$1" ] From fea4e5013e34160435e8368f3623217c3b0654c4 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 16 Feb 2023 20:16:21 -0700 Subject: [PATCH 24/72] Update to 0.103.8 --- clamav.spec | 7 +++++-- sources | 4 ++-- update_clamav.sh | 2 +- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/clamav.spec b/clamav.spec index e16d06c..d46d8cb 100644 --- a/clamav.spec +++ b/clamav.spec @@ -33,7 +33,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 0.103.7 +Version: 0.103.8 Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ @@ -56,7 +56,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26614.cvd +Source11: daily-26813.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-333.cvd #for update @@ -576,6 +576,9 @@ test -e %{freshclamlog} || { %changelog +* Fri Feb 17 2023 Orion Poplawski - 0.103.8-1 +- Update to 0.103.8 + * Thu Jul 28 2022 Sérgio Basto - 0.103.7-1 - Update to 0.103.7 diff --git a/sources b/sources index e3f709f..8c53a0e 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-0.103.7-norar.tar.xz) = 496ba3b2a72ecb534c55bc11a9f050b201da8475b54cfdfb67e559f8e075b8f3d03c58f9bd3a27909985cc563b69f37ca879d9fe596d87ce35a704d48623c5db +SHA512 (clamav-0.103.8-norar.tar.xz) = ce27f7fe133f73af43a28483f5e9ae8562c6ea964761ac5a1f7950f11ebb6d3ee8e84cd30f63c1f1152a8a361ba81c58227dbd07a8de9b5a00e354e9137754b2 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-26614.cvd) = 918b4601bf62c9c4ac13e96f39b25121e3b3ade79482081dbf13f6e6d9f9f3ad38a22acdec7e9c44062ed84ef9bb5b40e4c8dc0af766afd0632bb0ba934a1dec +SHA512 (daily-26813.cvd) = 3a9114d93f772568990644dce502e9122c5f2b2ed868915084e28800cbea499aac6746bdbae81cc51b94f672294aed0ae21b96085d3442d11faa43ece0b27dfa SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07 diff --git a/update_clamav.sh b/update_clamav.sh index b3e5b31..ed3da17 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,4 +1,4 @@ -VERSION=0.103.7 +VERSION=0.103.8 REPOS="f36 f35 epel9 epel8 epel7" if [ -z "$1" ] From d6ec3d7350f1504b29c112bbb5c6c92bafe20492 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Sun, 6 Nov 2022 23:25:22 +0000 Subject: [PATCH 25/72] Remove a superfluous rm --- clamav.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 0b21410..6501a3b 100644 --- a/clamav.spec +++ b/clamav.spec @@ -301,7 +301,6 @@ autoreconf -i %install -rm -rf _doc* %make_install install -d -m 0755 \ From 55242dd23248ee5f3e1dcda24983a2b9959a0f3f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Sun, 6 Nov 2022 23:26:57 +0000 Subject: [PATCH 26/72] not requires data(clamav) on clamav-libs data(clamav) is already required by clamav and clamd --- clamav.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 6501a3b..7f31fb2 100644 --- a/clamav.spec +++ b/clamav.spec @@ -150,7 +150,6 @@ user-creation scripts required by clamav. %package lib Summary: Dynamic libraries for the Clam Antivirus scanner -Requires: data(clamav) Provides: bundled(libmspack) = 0.5-0.1.alpha.modified_by_clamav %description lib From e0834e7c5458d0dc42e6ace2fb814f026e1288b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Mon, 7 Nov 2022 01:02:52 +0000 Subject: [PATCH 27/72] Add documentation for preserver user permissions of DatabaseOwner --- README.fedora | 23 ++++++++--------------- 1 file changed, 8 insertions(+), 15 deletions(-) diff --git a/README.fedora b/README.fedora index e512782..dd9cfe5 100644 --- a/README.fedora +++ b/README.fedora @@ -1,36 +1,21 @@ Please note for Fedora and EPEL 7+ we use only systemd. -upstart and sysvinit only apply to EPEL 6. A clamav-milter setup consists of the following three components: * the clamav-milter itself - --> this is provided by the 'clamav-milter' package plus (alternatively) - 'clamav-milter-upstart' or 'clamav-milter-sysvinit' - The main configuration is in /etc/mail/clamav-milter.conf and MUST be changed before first use. This can be enabled with: 'systemctl enable clamav-milter.service' - The -sysvinit package is managed by the traditional tools, but - -upstart requires modification of /etc/event.d/clamav-milter to - enable automatic startup. See comments there for more details. - * a clamav scanner daemon - --> this is in the clamd package (or on EL6: - 'clamav-scanner-upstart' or 'clamav-scanner-sysvinit') - The daemon is configured by /etc/clamd.d/scan.conf (which MUST be edited before first use). This can be enabled with: 'systemctl enable clamd@scan.service' - The -sysvinit package is managed by the traditional tools, but - -upstart requires modification of /etc/event.d/clamd.scan to enable - automatic startup. See comments there for more details. - * the MTA (sendmail/postfix) --> you should know how to install this... @@ -43,6 +28,14 @@ A clamav-milter setup consists of the following three components: to your sendmail.mc. +* Changing permissions of directory /var/lib/clamav + Whenever ClamAV is upgraded by dnf, the permissions for the /var/lib/clamav directory change to user clamupdate + If for some reason you need DatabaseOwner be another user, you may copy /usr/lib/systemd/system/clamav-freshclam.service to /etc/systemd/system/ + and add ExecStartPre=+/usr/bin/chown youruser:yourgroup /var/lib/clamav and updates won't break your configuration ... + Please add comments to https://bugzilla.redhat.com/show_bug.cgi?id=2023371 if not work for you or if you have any suggestion. + Note: =+ on systemd.service (man 5 systemd.service, Special executable prefixes) + If the executable path is prefixed with "+" then the process is executed with full privileges. + EXAMPLE ======= From 76167a07a90bfd54daa574323ea8c42e37d5920b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Sun, 6 Nov 2022 23:25:22 +0000 Subject: [PATCH 28/72] Remove a superfluous rm --- clamav.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 0b21410..6501a3b 100644 --- a/clamav.spec +++ b/clamav.spec @@ -301,7 +301,6 @@ autoreconf -i %install -rm -rf _doc* %make_install install -d -m 0755 \ From f4c0c8a8c7ceaa0bcf86ffe6f38bc530ce6e2128 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Sun, 6 Nov 2022 23:26:57 +0000 Subject: [PATCH 29/72] (#2136977) not requires data(clamav) on clamav-libs data(clamav) is already required by clamav and by clamd which seems to be enhough --- clamav.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 6501a3b..7f31fb2 100644 --- a/clamav.spec +++ b/clamav.spec @@ -150,7 +150,6 @@ user-creation scripts required by clamav. %package lib Summary: Dynamic libraries for the Clam Antivirus scanner -Requires: data(clamav) Provides: bundled(libmspack) = 0.5-0.1.alpha.modified_by_clamav %description lib From 1a0b20d512b7f51278360390ecd6a3364bd29910 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Mon, 7 Nov 2022 01:02:52 +0000 Subject: [PATCH 30/72] (#2023371) Add documentation to preserve user permissions of DatabaseOwner --- README.fedora | 23 ++++++++--------------- clamav.spec | 4 ++++ 2 files changed, 12 insertions(+), 15 deletions(-) diff --git a/README.fedora b/README.fedora index e512782..dd9cfe5 100644 --- a/README.fedora +++ b/README.fedora @@ -1,36 +1,21 @@ Please note for Fedora and EPEL 7+ we use only systemd. -upstart and sysvinit only apply to EPEL 6. A clamav-milter setup consists of the following three components: * the clamav-milter itself - --> this is provided by the 'clamav-milter' package plus (alternatively) - 'clamav-milter-upstart' or 'clamav-milter-sysvinit' - The main configuration is in /etc/mail/clamav-milter.conf and MUST be changed before first use. This can be enabled with: 'systemctl enable clamav-milter.service' - The -sysvinit package is managed by the traditional tools, but - -upstart requires modification of /etc/event.d/clamav-milter to - enable automatic startup. See comments there for more details. - * a clamav scanner daemon - --> this is in the clamd package (or on EL6: - 'clamav-scanner-upstart' or 'clamav-scanner-sysvinit') - The daemon is configured by /etc/clamd.d/scan.conf (which MUST be edited before first use). This can be enabled with: 'systemctl enable clamd@scan.service' - The -sysvinit package is managed by the traditional tools, but - -upstart requires modification of /etc/event.d/clamd.scan to enable - automatic startup. See comments there for more details. - * the MTA (sendmail/postfix) --> you should know how to install this... @@ -43,6 +28,14 @@ A clamav-milter setup consists of the following three components: to your sendmail.mc. +* Changing permissions of directory /var/lib/clamav + Whenever ClamAV is upgraded by dnf, the permissions for the /var/lib/clamav directory change to user clamupdate + If for some reason you need DatabaseOwner be another user, you may copy /usr/lib/systemd/system/clamav-freshclam.service to /etc/systemd/system/ + and add ExecStartPre=+/usr/bin/chown youruser:yourgroup /var/lib/clamav and updates won't break your configuration ... + Please add comments to https://bugzilla.redhat.com/show_bug.cgi?id=2023371 if not work for you or if you have any suggestion. + Note: =+ on systemd.service (man 5 systemd.service, Special executable prefixes) + If the executable path is prefixed with "+" then the process is executed with full privileges. + EXAMPLE ======= diff --git a/clamav.spec b/clamav.spec index 7f31fb2..c435fb6 100644 --- a/clamav.spec +++ b/clamav.spec @@ -593,6 +593,10 @@ test -e %{freshclamlog} || { * Fri Feb 17 2023 Orion Poplawski - 0.103.8-1 - Update to 0.103.8 +* Mon Nov 07 2022 Sérgio Basto - 0.103.7-4 +- (#2136977) not requires data(clamav) on clamav-libs +- (#2023371) Add documentation to preserve user permissions of DatabaseOwner + * Thu Sep 22 2022 Sérgio Basto - 0.103.7-3 - (#2128276) Please port your pcre dependency to pcre2 - Explicit dependency on systemd since systemd-devel no longer has this dependency on F37+ From ca1ba6e1dc8788a98825e1e59e6495b19cd83b6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Sat, 18 Feb 2023 15:35:35 +0000 Subject: [PATCH 31/72] Split out documentation into separate -doc sub-package (#2128276) Please port your pcre dependency to pcre2 Explicit dependency on systemd since systemd-devel no longer has this dependency on F37+ (#2136977) not requires data(clamav) on clamav-libs (#2023371) Add documentation to preserve user permissions of DatabaseOwner --- clamav.spec | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index c435fb6..6f185ba 100644 --- a/clamav.spec +++ b/clamav.spec @@ -34,7 +34,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.103.8 -Release: 1%{?dist} +Release: 2%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -590,6 +590,13 @@ test -e %{freshclamlog} || { %changelog +* Sat Feb 18 2023 Sérgio Basto - 0.103.8-2 +- Split out documentation into separate -doc sub-package +- (#2128276) Please port your pcre dependency to pcre2 +- Explicit dependency on systemd since systemd-devel no longer has this dependency on F37+ +- (#2136977) not requires data(clamav) on clamav-libs +- (#2023371) Add documentation to preserve user permissions of DatabaseOwner + * Fri Feb 17 2023 Orion Poplawski - 0.103.8-1 - Update to 0.103.8 From 161dc4ad1cba26e6994d4eb4bb453cfb6bd41914 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Mon, 20 Feb 2023 09:37:37 -0700 Subject: [PATCH 32/72] Fix daily.cvd file --- clamav.spec | 7 +++++-- sources | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/clamav.spec b/clamav.spec index 6f185ba..4d4fb7e 100644 --- a/clamav.spec +++ b/clamav.spec @@ -34,7 +34,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.103.8 -Release: 2%{?dist} +Release: 3%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -56,7 +56,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26813.cvd +Source11: daily-26818.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-333.cvd #for update @@ -590,6 +590,9 @@ test -e %{freshclamlog} || { %changelog +* Mon Feb 20 2023 Orion Poplawski - 0.103.8-3 +- Fix daily.cvd file + * Sat Feb 18 2023 Sérgio Basto - 0.103.8-2 - Split out documentation into separate -doc sub-package - (#2128276) Please port your pcre dependency to pcre2 diff --git a/sources b/sources index 8c53a0e..89cd53d 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ SHA512 (clamav-0.103.8-norar.tar.xz) = ce27f7fe133f73af43a28483f5e9ae8562c6ea964761ac5a1f7950f11ebb6d3ee8e84cd30f63c1f1152a8a361ba81c58227dbd07a8de9b5a00e354e9137754b2 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-26813.cvd) = 3a9114d93f772568990644dce502e9122c5f2b2ed868915084e28800cbea499aac6746bdbae81cc51b94f672294aed0ae21b96085d3442d11faa43ece0b27dfa SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07 +SHA512 (daily-26818.cvd) = d817c34c4f3576e2752f9eb5b438d0dd040f2084c3c855b5c91ba083abfc8ef58f5426d48917a37b0b22324bd38670d641a00051cec86324ed4453b88dc980e4 From 6c241b5d22079a8e94e59c58e0389cc7cdb6b654 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Mon, 20 Feb 2023 10:28:28 -0700 Subject: [PATCH 33/72] Fix daily.cvd file (bz#2171869) --- clamav.spec | 7 +++++-- sources | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/clamav.spec b/clamav.spec index 7d58eec..a6d5ca1 100644 --- a/clamav.spec +++ b/clamav.spec @@ -25,7 +25,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.1 -Release: 1%{?dist} +Release: 2%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -49,7 +49,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26813.cvd +Source11: daily-26816.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-333.cvd #for update @@ -554,6 +554,9 @@ exit 0 %changelog +* Mon Feb 20 2023 Orion Poplawski - 1.0.1-2 +- Fix daily.cvd file (bz#2171869) + * Thu Feb 16 2023 Orion Poplawski - 1.0.1-1 - Update to 1.0.1 diff --git a/sources b/sources index a9f1d81..539f7a1 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ SHA512 (clamav-1.0.1-norar.tar.xz) = 676ca18c79449a93169653c52793a0beac81238110750f89506542eecb99db6e1a07274f74651a001f169204d2972bbdc721a5a14af08e2601d9ee937282c7ce SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-26813.cvd) = 3a9114d93f772568990644dce502e9122c5f2b2ed868915084e28800cbea499aac6746bdbae81cc51b94f672294aed0ae21b96085d3442d11faa43ece0b27dfa SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07 +SHA512 (daily-26816.cvd) = fc5973c80c3cd5b09981d7c21363f67d25290e7704044c321725153eef03e6e4ef210cadda1c15099553b20783ca8f97f6f56936fd42a36f3b35588ed1672efb From cc96bf67266c6bb60557d322b5b0b505e0b9da19 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Fri, 24 Feb 2023 22:00:16 +0000 Subject: [PATCH 34/72] Update data files with help of Cisco-Talos/cvdupdate --- clamav.spec | 9 ++++++--- sources | 4 ++-- update_clamav.sh | 19 ++++++++++++------- 3 files changed, 20 insertions(+), 12 deletions(-) diff --git a/clamav.spec b/clamav.spec index a6d5ca1..bf5d886 100644 --- a/clamav.spec +++ b/clamav.spec @@ -25,7 +25,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.1 -Release: 2%{?dist} +Release: 3%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -49,9 +49,9 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26816.cvd +Source11: daily-26825.cvd #http://database.clamav.net/bytecode.cvd -Source12: bytecode-333.cvd +Source12: bytecode-334.cvd #for update Source200: freshclam-sleep Source201: freshclam.sysconfig @@ -554,6 +554,9 @@ exit 0 %changelog +* Fri Feb 24 2023 Sérgio Basto - 1.0.1-3 +- Update data files with help of Cisco-Talos/cvdupdate + * Mon Feb 20 2023 Orion Poplawski - 1.0.1-2 - Fix daily.cvd file (bz#2171869) diff --git a/sources b/sources index 539f7a1..7873f19 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ SHA512 (clamav-1.0.1-norar.tar.xz) = 676ca18c79449a93169653c52793a0beac81238110750f89506542eecb99db6e1a07274f74651a001f169204d2972bbdc721a5a14af08e2601d9ee937282c7ce SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07 -SHA512 (daily-26816.cvd) = fc5973c80c3cd5b09981d7c21363f67d25290e7704044c321725153eef03e6e4ef210cadda1c15099553b20783ca8f97f6f56936fd42a36f3b35588ed1672efb +SHA512 (daily-26825.cvd) = eccca2dfc2d92daa3b75080ad593b0d60ae3b2dff3e7446f349e733eb6969d0f90c19db7fbbc6029d51c52262bf90b19ca81e97b710497da608269db28d2992a +SHA512 (bytecode-334.cvd) = 83478af4e097b4b3fe136c943d3dd018f3e678c6859873dc1aef527db40a018b77439be2113ac251dfb797074ef8c201336570c3fe03c7ac507d5b94ab6d61c9 diff --git a/update_clamav.sh b/update_clamav.sh index ab70989..465c1d1 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -32,13 +32,16 @@ zcat ${TARBALL} | tar --delete -f - '*/libclamunrar/*' | xz -c > ${TARBALL_CLEAN fi fi -# WIP clouflare don't allow wget we need download with browser -#wget https://database.clamav.net/main.cvd -#wget https://database.clamav.net/daily.cvd -#wget https://database.clamav.net/bytecode.cvd +#python3 -m pip install --user cvdupdate +#python -m cvdupdate.cvdupdate --help +cvd config set --dbdir my_dbs +cvdupdate list +cvdupdate update +pushd my_dbs main_ver=$(file main.cvd | sed -e 's/.*version /main-/;s/,.*/.cvd/') daily_ver=$(file daily.cvd | sed -e 's/.*version /daily-/;s/,.*/.cvd/') bytecode_ver=$(file bytecode.cvd | sed -e 's/.*version /bytecode-/;s/,.*/.cvd/') +popd if test $stage -le 1 then @@ -46,9 +49,11 @@ echo STAGE 1 echo Press enter convert cvd into spec or n to skip ; read dummy; if [[ "$dummy" != "n" ]]; then -cp -f main.cvd $main_ver -cp -f daily.cvd $daily_ver -cp -f bytecode.cvd $bytecode_ver +pushd my_dbs +cp -f main.cvd ../$main_ver +cp -f daily.cvd ../$daily_ver +cp -f bytecode.cvd ../$bytecode_ver +popd sed -i "s|^Source10: .*|Source10: $main_ver|" clamav.spec sed -i "s|^Source11: .*|Source11: $daily_ver|" clamav.spec From fa96639809e63b0572400ad9dc224d209eadb2c5 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 18 Feb 2023 19:50:42 -0700 Subject: [PATCH 35/72] Mark cvd files is clamav-data as %config(noreplace) (bz#2170876) Rename clamav-update to clamav-freshclam Make clamav-freshclam supplement clamd --- clamav.spec | 32 +++++++++++++++++++------------- 1 file changed, 19 insertions(+), 13 deletions(-) diff --git a/clamav.spec b/clamav.spec index bf5d886..1f5088b 100644 --- a/clamav.spec +++ b/clamav.spec @@ -25,7 +25,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.1 -Release: 3%{?dist} +Release: 4%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -194,21 +194,22 @@ BuildArch: noarch This package contains the documentation for clamav. -%package update +%package freshclam Summary: Auto-updater for the Clam Antivirus scanner data-files Requires: clamav-filesystem = %{version}-%{release} Requires: clamav-lib = %{version}-%{release} +Supplements:clamd Provides: data(clamav) = empty Provides: clamav-data-empty = %{version}-%{release} Obsoletes: clamav-data-empty < %{version}-%{release} +Provides: clamav-update = %{version}-%{release} +Obsoletes: clamav-update < %{version}-%{release} -%description update -This package contains programs which can be used to update the clamav -anti-virus database automatically. It uses the freshclam(1) utility for -this task. To activate it use, uncomment the entry in /etc/cron.d/clamav-update. -Use this package when you go updating the virus database regulary and -do not want to download a >160MB sized rpm-package with outdated virus -definitions. +%description freshclam +This package contains the freshclam(1) program and clamav-freshclam +service which can be used to update the clamav anti-virus database +automatically. Most users should install this package in order to +keep their definitions up to date. %package -n clamd @@ -452,13 +453,13 @@ exit 0 %postun milter %systemd_postun_with_restart clamav-milter.service -%post update +%post freshclam %systemd_post clamav-freshclam.service -%preun update +%preun freshclam %systemd_preun clamav-freshclam.service -%postun update +%postun freshclam %systemd_postun_with_restart clamav-freshclam.service %ldconfig_scriptlets lib @@ -522,7 +523,7 @@ exit 0 %doc docs/html -%files update +%files freshclam %{_bindir}/freshclam %{_libdir}/libfreshclam.so.2* %{_mandir}/*/freshclam* @@ -554,6 +555,11 @@ exit 0 %changelog +* Mon Feb 27 2023 Orion Poplawski - 1.0.1-4 +- Mark cvd files is clamav-data as %%config(noreplace) (bz#2170876) +- Rename clamav-update to clamav-freshclam +- Make clamav-freshclam supplement clamd + * Fri Feb 24 2023 Sérgio Basto - 1.0.1-3 - Update data files with help of Cisco-Talos/cvdupdate From 6e8f97c2ff5c83d63ef6dcc8347b274fcd7012b0 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Mon, 20 Feb 2023 15:19:03 -0700 Subject: [PATCH 36/72] Let newer .cld files take precedence over the shipped .cvd files by removing them --- clamav.spec | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/clamav.spec b/clamav.spec index 1f5088b..3c4bad5 100644 --- a/clamav.spec +++ b/clamav.spec @@ -400,6 +400,15 @@ rm %{buildroot}%{_unitdir}/clamav-daemon.* %systemd_postun_with_restart clamav-clamonacc.service +%post data +# Let newer .cld files take precedence over the shipped .cvd files +for f in %{homedir}/*.cld +do + cvd=${f/.cld/.cvd} + [ -f $f -a $f -nt $cvd ] && rm -f $cvd || : +done + + %pre filesystem getent group %{updateuser} >/dev/null || groupadd -r %{updateuser} getent passwd %{updateuser} >/dev/null || \ From 45cae73773d65626f203bce433aa597e6d631ba2 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 26 Feb 2023 16:49:12 -0700 Subject: [PATCH 37/72] Have clamav-freshclam ghost all of the .cld and .cvd files --- clamav.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/clamav.spec b/clamav.spec index 3c4bad5..84ac960 100644 --- a/clamav.spec +++ b/clamav.spec @@ -538,10 +538,13 @@ exit 0 %{_mandir}/*/freshclam* %{_unitdir}/clamav-freshclam.service %config(noreplace) %verify(not mtime) %{_sysconfdir}/freshclam.conf -%ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/main.cvd +%ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/bytecode.cld +%ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/bytecode.cvd %ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/freshclam.dat %ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/daily.cld -%ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/bytecode.cld +%ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/daily.cvd +%ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/main.cld +%ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/main.cvd %files -n clamd @@ -568,6 +571,7 @@ exit 0 - Mark cvd files is clamav-data as %%config(noreplace) (bz#2170876) - Rename clamav-update to clamav-freshclam - Make clamav-freshclam supplement clamd +- Have clamav-freshclam ghost all of the .cld and .cvd files * Fri Feb 24 2023 Sérgio Basto - 1.0.1-3 - Update data files with help of Cisco-Talos/cvdupdate From 9ea07982c2ef96af8f0f6e7f66b3bb8151250868 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 19 Jul 2023 15:43:32 +0000 Subject: [PATCH 38/72] Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- clamav.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 84ac960..63e60b4 100644 --- a/clamav.spec +++ b/clamav.spec @@ -25,7 +25,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.1 -Release: 4%{?dist} +Release: 5%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -567,6 +567,9 @@ exit 0 %changelog +* Wed Jul 19 2023 Fedora Release Engineering - 1.0.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + * Mon Feb 27 2023 Orion Poplawski - 1.0.1-4 - Mark cvd files is clamav-data as %%config(noreplace) (bz#2170876) - Rename clamav-update to clamav-freshclam From f888de56e7aac6b6c29ac583b7e43264dabdceea Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Wed, 19 Jul 2023 21:32:59 -0600 Subject: [PATCH 39/72] No ocaml on ix86 --- clamav.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 63e60b4..454d7b7 100644 --- a/clamav.spec +++ b/clamav.spec @@ -8,7 +8,7 @@ # Failing with llvm 14 https://github.com/Cisco-Talos/clamav/issues/581 %bcond_with llvm -%ifnarch s390 s390x +%ifnarch %{ix86} s390 s390x %global have_ocaml 1 %else %global have_ocaml 0 From bf77301d0d0033def62427d8a793188139670800 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Wed, 19 Jul 2023 22:00:24 -0600 Subject: [PATCH 40/72] Fix ocaml conditional --- clamav.spec | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/clamav.spec b/clamav.spec index 454d7b7..13c52e2 100644 --- a/clamav.spec +++ b/clamav.spec @@ -8,10 +8,11 @@ # Failing with llvm 14 https://github.com/Cisco-Talos/clamav/issues/581 %bcond_with llvm -%ifnarch %{ix86} s390 s390x -%global have_ocaml 1 +# No ocaml on ix86 +%ifarch %{ix86} +%bcond_with ocaml %else -%global have_ocaml 0 +%bacond_without ocaml %endif %global scanuser clamscan @@ -110,7 +111,7 @@ BuildRequires: bc BuildRequires: tcl BuildRequires: groff BuildRequires: graphviz -%{?have_ocaml:BuildRequires: ocaml} +%{?with_ocaml::BuildRequires: ocaml} # nc required for tests BuildRequires: nc %{?systemd_requires} From af9745f52cbcce4830e4ffb3f0eb6c5ed07f769b Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Wed, 19 Jul 2023 22:01:50 -0600 Subject: [PATCH 41/72] Fix typo --- clamav.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 13c52e2..db65df2 100644 --- a/clamav.spec +++ b/clamav.spec @@ -12,7 +12,7 @@ %ifarch %{ix86} %bcond_with ocaml %else -%bacond_without ocaml +%bcond_without ocaml %endif %global scanuser clamscan From c6c60449e6cb9e9109b345f00bf8bfc4d14978aa Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Wed, 19 Jul 2023 22:05:57 -0600 Subject: [PATCH 42/72] Fix typo --- clamav.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index db65df2..a6e6009 100644 --- a/clamav.spec +++ b/clamav.spec @@ -111,7 +111,7 @@ BuildRequires: bc BuildRequires: tcl BuildRequires: groff BuildRequires: graphviz -%{?with_ocaml::BuildRequires: ocaml} +%{?with_ocaml:BuildRequires: ocaml} # nc required for tests BuildRequires: nc %{?systemd_requires} From 417910be2c80bd9acda2dd8c527590aa036cf2c5 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 17 Aug 2023 22:04:29 -0600 Subject: [PATCH 43/72] Update to 1.0.2 CVE-2023-20197 (bz#2232508) --- clamav-rustflags.patch | 23 ++++++++++------------- clamav.spec | 25 ++++++++++++++----------- sources | 4 ++-- update_clamav.sh | 2 +- 4 files changed, 27 insertions(+), 27 deletions(-) diff --git a/clamav-rustflags.patch b/clamav-rustflags.patch index e25b028..1f7281e 100644 --- a/clamav-rustflags.patch +++ b/clamav-rustflags.patch @@ -1,7 +1,6 @@ -diff --git a/cmake/FindRust.cmake b/cmake/FindRust.cmake -index c9997486c..2b04adeb9 100644 ---- a/cmake/FindRust.cmake -+++ b/cmake/FindRust.cmake +diff -up clamav-1.0.2/cmake/FindRust.cmake.rustflags clamav-1.0.2/cmake/FindRust.cmake +--- clamav-1.0.2/cmake/FindRust.cmake.rustflags 2023-08-15 16:24:07.000000000 -0600 ++++ clamav-1.0.2/cmake/FindRust.cmake 2023-08-17 21:17:03.957070383 -0600 @@ -236,7 +236,7 @@ function(add_rust_executable) # Build the executable. add_custom_command( @@ -11,20 +10,18 @@ index c9997486c..2b04adeb9 100644 WORKING_DIRECTORY "${ARGS_SOURCE_DIRECTORY}" DEPENDS ${EXE_SOURCES} COMMENT "Building ${ARGS_TARGET} in ${ARGS_BINARY_DIRECTORY} with:\n\t ${cargo_EXECUTABLE} ${MY_CARGO_ARGS_STRING}") -@@ -287,17 +287,17 @@ function(add_rust_library) +@@ -287,8 +287,8 @@ function(add_rust_library) if("${CMAKE_OSX_ARCHITECTURES}" MATCHES "^(arm64;x86_64|x86_64;arm64)$") add_custom_command( OUTPUT "${OUTPUT}" - COMMAND ${CMAKE_COMMAND} -E env "CARGO_CMD=build" "CARGO_TARGET_DIR=${ARGS_BINARY_DIRECTORY}" "MAINTAINER_MODE=${MAINTAINER_MODE}" "RUSTFLAGS=\"${RUSTFLAGS}\"" ${cargo_EXECUTABLE} ARGS ${MY_CARGO_ARGS} --target=x86_64-apple-darwin - COMMAND ${CMAKE_COMMAND} -E env "CARGO_CMD=build" "CARGO_TARGET_DIR=${ARGS_BINARY_DIRECTORY}" "MAINTAINER_MODE=${MAINTAINER_MODE}" "RUSTFLAGS=\"${RUSTFLAGS}\"" ${cargo_EXECUTABLE} ARGS ${MY_CARGO_ARGS} --target=aarch64-apple-darwin -+ COMMAND ${CMAKE_COMMAND} -E env "CARGO_CMD=build" "CARGO_TARGET_DIR=${ARGS_BINARY_DIRECTORY}" "MAINTAINER_MODE=${MAINTAINER_MODE}" "RUSTFLAGS=${RUSTFLAGS}" ${cargo_EXECUTABLE} ${MY_CARGO_ARGS} --target=x86_64-apple-darwin -+ COMMAND ${CMAKE_COMMAND} -E env "CARGO_CMD=build" "CARGO_TARGET_DIR=${ARGS_BINARY_DIRECTORY}" "MAINTAINER_MODE=${MAINTAINER_MODE}" "RUSTFLAGS=${RUSTFLAGS}" ${cargo_EXECUTABLE} ${MY_CARGO_ARGS} --target=aarch64-apple-darwin ++ COMMAND ${CMAKE_COMMAND} -E env "CARGO_CMD=build" "CARGO_TARGET_DIR=${ARGS_BINARY_DIRECTORY}" "MAINTAINER_MODE=${MAINTAINER_MODE}" "RUSTFLAGS=${RUSTFLAGS}" ${cargo_EXECUTABLE} ARGS ${MY_CARGO_ARGS} --target=x86_64-apple-darwin ++ COMMAND ${CMAKE_COMMAND} -E env "CARGO_CMD=build" "CARGO_TARGET_DIR=${ARGS_BINARY_DIRECTORY}" "MAINTAINER_MODE=${MAINTAINER_MODE}" "RUSTFLAGS=${RUSTFLAGS}" ${cargo_EXECUTABLE} ARGS ${MY_CARGO_ARGS} --target=aarch64-apple-darwin COMMAND ${CMAKE_COMMAND} -E make_directory "${ARGS_BINARY_DIRECTORY}/${RUST_COMPILER_TARGET}/${CARGO_BUILD_TYPE}" -- COMMAND lipo ARGS -create ${ARGS_BINARY_DIRECTORY}/x86_64-apple-darwin/${CARGO_BUILD_TYPE}/lib${ARGS_TARGET}.a ${ARGS_BINARY_DIRECTORY}/aarch64-apple-darwin/${CARGO_BUILD_TYPE}/lib${ARGS_TARGET}.a -output "${OUTPUT}" -+ COMMAND lipo -create ${ARGS_BINARY_DIRECTORY}/x86_64-apple-darwin/${CARGO_BUILD_TYPE}/lib${ARGS_TARGET}.a ${ARGS_BINARY_DIRECTORY}/aarch64-apple-darwin/${CARGO_BUILD_TYPE}/lib${ARGS_TARGET}.a -output "${OUTPUT}" + COMMAND lipo ARGS -create ${ARGS_BINARY_DIRECTORY}/x86_64-apple-darwin/${CARGO_BUILD_TYPE}/lib${ARGS_TARGET}.a ${ARGS_BINARY_DIRECTORY}/aarch64-apple-darwin/${CARGO_BUILD_TYPE}/lib${ARGS_TARGET}.a -output "${OUTPUT}" WORKING_DIRECTORY "${ARGS_SOURCE_DIRECTORY}" - DEPENDS ${LIB_SOURCES} - COMMENT "Building ${ARGS_TARGET} in ${ARGS_BINARY_DIRECTORY} with: ${cargo_EXECUTABLE} ${MY_CARGO_ARGS_STRING}") +@@ -312,7 +312,7 @@ function(add_rust_library) else() add_custom_command( OUTPUT "${OUTPUT}" @@ -33,7 +30,7 @@ index c9997486c..2b04adeb9 100644 WORKING_DIRECTORY "${ARGS_SOURCE_DIRECTORY}" DEPENDS ${LIB_SOURCES} COMMENT "Building ${ARGS_TARGET} in ${ARGS_BINARY_DIRECTORY} with: ${cargo_EXECUTABLE} ${MY_CARGO_ARGS_STRING}") -@@ -443,8 +443,6 @@ if(NOT "${RUST_COMPILER_TARGET}" MATCHES "^universal-apple-darwin$") +@@ -465,8 +465,6 @@ if(NOT "${RUST_COMPILER_TARGET}" MATCHES list(APPEND CARGO_ARGS "--target" ${RUST_COMPILER_TARGET}) endif() @@ -42,7 +39,7 @@ index c9997486c..2b04adeb9 100644 if(NOT CMAKE_BUILD_TYPE) set(CARGO_BUILD_TYPE "debug") elseif(${CMAKE_BUILD_TYPE} STREQUAL "Release" OR ${CMAKE_BUILD_TYPE} STREQUAL "MinSizeRel") -@@ -453,10 +451,11 @@ elseif(${CMAKE_BUILD_TYPE} STREQUAL "Release" OR ${CMAKE_BUILD_TYPE} STREQUAL "M +@@ -475,10 +473,11 @@ elseif(${CMAKE_BUILD_TYPE} STREQUAL "Rel elseif(${CMAKE_BUILD_TYPE} STREQUAL "RelWithDebInfo") set(CARGO_BUILD_TYPE "release") list(APPEND CARGO_ARGS "--release") diff --git a/clamav.spec b/clamav.spec index a6e6009..079fd5b 100644 --- a/clamav.spec +++ b/clamav.spec @@ -25,8 +25,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 1.0.1 -Release: 5%{?dist} +Version: 1.0.2 +Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -50,7 +50,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26825.cvd +Source11: daily-26894.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-334.cvd #for update @@ -250,20 +250,20 @@ This package contains files which are needed to run the clamav-milter. %prep %setup -q -n %{name}-%{version}%{?prerelease} -sed -i -e 's/cbindgen = "0.20"/cbindgen = "0.24"/' libclamav_rust/Cargo.toml +sed -i -e 's/cbindgen = "0.20"/cbindgen = "0.24"/' -e '/^bindgen *=/s/= .*/= "0.63"/' libclamav_rust/Cargo.toml %cargo_prep cd libclamav_rust rm -r .cargo %cargo_prep cd .. -%patch0 -p1 -b .rustflags -%patch1 -p1 -b .default_confs -%patch2 -p1 -b .private -%patch3 -p1 -b .rpath -%patch5 -p1 -b .clamonacc-service -%patch6 -p1 -b .freshclam-service -%patch7 -p1 -b .big-endian +%patch -P0 -p1 -b .rustflags +%patch -P1 -p1 -b .default_confs +%patch -P2 -p1 -b .private +%patch -P3 -p1 -b .rpath +%patch -P5 -p1 -b .clamonacc-service +%patch -P6 -p1 -b .freshclam-service +%patch -P7 -p1 -b .big-endian install -p -m0644 %{SOURCE300} clamav-milter/ @@ -568,6 +568,9 @@ exit 0 %changelog +* Fri Aug 18 2023 Orion Poplawski - 1.0.2-1 +- Update to 1.0.2 CVE-2023-20197 (bz#2232508) + * Wed Jul 19 2023 Fedora Release Engineering - 1.0.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild diff --git a/sources b/sources index 7873f19..c8583de 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-1.0.1-norar.tar.xz) = 676ca18c79449a93169653c52793a0beac81238110750f89506542eecb99db6e1a07274f74651a001f169204d2972bbdc721a5a14af08e2601d9ee937282c7ce +SHA512 (clamav-1.0.2-norar.tar.xz) = a97cf85db5abd1d29b6fd6c795660d832e220b4784f30c436d276306742591ea0752120ebe76dfdf3746f629284ffd9c357f613f9af531bbf28d834dad8e0370 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-26825.cvd) = eccca2dfc2d92daa3b75080ad593b0d60ae3b2dff3e7446f349e733eb6969d0f90c19db7fbbc6029d51c52262bf90b19ca81e97b710497da608269db28d2992a +SHA512 (daily-26894.cvd) = 947f4172f2c9eaa13f29487e966e7d4793f861c0f135290589d2ca8ede5a9724146ef50eced817d2eda722a8bb0d01bd8c303a448678a0a894ca92b7535f8245 SHA512 (bytecode-334.cvd) = 83478af4e097b4b3fe136c943d3dd018f3e678c6859873dc1aef527db40a018b77439be2113ac251dfb797074ef8c201336570c3fe03c7ac507d5b94ab6d61c9 diff --git a/update_clamav.sh b/update_clamav.sh index 465c1d1..3507e2f 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,4 +1,4 @@ -VERSION=1.0.1 +VERSION=1.0.2 REPOS="n" if [ -z "$1" ] From bf3e6453057dd059677548c4da3276c198078cae Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 17 Aug 2023 22:08:45 -0600 Subject: [PATCH 44/72] update_clamav.sh: Set REPOS to "f39 f38 epel9" --- update_clamav.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/update_clamav.sh b/update_clamav.sh index 3507e2f..ac7d84b 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,5 +1,5 @@ VERSION=1.0.2 -REPOS="n" +REPOS="f39 f38 epel9" if [ -z "$1" ] then From 93828a0ff0d05ce91baadcd192a6c44b285dda21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Fri, 1 Sep 2023 15:42:53 +0100 Subject: [PATCH 45/72] update update_clamav.sh --- update_clamav.sh | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/update_clamav.sh b/update_clamav.sh index ac7d84b..ef350b0 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -14,8 +14,8 @@ TARBALL=${NAME}-${VERSION}.tar.gz echo "Usage: $0 stage" echo "stage 0: prepare sources" -echo "stage 1: get cvd (not working at all) the donwload needs to be done manually" -echo "stage 2: upload sources and ask for scratch build" +echo "stage 1: get cvd using cvdupdate https://pypi.org/project/cvdupdate/" +echo "stage 2: ask for scratch build and upload sources" echo "stage 3: push and build on rawhide" echo "stage 4: build on others branches" echo "" @@ -23,12 +23,15 @@ echo "" if test $stage -le 0 then echo STAGE 0 -echo Press enter to prepare sources or n to skip ; read dummy; +echo Press enter to prepare sources and bump version or n to skip ; read dummy; if [[ "$dummy" != "n" ]]; then wget -c https://www.clamav.net/downloads/production/${TARBALL} wget -c https://www.clamav.net/downloads/production/${TARBALL}.sig gpg --verify ${TARBALL}.sig ${TARBALL} zcat ${TARBALL} | tar --delete -f - '*/libclamunrar/*' | xz -c > ${TARBALL_CLEAN} +git checkout rawhide +git pull +rpmdev-bumpspec -n $VERSION -c "Update to $VERSION" clamav.spec fi fi @@ -64,8 +67,6 @@ fi if test $stage -le 2 then echo STAGE 2 -rpmdev-bumpspec -n $VERSION -c "Update to $VERSION" clamav.spec -echo fedpkg new-sources ${TARBALL_CLEAN} $main_ver $daily_ver $bytecode_ver echo Press enter scratch-build or n to skip ; read dummy; if [[ "$dummy" != "n" ]]; then #fkinit -u sergiomb @@ -73,6 +74,7 @@ fedpkg scratch-build --srpm fi echo Press enter to upload sources and commit or n to skip; read dummy; if [[ "$dummy" != "n" ]]; then +echo fedpkg new-sources ${TARBALL_CLEAN} $main_ver $daily_ver $bytecode_ver fedpkg new-sources ${TARBALL_CLEAN} $(spectool -l clamav.spec | grep -P "Source10|Source11|Source12" | sed 's/.* //') fedpkg ci -c && git show fi From 2bb25f29506175802ab63be4c57bfee1a4a8262b Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 29 Oct 2023 10:16:59 -0600 Subject: [PATCH 46/72] Update to 1.0.4 Remove docs again from main package (bz#2230512) --- clamav.spec | 13 ++++++++----- update_clamav.sh | 2 +- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/clamav.spec b/clamav.spec index 079fd5b..52d0c95 100644 --- a/clamav.spec +++ b/clamav.spec @@ -25,7 +25,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 1.0.2 +Version: 1.0.4 Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ @@ -50,7 +50,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-26894.cvd +Source11: daily-27075.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-334.cvd #for update @@ -250,7 +250,7 @@ This package contains files which are needed to run the clamav-milter. %prep %setup -q -n %{name}-%{version}%{?prerelease} -sed -i -e 's/cbindgen = "0.20"/cbindgen = "0.24"/' -e '/^bindgen *=/s/= .*/= "0.63"/' libclamav_rust/Cargo.toml +sed -i -e '/cbindgen/s/version = *"0.20"/version = "0.24"/' -e '/^bindgen *=/s/= .*/= "0.63"/' libclamav_rust/Cargo.toml %cargo_prep cd libclamav_rust rm -r .cargo @@ -495,7 +495,6 @@ exit 0 %{_unitdir}/clamonacc.service %{_unitdir}/clamav-clamonacc.service %attr(0750,root,root) %dir %{quarantinedir} -%{_pkgdocdir}/html/ %files lib @@ -530,7 +529,7 @@ exit 0 %files doc %license COPYING -%doc docs/html +%{_pkgdocdir}/html/ %files freshclam @@ -568,6 +567,10 @@ exit 0 %changelog +* Sun Oct 29 2023 Orion Poplawski - 1.0.4-1 +- Update to 1.0.4 +- Remove docs again from main package (bz#2230512) + * Fri Aug 18 2023 Orion Poplawski - 1.0.2-1 - Update to 1.0.2 CVE-2023-20197 (bz#2232508) diff --git a/update_clamav.sh b/update_clamav.sh index ef350b0..a0449ed 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,4 +1,4 @@ -VERSION=1.0.2 +VERSION=1.0.4 REPOS="f39 f38 epel9" if [ -z "$1" ] From 66252cf620391bb82b7f2aaf363b6ddd19ce53e1 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 29 Oct 2023 10:46:28 -0600 Subject: [PATCH 47/72] Upload sources --- sources | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sources b/sources index c8583de..a7e96f4 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-1.0.2-norar.tar.xz) = a97cf85db5abd1d29b6fd6c795660d832e220b4784f30c436d276306742591ea0752120ebe76dfdf3746f629284ffd9c357f613f9af531bbf28d834dad8e0370 +SHA512 (clamav-1.0.4-norar.tar.xz) = ca037a8fe97ac3827eafae2d30cf08bde9832f306720f1eea0db63518fd45bfb40a4229f697c72f53ce97b711246c1873851aa8aca71045afc7df7f57c12b5c6 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-26894.cvd) = 947f4172f2c9eaa13f29487e966e7d4793f861c0f135290589d2ca8ede5a9724146ef50eced817d2eda722a8bb0d01bd8c303a448678a0a894ca92b7535f8245 +SHA512 (daily-27075.cvd) = 4cc826f58a45ceb28faba4bf7dd9f8c5ec47f5c0467e73c70d76f415ba3e36cb8585c8924fad59e8818a6e33499744e04378adc27abcca018d2b5ece4cd6a52f SHA512 (bytecode-334.cvd) = 83478af4e097b4b3fe136c943d3dd018f3e678c6859873dc1aef527db40a018b77439be2113ac251dfb797074ef8c201336570c3fe03c7ac507d5b94ab6d61c9 From d209d2e8a85772d82d24841b75cd7eb457916eee Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 19 Jan 2024 15:30:20 +0000 Subject: [PATCH 48/72] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- clamav.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 52d0c95..445cb98 100644 --- a/clamav.spec +++ b/clamav.spec @@ -26,7 +26,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.4 -Release: 1%{?dist} +Release: 2%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -567,6 +567,9 @@ exit 0 %changelog +* Fri Jan 19 2024 Fedora Release Engineering - 1.0.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Sun Oct 29 2023 Orion Poplawski - 1.0.4-1 - Update to 1.0.4 - Remove docs again from main package (bz#2230512) From 055f76dfd07db9713900512167eacb12ba5412f0 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Tue, 23 Jan 2024 01:42:21 +0000 Subject: [PATCH 49/72] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- clamav.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 445cb98..0196ec7 100644 --- a/clamav.spec +++ b/clamav.spec @@ -26,7 +26,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.4 -Release: 2%{?dist} +Release: 3%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -567,6 +567,9 @@ exit 0 %changelog +* Tue Jan 23 2024 Fedora Release Engineering - 1.0.4-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Fri Jan 19 2024 Fedora Release Engineering - 1.0.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild From 0b074bba3e90356d4207b892940567e8d6619538 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 8 Feb 2024 08:30:27 -0700 Subject: [PATCH 50/72] Update to 1.0.5 --- clamav.spec | 9 ++++++--- sources | 4 ++-- update_clamav.sh | 2 +- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/clamav.spec b/clamav.spec index 0196ec7..ed74b0d 100644 --- a/clamav.spec +++ b/clamav.spec @@ -25,8 +25,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 1.0.4 -Release: 3%{?dist} +Version: 1.0.5 +Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -50,7 +50,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-27075.cvd +Source11: daily-27179.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-334.cvd #for update @@ -567,6 +567,9 @@ exit 0 %changelog +* Thu Feb 08 2024 Orion Poplawski - 1.0.5-1 +- Update to 1.0.5 + * Tue Jan 23 2024 Fedora Release Engineering - 1.0.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild diff --git a/sources b/sources index a7e96f4..739ff94 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-1.0.4-norar.tar.xz) = ca037a8fe97ac3827eafae2d30cf08bde9832f306720f1eea0db63518fd45bfb40a4229f697c72f53ce97b711246c1873851aa8aca71045afc7df7f57c12b5c6 +SHA512 (clamav-1.0.5-norar.tar.xz) = 648ac1b1f6631ac018d4535533d063a714ea7a2fc48e3ff78b016ae4580c1ee19c9e99fec3e529c66cd4730b058e1ebb2d70b9ab6fa43f2decddc60613d72346 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-27075.cvd) = 4cc826f58a45ceb28faba4bf7dd9f8c5ec47f5c0467e73c70d76f415ba3e36cb8585c8924fad59e8818a6e33499744e04378adc27abcca018d2b5ece4cd6a52f +SHA512 (daily-27179.cvd) = 5612fafabc03c8ccb91bfd17e787601d976f4eb26505aa03f118beac10a49152c28c02df21336caf8a7d83b56637ed9436dbfc9a49e71409f637ec5de30fb506 SHA512 (bytecode-334.cvd) = 83478af4e097b4b3fe136c943d3dd018f3e678c6859873dc1aef527db40a018b77439be2113ac251dfb797074ef8c201336570c3fe03c7ac507d5b94ab6d61c9 diff --git a/update_clamav.sh b/update_clamav.sh index a0449ed..3efdd7a 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,4 +1,4 @@ -VERSION=1.0.4 +VERSION=1.0.5 REPOS="f39 f38 epel9" if [ -z "$1" ] From d4684fb4895cb471216fd19fb72031b2ccbd7d0e Mon Sep 17 00:00:00 2001 From: David Abdurachmanov Date: Mon, 8 Jan 2024 11:21:57 +0200 Subject: [PATCH 51/72] Properly check valgrind arches Signed-off-by: David Abdurachmanov --- clamav.spec | 2 ++ 1 file changed, 2 insertions(+) diff --git a/clamav.spec b/clamav.spec index ed74b0d..ddb7b21 100644 --- a/clamav.spec +++ b/clamav.spec @@ -120,7 +120,9 @@ BuildRequires: systemd-devel BuildRequires: systemd-rpm-macros #for milter BuildRequires: sendmail-devel +%ifarch %{valgrind_arches} BuildRequires: valgrind +%endif Requires: clamav-filesystem = %{version}-%{release} Requires: clamav-lib = %{version}-%{release} From 4f210122c96f88480f3ef033f458eccb9df5214b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Tue, 5 Mar 2024 14:34:20 +0000 Subject: [PATCH 52/72] set nullblog to fix post script (#2253914) Bug 2253914 - clamav-data post script fails when no files found --- clamav.spec | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index ddb7b21..2a2a3d0 100644 --- a/clamav.spec +++ b/clamav.spec @@ -26,7 +26,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.5 -Release: 1%{?dist} +Release: 2%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -404,6 +404,8 @@ rm %{buildroot}%{_unitdir}/clamav-daemon.* %post data +# nullglob. If set, Bash allows filename patterns which match no files to expand to a null string, rather than themselves +shopt -s nullglob # Let newer .cld files take precedence over the shipped .cvd files for f in %{homedir}/*.cld do @@ -569,6 +571,10 @@ exit 0 %changelog +* Tue Mar 05 2024 Sérgio Basto - 1.0.5-2 +- set nullblog to fix post script (#2253914) +- Properly check valgrind arches + * Thu Feb 08 2024 Orion Poplawski - 1.0.5-1 - Update to 1.0.5 From 9c11689c6b720f8afd4d4511236ddfb68c3e088a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Sat, 16 Mar 2024 16:33:17 +0000 Subject: [PATCH 53/72] (#1679375) fixes syntax error in /etc/logrotate.d/clamd.exim --- clamav.spec | 5 ++++- clamd.logrotate | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/clamav.spec b/clamav.spec index 937d141..5399c0f 100644 --- a/clamav.spec +++ b/clamav.spec @@ -26,7 +26,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.5 -Release: 2%{?dist} +Release: 3%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -571,6 +571,9 @@ exit 0 %changelog +* Sat Mar 16 2024 Sérgio Basto - 1.0.5-3 +- (#1679375) fixes syntax error in /etc/logrotate.d/clamd.exim + * Tue Mar 05 2024 Sérgio Basto - 1.0.5-2 - set nullblog to fix post script (#2253914) - Properly check valgrind arches diff --git a/clamd.logrotate b/clamd.logrotate index 45dc48d..dde4e44 100644 --- a/clamd.logrotate +++ b/clamd.logrotate @@ -4,6 +4,6 @@ missingok postrotate - pkill -u -HUP -f '/usr/sbin/clamd -c /etc/clamd.d/.conf >/dev/null 2>&1 || : + pkill -u -HUP -f "/usr/sbin/clamd -c /etc/clamd.d/.conf" >/dev/null 2>&1 || : endscript } From 3d80a69b4f1c745a58d75a13334af118552d6ed3 Mon Sep 17 00:00:00 2001 From: John Sullivan Date: Thu, 4 Apr 2024 15:25:58 -0400 Subject: [PATCH 54/72] Simplify and update EL7 and EL8 support. --- clamav.spec | 43 ++++++++++++++++++++++++++++++++++++++----- 1 file changed, 38 insertions(+), 5 deletions(-) diff --git a/clamav.spec b/clamav.spec index 5399c0f..d38ba80 100644 --- a/clamav.spec +++ b/clamav.spec @@ -26,7 +26,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.5 -Release: 3%{?dist} +Release: 4%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -81,12 +81,27 @@ Patch6: clamav-freshclam.service.patch # Debian patch to fix big-endian Patch7: https://salsa.debian.org/clamav-team/clamav/-/raw/unstable/debian/patches/libclamav-pe-Use-endian-wrapper-in-more-places.patch -BuildRequires: cmake +BuildRequires: cmake3 BuildRequires: gettext-devel BuildRequires: make BuildRequires: gcc-c++ BuildRequires: rust +%if 0%{?fedora} || 0%{?rhel} >= 9 BuildRequires: rust-packaging +%else +# Undefining the appropriate __cmake*_in_source_build macro causes the +# build to use a separate build path, so the build does not output to +# the source path. This separate build path is the default behavior +# for >=EL9 and fedora. +%if 0%{?rhel} == 8 +# EL8 defines cmake_in_source_build +%undefine __cmake_in_source_build +%else +# EL7 defines cmake3_in_source_build +%undefine __cmake3_in_source_build +%endif +BuildRequires: rust-toolset +%endif BuildRequires: cargo BuildRequires: bzip2-devel BuildRequires: check-devel @@ -201,7 +216,9 @@ This package contains the documentation for clamav. Summary: Auto-updater for the Clam Antivirus scanner data-files Requires: clamav-filesystem = %{version}-%{release} Requires: clamav-lib = %{version}-%{release} +%if 0%{?fedora} || 0%{?rhel} >= 8 Supplements:clamd +%endif Provides: data(clamav) = empty Provides: clamav-data-empty = %{version}-%{release} Obsoletes: clamav-data-empty < %{version}-%{release} @@ -252,12 +269,17 @@ This package contains files which are needed to run the clamav-milter. %prep %setup -q -n %{name}-%{version}%{?prerelease} +%if 0%{?fedora} || 0%{?rhel} >= 9 +# EL8 and earlier do not have the Rust cargo dependencies that are +# defined by the generate_buildrequires stage in EL9 and later, so the +# vendored packages included in the ClamAV sources suffice. sed -i -e '/cbindgen/s/version = *"0.20"/version = "0.24"/' -e '/^bindgen *=/s/= .*/= "0.63"/' libclamav_rust/Cargo.toml %cargo_prep cd libclamav_rust rm -r .cargo %cargo_prep cd .. +%endif %patch -P0 -p1 -b .rustflags %patch -P1 -p1 -b .default_confs @@ -273,9 +295,13 @@ mkdir -p libclamunrar{,_iface} %{!?with_unrar:touch libclamunrar/{Makefile.in,all,install}} +%if 0%{?fedora} || 0%{?rhel} >= 9 %generate_buildrequires +# The generate_buildrequires stage doesn't exist prior to EL9, so this +# section is conditionally removed in these build environments. cd libclamav_rust %cargo_generate_buildrequires +%endif %build @@ -284,8 +310,12 @@ export LDFLAGS=$(echo %{?__global_ldflags} | sed '/-Wl,--as-needed/!s/$/ -Wl,--a # IPv6 check is buggy and does not work when there are no IPv6 interface on build machine export have_cv_ipv6=yes -%cmake \ +%cmake3 \ +%if 0%{?fedora} || 0%{?rhel} >= 9 -DRUSTFLAGS="%build_rustflags" \ +%else + -DRUSTFLAGS="%__global_rustflags" \ +%endif -DAPP_CONFIG_DIRECTORY=%{_sysconfdir} \ -DCMAKE_INSTALL_DOCDIR=%{_pkgdocdir} \ -DCLAMAV_USER=%{updateuser} -DCLAMAV_GROUP=%{updateuser} \ @@ -296,12 +326,12 @@ export have_cv_ipv6=yes # TODO: check periodically that CLAMAVUSER is used for freshclam only -%cmake_build +%cmake3_build %install rm -rf _doc* -%cmake_install +%cmake3_install install -d -m 0755 \ %{buildroot}%{_tmpfilesdir} \ @@ -571,6 +601,9 @@ exit 0 %changelog +* Thu Apr 04 2024 John Sullivan - 1.0.5-4 +- Update EPEL 7 and 8 support for 1.0.5 + * Sat Mar 16 2024 Sérgio Basto - 1.0.5-3 - (#1679375) fixes syntax error in /etc/logrotate.d/clamd.exim From cecfc6c28733b2bfe337f8d7a752e028a9d5a338 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Mon, 8 Apr 2024 01:06:38 +0100 Subject: [PATCH 55/72] Update clamav-data and README.fedora.md --- README.fedora => README.fedora.md | 3 +++ clamav.spec | 13 ++++++++----- sources | 4 ++-- update_clamav.sh | 22 +--------------------- update_clamav_data.sh | 20 ++++++++++++++++++++ 5 files changed, 34 insertions(+), 28 deletions(-) rename README.fedora => README.fedora.md (98%) create mode 100755 update_clamav_data.sh diff --git a/README.fedora b/README.fedora.md similarity index 98% rename from README.fedora rename to README.fedora.md index dd9cfe5..f9b558e 100644 --- a/README.fedora +++ b/README.fedora.md @@ -1,3 +1,6 @@ +# README.Fedora.md for clamav-milter + + Please note for Fedora and EPEL 7+ we use only systemd. A clamav-milter setup consists of the following three components: diff --git a/clamav.spec b/clamav.spec index d38ba80..46b35eb 100644 --- a/clamav.spec +++ b/clamav.spec @@ -26,7 +26,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.5 -Release: 4%{?dist} +Release: 5%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -50,16 +50,16 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-27179.cvd +Source11: daily-27238.cvd #http://database.clamav.net/bytecode.cvd -Source12: bytecode-334.cvd +Source12: bytecode-335.cvd #for update Source200: freshclam-sleep Source201: freshclam.sysconfig Source202: clamav-update.crond Source203: clamav-update.logrotate #for milter -Source300: README.fedora +Source300: README.fedora.md #for clamav-milter.systemd Source330: clamav-milter.systemd #for scanner-systemd/server-systemd @@ -591,7 +591,7 @@ exit 0 %files milter -%doc clamav-milter/README.fedora +%doc clamav-milter/README.fedora.md %{_sbindir}/*milter* %{_unitdir}/clamav-milter.service %{_mandir}/man8/clamav-milter* @@ -601,6 +601,9 @@ exit 0 %changelog +* Mon Apr 08 2024 Sérgio Basto - 1.0.5-5 +- Update clamav-data and README.fedora.md + * Thu Apr 04 2024 John Sullivan - 1.0.5-4 - Update EPEL 7 and 8 support for 1.0.5 diff --git a/sources b/sources index 739ff94..55cfaca 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ SHA512 (clamav-1.0.5-norar.tar.xz) = 648ac1b1f6631ac018d4535533d063a714ea7a2fc48e3ff78b016ae4580c1ee19c9e99fec3e529c66cd4730b058e1ebb2d70b9ab6fa43f2decddc60613d72346 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-27179.cvd) = 5612fafabc03c8ccb91bfd17e787601d976f4eb26505aa03f118beac10a49152c28c02df21336caf8a7d83b56637ed9436dbfc9a49e71409f637ec5de30fb506 -SHA512 (bytecode-334.cvd) = 83478af4e097b4b3fe136c943d3dd018f3e678c6859873dc1aef527db40a018b77439be2113ac251dfb797074ef8c201336570c3fe03c7ac507d5b94ab6d61c9 +SHA512 (daily-27238.cvd) = f17ecc5561b66b4965c35114c69173a186a1f09db4eb0c15149e7f37e9591e89ca5147a906cc3e3238c6a14a53e615c3cc41ed8386cd559972329f88fa6009e8 +SHA512 (bytecode-335.cvd) = 9177c0533658b21584de0623ff9b7c70b2ec92ce9f6fecf98a881902c98025930430415715e9914ce7c0c6fb91aad532b4c907677c3010a0da47583b7ad24d4f diff --git a/update_clamav.sh b/update_clamav.sh index 3efdd7a..fdb38e9 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -35,32 +35,12 @@ rpmdev-bumpspec -n $VERSION -c "Update to $VERSION" clamav.spec fi fi -#python3 -m pip install --user cvdupdate -#python -m cvdupdate.cvdupdate --help -cvd config set --dbdir my_dbs -cvdupdate list -cvdupdate update -pushd my_dbs -main_ver=$(file main.cvd | sed -e 's/.*version /main-/;s/,.*/.cvd/') -daily_ver=$(file daily.cvd | sed -e 's/.*version /daily-/;s/,.*/.cvd/') -bytecode_ver=$(file bytecode.cvd | sed -e 's/.*version /bytecode-/;s/,.*/.cvd/') -popd - if test $stage -le 1 then echo STAGE 1 echo Press enter convert cvd into spec or n to skip ; read dummy; if [[ "$dummy" != "n" ]]; then - -pushd my_dbs -cp -f main.cvd ../$main_ver -cp -f daily.cvd ../$daily_ver -cp -f bytecode.cvd ../$bytecode_ver -popd - -sed -i "s|^Source10: .*|Source10: $main_ver|" clamav.spec -sed -i "s|^Source11: .*|Source11: $daily_ver|" clamav.spec -sed -i "s|^Source12: .*|Source12: $bytecode_ver|" clamav.spec +./update_clamav_data.sh fi fi diff --git a/update_clamav_data.sh b/update_clamav_data.sh new file mode 100755 index 0000000..94734df --- /dev/null +++ b/update_clamav_data.sh @@ -0,0 +1,20 @@ +# dnf install python3-cvdupdate +# python -m cvdupdate.cvdupdate --help +cvd config set --dbdir my_dbs +cvdupdate list +cvdupdate update +pushd my_dbs +main_ver=$(file main.cvd | sed -e 's/.*version /main-/;s/,.*/.cvd/') +daily_ver=$(file daily.cvd | sed -e 's/.*version /daily-/;s/,.*/.cvd/') +bytecode_ver=$(file bytecode.cvd | sed -e 's/.*version /bytecode-/;s/,.*/.cvd/') +popd + +pushd my_dbs +cp -f main.cvd ../$main_ver +cp -f daily.cvd ../$daily_ver +cp -f bytecode.cvd ../$bytecode_ver +popd + +sed -i "s|^Source10: .*|Source10: $main_ver|" clamav.spec +sed -i "s|^Source11: .*|Source11: $daily_ver|" clamav.spec +sed -i "s|^Source12: .*|Source12: $bytecode_ver|" clamav.spec From 6d066263afc2c2b68e171b49228474cb758438f5 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 25 Apr 2024 19:50:33 -0600 Subject: [PATCH 56/72] Update to 1.0.6 --- clamav.spec | 9 ++++++--- sources | 4 ++-- update_clamav.sh | 2 +- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/clamav.spec b/clamav.spec index 46b35eb..b3516e2 100644 --- a/clamav.spec +++ b/clamav.spec @@ -25,8 +25,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 1.0.5 -Release: 5%{?dist} +Version: 1.0.6 +Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -50,7 +50,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-27238.cvd +Source11: daily-27256.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-335.cvd #for update @@ -601,6 +601,9 @@ exit 0 %changelog +* Fri Apr 26 2024 Orion Poplawski - 1.0.6-1 +- Update to 1.0.6 + * Mon Apr 08 2024 Sérgio Basto - 1.0.5-5 - Update clamav-data and README.fedora.md diff --git a/sources b/sources index 55cfaca..f6df7a4 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-1.0.5-norar.tar.xz) = 648ac1b1f6631ac018d4535533d063a714ea7a2fc48e3ff78b016ae4580c1ee19c9e99fec3e529c66cd4730b058e1ebb2d70b9ab6fa43f2decddc60613d72346 +SHA512 (clamav-1.0.6-norar.tar.xz) = 8e056ec657f379a5de3cd62dfb90dfc9bac5814497ee8e917484b4203f04d5765b23691415b11eafbd084d1e55c6c864b7424e82a760993765194360d0acb609 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-27238.cvd) = f17ecc5561b66b4965c35114c69173a186a1f09db4eb0c15149e7f37e9591e89ca5147a906cc3e3238c6a14a53e615c3cc41ed8386cd559972329f88fa6009e8 +SHA512 (daily-27256.cvd) = cafb9ee0228662b512614d75f8d13585ce55ffb3aafca809cca247adf5e8bb21f39c2beb29ca6030b7a4df3e0ece835601396fe26c40564f6bc5e9b693b4b700 SHA512 (bytecode-335.cvd) = 9177c0533658b21584de0623ff9b7c70b2ec92ce9f6fecf98a881902c98025930430415715e9914ce7c0c6fb91aad532b4c907677c3010a0da47583b7ad24d4f diff --git a/update_clamav.sh b/update_clamav.sh index fdb38e9..5db18e9 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,4 +1,4 @@ -VERSION=1.0.5 +VERSION=1.0.6 REPOS="f39 f38 epel9" if [ -z "$1" ] From 2579c554443d02bdc1f0e1f3950caf3879ec57bf Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 25 Apr 2024 19:56:41 -0600 Subject: [PATCH 57/72] Add f40 to upddate_clamav.sh --- update_clamav.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/update_clamav.sh b/update_clamav.sh index 5db18e9..2c34016 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,5 +1,5 @@ VERSION=1.0.6 -REPOS="f39 f38 epel9" +REPOS="f40 f39 f38 epel9" if [ -z "$1" ] then From ed952d57571c04f71a39c1fc47f89a877751d010 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Mon, 29 Apr 2024 22:12:08 +0100 Subject: [PATCH 58/72] README.fedora.md little better markdown --- README.fedora.md | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/README.fedora.md b/README.fedora.md index f9b558e..aa2a988 100644 --- a/README.fedora.md +++ b/README.fedora.md @@ -1,25 +1,25 @@ -# README.Fedora.md for clamav-milter +## README.fedora.md (mainly clamav-milter) Please note for Fedora and EPEL 7+ we use only systemd. A clamav-milter setup consists of the following three components: -* the clamav-milter itself +### The clamav-milter itself The main configuration is in /etc/mail/clamav-milter.conf and MUST be changed before first use. This can be enabled with: 'systemctl enable clamav-milter.service' -* a clamav scanner daemon +### A clamav scanner daemon The daemon is configured by /etc/clamd.d/scan.conf (which MUST be edited before first use). This can be enabled with: 'systemctl enable clamd@scan.service' -* the MTA (sendmail/postfix) +### The MTA (sendmail/postfix) --> you should know how to install this... @@ -31,13 +31,12 @@ A clamav-milter setup consists of the following three components: to your sendmail.mc. -* Changing permissions of directory /var/lib/clamav - Whenever ClamAV is upgraded by dnf, the permissions for the /var/lib/clamav directory change to user clamupdate - If for some reason you need DatabaseOwner be another user, you may copy /usr/lib/systemd/system/clamav-freshclam.service to /etc/systemd/system/ - and add ExecStartPre=+/usr/bin/chown youruser:yourgroup /var/lib/clamav and updates won't break your configuration ... - Please add comments to https://bugzilla.redhat.com/show_bug.cgi?id=2023371 if not work for you or if you have any suggestion. - Note: =+ on systemd.service (man 5 systemd.service, Special executable prefixes) - If the executable path is prefixed with "+" then the process is executed with full privileges. +### Changing permissions of directory /var/lib/clamav + + - Whenever ClamAV is upgraded by dnf, the permissions for the /var/lib/clamav directory change to user clamupdate + - If for some reason you need DatabaseOwner be another user, you may copy /usr/lib/systemd/system/clamav-freshclam.service to /etc/systemd/system/ and add ExecStartPre=+/usr/bin/chown youruser:yourgroup /var/lib/clamav and updates won't break your configuration ... + - Please add comments to https://bugzilla.redhat.com/show_bug.cgi?id=2023371 if not work for you or if you have any suggestion. + - Note: =+ on systemd.service (man 5 systemd.service, Special executable prefixes) If the executable path is prefixed with "+" then the process is executed with full privileges. EXAMPLE From 402dd5bd6adb527db5e3547a56f0c103e5b753ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Thu, 30 May 2024 00:19:31 +0100 Subject: [PATCH 59/72] sync with epel8 --- clamav.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index b3516e2..c1f0e57 100644 --- a/clamav.spec +++ b/clamav.spec @@ -311,7 +311,7 @@ export LDFLAGS=$(echo %{?__global_ldflags} | sed '/-Wl,--as-needed/!s/$/ -Wl,--a export have_cv_ipv6=yes %cmake3 \ -%if 0%{?fedora} || 0%{?rhel} >= 9 +%if 0%{?fedora} || 0%{?rhel} >= 8 -DRUSTFLAGS="%build_rustflags" \ %else -DRUSTFLAGS="%__global_rustflags" \ From dce2cc5dba9860776d8d6762ca5cf44a6d4058cf Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 17 Jul 2024 19:22:16 +0000 Subject: [PATCH 60/72] Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild --- clamav.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index c1f0e57..f85e1ed 100644 --- a/clamav.spec +++ b/clamav.spec @@ -26,7 +26,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.6 -Release: 1%{?dist} +Release: 2%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -601,6 +601,9 @@ exit 0 %changelog +* Wed Jul 17 2024 Fedora Release Engineering - 1.0.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + * Fri Apr 26 2024 Orion Poplawski - 1.0.6-1 - Update to 1.0.6 From 31ffda4efe163ccd526e00017fd608ab5734d871 Mon Sep 17 00:00:00 2001 From: Yaakov Selkowitz Date: Wed, 4 Sep 2024 22:09:10 -0400 Subject: [PATCH 61/72] Update to 1.0.7 libprelude has been retired from F41. --- clamav.spec | 11 ++++++++--- sources | 4 ++-- update_clamav.sh | 4 ++-- 3 files changed, 12 insertions(+), 7 deletions(-) diff --git a/clamav.spec b/clamav.spec index f85e1ed..85e9049 100644 --- a/clamav.spec +++ b/clamav.spec @@ -25,8 +25,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 1.0.6 -Release: 2%{?dist} +Version: 1.0.7 +Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -50,7 +50,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-27256.cvd +Source11: daily-27388.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-335.cvd #for update @@ -109,10 +109,12 @@ BuildRequires: curl-devel BuildRequires: git-core BuildRequires: gmp-devel BuildRequires: json-c-devel +%if ! (0%{?fedora} > 40 || 0%{?rhel} > 9) BuildRequires: libprelude-devel # libprelude-config --libs brings in gnutls, pcre # https://bugzilla.redhat.com/show_bug.cgi?id=1830473 BuildRequires: gnutls-devel +%endif BuildRequires: libxml2-devel BuildRequires: ncurses-devel BuildRequires: openssl-devel @@ -601,6 +603,9 @@ exit 0 %changelog +* Thu Sep 05 2024 Yaakov Selkowitz - 1.0.7-1 +- Update to 1.0.7 + * Wed Jul 17 2024 Fedora Release Engineering - 1.0.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild diff --git a/sources b/sources index f6df7a4..249eb7f 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-1.0.6-norar.tar.xz) = 8e056ec657f379a5de3cd62dfb90dfc9bac5814497ee8e917484b4203f04d5765b23691415b11eafbd084d1e55c6c864b7424e82a760993765194360d0acb609 +SHA512 (clamav-1.0.7-norar.tar.xz) = c8563a927005cc3782e7c43e95d40324e5254501b94ce5f4a8526abd2e5455a84d060f9e7199879706b551f3bb64209e5935e6899846cfec6c271de4917bed97 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-27256.cvd) = cafb9ee0228662b512614d75f8d13585ce55ffb3aafca809cca247adf5e8bb21f39c2beb29ca6030b7a4df3e0ece835601396fe26c40564f6bc5e9b693b4b700 +SHA512 (daily-27388.cvd) = ff8f3fd3386e41c288de5aec00de937807ad4e7b2d93533b7e254d2068b943b8b7310471af0dbe7e7e639668d73ff447c59038e56882bc7e1911c6dd28c1970d SHA512 (bytecode-335.cvd) = 9177c0533658b21584de0623ff9b7c70b2ec92ce9f6fecf98a881902c98025930430415715e9914ce7c0c6fb91aad532b4c907677c3010a0da47583b7ad24d4f diff --git a/update_clamav.sh b/update_clamav.sh index 2c34016..c3dd9c8 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,5 +1,5 @@ -VERSION=1.0.6 -REPOS="f40 f39 f38 epel9" +VERSION=1.0.7 +REPOS="f41 f40 f39 epel9" if [ -z "$1" ] then From b782f49f670260f025715baedf58fc280ec2cd80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miroslav=20Such=C3=BD?= Date: Sat, 7 Sep 2024 19:37:42 +0000 Subject: [PATCH 62/72] Migrate to SPDX license This is part of https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_4 If there will be no comments in two weeks, I will merge this. --- clamav.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 85e9049..5d285d6 100644 --- a/clamav.spec +++ b/clamav.spec @@ -27,7 +27,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.7 Release: 1%{?dist} -License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} +License: %{?with_unrar:proprietary}%{!?with_unrar:GPL-2.0-only} URL: https://www.clamav.net/ %if %{with unrar} Source0: https://www.clamav.net/downloads/production/%{name}-%{version}%{?prerelease}.tar.gz From e884e3dd1b95de115de540405f9670a76cff7f27 Mon Sep 17 00:00:00 2001 From: "Benjamin A. Beasley" Date: Sun, 15 Sep 2024 12:57:50 -0400 Subject: [PATCH 63/72] Update the image crate dependency to 0.25, the current release --- ...341e8e34aa325ac03718121e33a3b4e5b75e.patch | 22 +++++++++++++++++++ clamav.spec | 12 +++++++++- 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 24d1341e8e34aa325ac03718121e33a3b4e5b75e.patch diff --git a/24d1341e8e34aa325ac03718121e33a3b4e5b75e.patch b/24d1341e8e34aa325ac03718121e33a3b4e5b75e.patch new file mode 100644 index 0000000..7bd5cfb --- /dev/null +++ b/24d1341e8e34aa325ac03718121e33a3b4e5b75e.patch @@ -0,0 +1,22 @@ +From 24d1341e8e34aa325ac03718121e33a3b4e5b75e Mon Sep 17 00:00:00 2001 +From: "Benjamin A. Beasley" +Date: Sun, 15 Sep 2024 12:50:07 -0400 +Subject: [PATCH] In libclamav_rust, use the current version of the image crate + +--- + libclamav_rust/Cargo.toml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libclamav_rust/Cargo.toml b/libclamav_rust/Cargo.toml +index 526951c519..eb95ca8011 100644 +--- a/libclamav_rust/Cargo.toml ++++ b/libclamav_rust/Cargo.toml +@@ -12,7 +12,7 @@ log = { version = "0.4", features = ["std"] } + sha2 = "0.10" + tempfile = "3" + thiserror = "1" +-image = "0.24" ++image = "0.25" + rustdct = "0.7" + transpose = "0.2" + num-traits = "0.2" diff --git a/clamav.spec b/clamav.spec index 5d285d6..4dd2a6c 100644 --- a/clamav.spec +++ b/clamav.spec @@ -26,7 +26,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.0.7 -Release: 1%{?dist} +Release: 2%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPL-2.0-only} URL: https://www.clamav.net/ %if %{with unrar} @@ -80,6 +80,8 @@ Patch5: clamav-clamonacc-service.patch Patch6: clamav-freshclam.service.patch # Debian patch to fix big-endian Patch7: https://salsa.debian.org/clamav-team/clamav/-/raw/unstable/debian/patches/libclamav-pe-Use-endian-wrapper-in-more-places.patch +# Update the image crate dependency to 0.25, the current release +Patch8: https://github.com/Cisco-Talos/clamav/pull/1366/commits/24d1341e8e34aa325ac03718121e33a3b4e5b75e.patch BuildRequires: cmake3 BuildRequires: gettext-devel @@ -290,6 +292,11 @@ cd .. %patch -P5 -p1 -b .clamonacc-service %patch -P6 -p1 -b .freshclam-service %patch -P7 -p1 -b .big-endian +# This patch is not made to be backwards-compatible (even though it could have +# been), and the vendored dependencies in EPEL8 include image 0.24, not 0.25. +%if 0%{?fedora} || 0%{?rhel} >= 9 +%patch -P8 -p1 -b .image-0.25 +%endif install -p -m0644 %{SOURCE300} clamav-milter/ @@ -603,6 +610,9 @@ exit 0 %changelog +* Sun Sep 15 2024 Benjamin A. Beasley - 1.0.7-2 +- Update the image crate dependency to 0.25, the current release + * Thu Sep 05 2024 Yaakov Selkowitz - 1.0.7-1 - Update to 1.0.7 From b3e1a94723212cd4d25d5910a3104cf6ddb31680 Mon Sep 17 00:00:00 2001 From: "Benjamin A. Beasley" Date: Tue, 17 Sep 2024 21:02:22 -0400 Subject: [PATCH 64/72] Document licenses of statically linked Rust dependencies --- clamav.spec | 61 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) diff --git a/clamav.spec b/clamav.spec index 4dd2a6c..d902c6a 100644 --- a/clamav.spec +++ b/clamav.spec @@ -175,6 +175,61 @@ user-creation scripts required by clamav. Summary: Dynamic libraries for the Clam Antivirus scanner Provides: bundled(libmspack) = 0.5-0.1.alpha.modified_by_clamav +# LICENSE.dependencies contains a full license breakdown +# From the output of %%{cargo_license_summary}: +# +%if 0%{?fedora} || 0%{?rhel} >= 9 +# 0BSD OR MIT OR Apache-2.0 +# Apache-2.0 +# Apache-2.0 OR MIT +# Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT +# BSD-2-Clause +# BSD-2-Clause AND ISC +# BSD-3-Clause +# MIT +# MIT OR Apache-2.0 (duplicate) +# MIT OR Apache-2.0 OR Zlib +# MIT OR Zlib OR Apache-2.0 (duplicate) +# Unlicense OR MIT +# Zlib OR Apache-2.0 OR MIT (duplicate) +License: %{shrink: + %{?with_unrar:proprietary}%{!?with_unrar:GPL-2.0-only} AND + (0BSD OR MIT OR Apache-2.0) AND + Apache-2.0 AND + (Apache-2.0 OR MIT) AND + (Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT) AND + BSD-2-Clause AND + BSD-3-Clause AND + ISC AND + MIT AND + (MIT OR Zlib OR Apache-2.0) AND + (Unlicense OR MIT) AND + Zlib + } +%else +# 0BSD OR MIT OR Apache-2.0 +# Apache-2.0 OR MIT +# Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT +# BSD-3-Clause +# MIT +# MIT OR Apache-2.0 (duplicate) +# MIT OR Zlib OR Apache-2.0 +# Unlicense OR MIT +# Zlib +# Zlib OR Apache-2.0 OR MIT (duplicate) +License: %{shrink: + %{?with_unrar:proprietary}%{!?with_unrar:GPL-2.0-only} AND + (0BSD OR MIT OR Apache-2.0) AND + (Apache-2.0 OR MIT) AND + (Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT) AND + BSD-3-Clause AND + MIT AND + (MIT OR Zlib OR Apache-2.0) AND + (Unlicense OR MIT) AND + Zlib + } +%endif + %description lib This package contains dynamic libraries shared between applications using the Clam Antivirus scanner. @@ -337,6 +392,10 @@ export have_cv_ipv6=yes %cmake3_build +cd libclamav_rust +%cargo_license_summary +%{cargo_license} > ../LICENSES.dependencies + %install rm -rf _doc* @@ -541,6 +600,8 @@ exit 0 %files lib +# Licenses for statically linked Rust dependencies in libclamav +%license LICENSES.dependencies %{_libdir}/libclamav.so.11* %{_libdir}/libclammspack.so.0* %if %{with unrar} From b08aa79384debd6ad70ffa5935bcaaa531ad3a62 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Wed, 3 May 2023 08:40:41 -0600 Subject: [PATCH 65/72] Update to 1.4.1 --- clamav-clamonacc-service.patch | 7 +-- clamav-rpath.patch | 18 -------- clamav.spec | 43 ++++++++++++------- ...pe-Use-endian-wrapper-in-more-places.patch | 38 +++++----------- sources | 4 +- update_clamav.sh | 4 +- 6 files changed, 45 insertions(+), 69 deletions(-) delete mode 100644 clamav-rpath.patch diff --git a/clamav-clamonacc-service.patch b/clamav-clamonacc-service.patch index c72e806..b376dba 100644 --- a/clamav-clamonacc-service.patch +++ b/clamav-clamonacc-service.patch @@ -1,5 +1,6 @@ ---- ./clamonacc/clamav-clamonacc.service.in.clamonacc-service 2022-05-05 22:36:27.572671129 +0100 -+++ ./clamonacc/clamav-clamonacc.service.in 2022-05-05 22:43:05.204324524 +0100 +diff -up clamav-1.4.0/clamonacc/clamav-clamonacc.service.in.clamonacc-service clamav-1.4.0/clamonacc/clamav-clamonacc.service.in +--- clamav-1.4.0/clamonacc/clamav-clamonacc.service.in.clamonacc-service 2024-08-15 20:12:56.950984705 -0600 ++++ clamav-1.4.0/clamonacc/clamav-clamonacc.service.in 2024-08-15 20:14:19.088770747 -0600 @@ -4,14 +4,12 @@ [Unit] Description=ClamAV On-Access Scanner @@ -14,6 +15,6 @@ -ExecStartPre=/bin/bash -c "while [ ! -S /run/clamav/clamd.ctl ]; do sleep 1; done" -ExecStart=@prefix@/sbin/clamonacc -F --log=/var/log/clamav/clamonacc.log --move=/root/quarantine +ExecStart=@prefix@/sbin/clamonacc -F --config-file=/etc/clamd.d/scan.conf + ExecStop=/bin/kill -SIGKILL $MAINPID [Install] - WantedBy=multi-user.target diff --git a/clamav-rpath.patch b/clamav-rpath.patch deleted file mode 100644 index b55cab9..0000000 --- a/clamav-rpath.patch +++ /dev/null @@ -1,18 +0,0 @@ -diff -up clamav-1.0.0/CMakeLists.txt.rpath clamav-1.0.0/CMakeLists.txt ---- clamav-1.0.0/CMakeLists.txt.rpath 2023-01-15 22:04:58.217120124 -0700 -+++ clamav-1.0.0/CMakeLists.txt 2023-01-15 22:05:57.121818812 -0700 -@@ -180,14 +180,6 @@ endif() - - include(GNUInstallDirs) - --if (NOT DEFINED CMAKE_INSTALL_RPATH) -- if(CMAKE_INSTALL_FULL_LIBDIR) -- set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_FULL_LIBDIR}") -- else() -- set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/lib") -- endif() --endif() -- - if("${CMAKE_CXX_COMPILER_ID}" MATCHES "Clang") - set(USING_CLANG ON) - else() diff --git a/clamav.spec b/clamav.spec index d902c6a..5c2bfa1 100644 --- a/clamav.spec +++ b/clamav.spec @@ -1,4 +1,4 @@ -#global prerelease -rc2 +#global prerelease -rc %global _hardened_build 1 @@ -25,8 +25,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 1.0.7 -Release: 2%{?dist} +Version: 1.4.1 +Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPL-2.0-only} URL: https://www.clamav.net/ %if %{with unrar} @@ -50,7 +50,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-27388.cvd +Source11: daily-27399.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-335.cvd #for update @@ -65,15 +65,10 @@ Source330: clamav-milter.systemd #for scanner-systemd/server-systemd Source530: clamd@.service -# Accept RUSTFLAGS -# https://github.com/Cisco-Talos/clamav/pull/835 -Patch0: clamav-rustflags.patch # Change default config locations for Fedora Patch1: clamav-default_confs.patch # Fix pkg-config flags for static linking, multilib Patch2: clamav-private.patch -# Remove rpath -Patch3: clamav-rpath.patch # Modify clamav-clamonacc.service for Fedora compatibility Patch5: clamav-clamonacc-service.patch # Allow freshclam service to run if cron.d file is present @@ -124,6 +119,9 @@ BuildRequires: pcre2-devel # Explicitly needed on EL8 BuildRequires: python3 BuildRequires: python3-pytest +%if 0%{?fedora} >= 41 +BuildRequires: python3-cgi +%endif BuildRequires: zlib-devel #BuildRequires: %%{_includedir}/tcpd.h BuildRequires: bc @@ -332,18 +330,18 @@ This package contains files which are needed to run the clamav-milter. # EL8 and earlier do not have the Rust cargo dependencies that are # defined by the generate_buildrequires stage in EL9 and later, so the # vendored packages included in the ClamAV sources suffice. -sed -i -e '/cbindgen/s/version = *"0.20"/version = "0.24"/' -e '/^bindgen *=/s/= .*/= "0.63"/' libclamav_rust/Cargo.toml %cargo_prep cd libclamav_rust -rm -r .cargo +sed -i -e '/^base64 *=/s/= .*/= "0.21"/' Cargo.toml +sed -i -e '/^bindgen *=/s/= .*/= "0.69"/' Cargo.toml +sed -i -e '/^cbindgen *=/s/= *".*"/= "0.26"/' Cargo.toml +sed -i -e '/^onenote_parser *=/s/= *.*/= "0.3.1"/' Cargo.toml %cargo_prep cd .. %endif -%patch -P0 -p1 -b .rustflags %patch -P1 -p1 -b .default_confs %patch -P2 -p1 -b .private -%patch -P3 -p1 -b .rpath %patch -P5 -p1 -b .clamonacc-service %patch -P6 -p1 -b .freshclam-service %patch -P7 -p1 -b .big-endian @@ -384,6 +382,7 @@ export have_cv_ipv6=yes -DCMAKE_INSTALL_DOCDIR=%{_pkgdocdir} \ -DCLAMAV_USER=%{updateuser} -DCLAMAV_GROUP=%{updateuser} \ -DDATABASE_DIRECTORY=%{homedir} \ + -DDO_NOT_SET_RPATH=ON \ %{!?with_clamonacc:-DENABLE_CLAMONACC=OFF} \ %{?with_llvm:-DBYTECODE_RUNTIME=llvm -D LLVM_FIND_VERSION="3.6.0"} \ %{!?with_unrar:-DENABLE_UNRAR=OFF} @@ -486,7 +485,13 @@ rm %{buildroot}%{_unitdir}/clamav-daemon.* %check +%ifarch s390x +# Tests fail on s390x +# https://github.com/Cisco-Talos/clamav/issues/759 +%ctest3 -- -E valgrind || : +%else %ctest3 -- -E valgrind +%endif # valgrind tests fail https://github.com/Cisco-Talos/clamav/issues/584 %ctest3 -- -R valgrind || : @@ -602,16 +607,17 @@ exit 0 %files lib # Licenses for statically linked Rust dependencies in libclamav %license LICENSES.dependencies -%{_libdir}/libclamav.so.11* +%{_libdir}/libclamav.so.12* %{_libdir}/libclammspack.so.0* %if %{with unrar} -%{_libdir}/libclamunrar*.so.11* +%{_libdir}/libclamunrar*.so.12* %endif %files devel %{_includedir}/* %{_libdir}/*.so +%{_libdir}/libclamav_rust.a %{_libdir}/pkgconfig/* %{_bindir}/clamav-config @@ -638,9 +644,11 @@ exit 0 %files freshclam %{_bindir}/freshclam -%{_libdir}/libfreshclam.so.2* +%{_libdir}/libfreshclam.so.3* %{_mandir}/*/freshclam* %{_unitdir}/clamav-freshclam.service +%{_unitdir}/clamav-freshclam-once.service +%{_unitdir}/clamav-freshclam-once.timer %config(noreplace) %verify(not mtime) %{_sysconfdir}/freshclam.conf %ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/bytecode.cld %ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/bytecode.cvd @@ -671,6 +679,9 @@ exit 0 %changelog +* Wed Sep 25 2024 Orion Poplawski - 1.4.1-1 +- Update to 1.4.1 + * Sun Sep 15 2024 Benjamin A. Beasley - 1.0.7-2 - Update the image crate dependency to 0.25, the current release diff --git a/libclamav-pe-Use-endian-wrapper-in-more-places.patch b/libclamav-pe-Use-endian-wrapper-in-more-places.patch index 3053713..729f71d 100644 --- a/libclamav-pe-Use-endian-wrapper-in-more-places.patch +++ b/libclamav-pe-Use-endian-wrapper-in-more-places.patch @@ -1,25 +1,7 @@ -From 5a7b1cdfadc980fb1c4fa32e6275e7c96a963110 Mon Sep 17 00:00:00 2001 -From: Sebastian Andrzej Siewior -Date: Fri, 6 Jan 2023 21:42:30 +0100 -Subject: libclamav/pe: Use endian wrapper in more places. - -A few user of VirtualAddress and Size in cli_exe_info::pe_image_data_dir -don't use the endian wrapper while other places do. This leads to -testsuite failures on big endian machines. - -Use the endian wrapper in all places across pe.c for the two members. - -Patch-Name: libclamav-pe-Use-endian-wrapper-in-more-places.patch -Signed-off-by: Sebastian Andrzej Siewior ---- - libclamav/pe.c | 18 +++++++++--------- - 1 file changed, 9 insertions(+), 9 deletions(-) - -diff --git a/libclamav/pe.c b/libclamav/pe.c -index f5dcea9..19cd2d4 100644 ---- a/libclamav/pe.c -+++ b/libclamav/pe.c -@@ -2422,22 +2422,22 @@ static cl_error_t hash_imptbl(cli_ctx *ctx, unsigned char **digest, uint32_t *im +diff -up clamav-1.4.0/libclamav/pe.c.big-endian clamav-1.4.0/libclamav/pe.c +--- clamav-1.4.0/libclamav/pe.c.big-endian 2024-08-13 14:24:46.000000000 -0600 ++++ clamav-1.4.0/libclamav/pe.c 2024-08-15 20:16:02.017730419 -0600 +@@ -2424,22 +2424,22 @@ static cl_error_t hash_imptbl(cli_ctx *c /* If the PE doesn't have an import table then skip it. This is an * uncommon case but can happen. */ @@ -46,7 +28,7 @@ index f5dcea9..19cd2d4 100644 if (impdes == NULL) { cli_dbgmsg("scan_pe: failed to acquire fmap buffer\n"); status = CL_EREAD; -@@ -2447,7 +2447,7 @@ static cl_error_t hash_imptbl(cli_ctx *ctx, unsigned char **digest, uint32_t *im +@@ -2449,7 +2449,7 @@ static cl_error_t hash_imptbl(cli_ctx *c /* Safety: We can trust peinfo->dirs[1].Size only because `fmap_need_off()` (above) * would have failed if the size exceeds the end of the fmap. */ @@ -55,7 +37,7 @@ index f5dcea9..19cd2d4 100644 if (genhash[CLI_HASH_MD5]) { hashctx[CLI_HASH_MD5] = cl_hash_init("md5"); -@@ -2546,7 +2546,7 @@ static cl_error_t hash_imptbl(cli_ctx *ctx, unsigned char **digest, uint32_t *im +@@ -2556,7 +2556,7 @@ static cl_error_t hash_imptbl(cli_ctx *c done: if (needed_impoff) { @@ -64,16 +46,16 @@ index f5dcea9..19cd2d4 100644 } for (type = CLI_HASH_MD5; type < CLI_HASH_AVAIL_TYPES; type++) { -@@ -3250,7 +3250,7 @@ int cli_scanpe(cli_ctx *ctx) +@@ -3241,7 +3241,7 @@ int cli_scanpe(cli_ctx *ctx) /* Trojan.Swizzor.Gen */ if (SCAN_HEURISTICS && (DCONF & PE_CONF_SWIZZOR) && peinfo->nsections > 1 && fsize > 64 * 1024 && fsize < 4 * 1024 * 1024) { - if (peinfo->dirs[2].Size) { + if (EC32(peinfo->dirs[2].Size)) { - struct swizz_stats *stats = cli_calloc(1, sizeof(*stats)); + struct swizz_stats *stats = calloc(1, sizeof(*stats)); unsigned int m = 1000; ret = CL_CLEAN; -@@ -5292,13 +5292,13 @@ cl_error_t cli_peheader(fmap_t *map, struct cli_exe_info *peinfo, uint32_t opts, +@@ -5250,13 +5250,13 @@ cl_error_t cli_peheader(fmap_t *map, str cli_dbgmsg("EntryPoint offset: 0x%x (%d)\n", peinfo->ep, peinfo->ep); } @@ -81,7 +63,7 @@ index f5dcea9..19cd2d4 100644 + if (is_dll || peinfo->ndatadirs < 3 || !EC32(peinfo->dirs[2].Size)) peinfo->res_addr = 0; else - peinfo->res_addr = EC32(peinfo->dirs[2].VirtualAddress); + peinfo->res_addr = peinfo->dirs[2].VirtualAddress; while (opts & CLI_PEHEADER_OPT_EXTRACT_VINFO && - peinfo->ndatadirs >= 3 && peinfo->dirs[2].Size) { diff --git a/sources b/sources index 249eb7f..ba649a5 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-1.0.7-norar.tar.xz) = c8563a927005cc3782e7c43e95d40324e5254501b94ce5f4a8526abd2e5455a84d060f9e7199879706b551f3bb64209e5935e6899846cfec6c271de4917bed97 +SHA512 (clamav-1.4.1-norar.tar.xz) = 33a99a3593a05a359af058a0883b90cca385f10fdbacd0d78cdb7532b498d0dbfd9f4b43867d2e0de03c307480c63f871e716307d4703bac78561070f404d121 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (daily-27388.cvd) = ff8f3fd3386e41c288de5aec00de937807ad4e7b2d93533b7e254d2068b943b8b7310471af0dbe7e7e639668d73ff447c59038e56882bc7e1911c6dd28c1970d SHA512 (bytecode-335.cvd) = 9177c0533658b21584de0623ff9b7c70b2ec92ce9f6fecf98a881902c98025930430415715e9914ce7c0c6fb91aad532b4c907677c3010a0da47583b7ad24d4f +SHA512 (daily-27399.cvd) = 81cf5edafb33c32ab45e7d2f3d75459287b295ffefc3ef3abeb6538ca72ccf44ee15e2ec0a2594c72914063808e07f552288b83d62707b8dca84067eedb38845 diff --git a/update_clamav.sh b/update_clamav.sh index c3dd9c8..142324f 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,5 +1,5 @@ -VERSION=1.0.7 -REPOS="f41 f40 f39 epel9" +VERSION=1.4.1 +REPOS="n" if [ -z "$1" ] then From 697a05510d0c3582d5f2a701ed23999f9bf61e20 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 16 Jan 2025 13:49:03 +0000 Subject: [PATCH 66/72] Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild --- clamav.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 5c2bfa1..5dcbd9d 100644 --- a/clamav.spec +++ b/clamav.spec @@ -26,7 +26,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.4.1 -Release: 1%{?dist} +Release: 2%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPL-2.0-only} URL: https://www.clamav.net/ %if %{with unrar} @@ -679,6 +679,9 @@ exit 0 %changelog +* Thu Jan 16 2025 Fedora Release Engineering - 1.4.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + * Wed Sep 25 2024 Orion Poplawski - 1.4.1-1 - Update to 1.4.1 From 6b6bb39959708ec91149a42a8e00795b2cd7ec2c Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 25 Jan 2025 12:19:29 -0700 Subject: [PATCH 67/72] Update to 1.4.2 --- clamav.spec | 17 ++++++++++------- sources | 4 ++-- update_clamav.sh | 2 +- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/clamav.spec b/clamav.spec index 5dcbd9d..b12245c 100644 --- a/clamav.spec +++ b/clamav.spec @@ -25,8 +25,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 1.4.1 -Release: 2%{?dist} +Version: 1.4.2 +Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPL-2.0-only} URL: https://www.clamav.net/ %if %{with unrar} @@ -50,7 +50,7 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-27399.cvd +Source11: daily-27526.cvd #http://database.clamav.net/bytecode.cvd Source12: bytecode-335.cvd #for update @@ -332,7 +332,7 @@ This package contains files which are needed to run the clamav-milter. # vendored packages included in the ClamAV sources suffice. %cargo_prep cd libclamav_rust -sed -i -e '/^base64 *=/s/= .*/= "0.21"/' Cargo.toml +sed -i -e '/^base64 *=/s/= .*/= "0.22"/' Cargo.toml sed -i -e '/^bindgen *=/s/= .*/= "0.69"/' Cargo.toml sed -i -e '/^cbindgen *=/s/= *".*"/= "0.26"/' Cargo.toml sed -i -e '/^onenote_parser *=/s/= *.*/= "0.3.1"/' Cargo.toml @@ -488,12 +488,12 @@ rm %{buildroot}%{_unitdir}/clamav-daemon.* %ifarch s390x # Tests fail on s390x # https://github.com/Cisco-Talos/clamav/issues/759 -%ctest3 -- -E valgrind || : +%ctest3 -E valgrind || : %else -%ctest3 -- -E valgrind +%ctest3 -E valgrind %endif # valgrind tests fail https://github.com/Cisco-Talos/clamav/issues/584 -%ctest3 -- -R valgrind || : +%ctest3 -R valgrind || : %post @@ -679,6 +679,9 @@ exit 0 %changelog +* Thu Jan 23 2025 Orion Poplawski - 1.4.2-1 +- Update to 1.4.2 + * Thu Jan 16 2025 Fedora Release Engineering - 1.4.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild diff --git a/sources b/sources index ba649a5..4a68a6e 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-1.4.1-norar.tar.xz) = 33a99a3593a05a359af058a0883b90cca385f10fdbacd0d78cdb7532b498d0dbfd9f4b43867d2e0de03c307480c63f871e716307d4703bac78561070f404d121 +SHA512 (clamav-1.4.2-norar.tar.xz) = b36ed02823f2d2495b21292580a2d09c45ac6af9c64a09ec9549bc4fd4740b69bcedaa5b9eccbc40763d34bd0cf6dd445f569da9431a046c53f43792bbb92393 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e SHA512 (bytecode-335.cvd) = 9177c0533658b21584de0623ff9b7c70b2ec92ce9f6fecf98a881902c98025930430415715e9914ce7c0c6fb91aad532b4c907677c3010a0da47583b7ad24d4f -SHA512 (daily-27399.cvd) = 81cf5edafb33c32ab45e7d2f3d75459287b295ffefc3ef3abeb6538ca72ccf44ee15e2ec0a2594c72914063808e07f552288b83d62707b8dca84067eedb38845 +SHA512 (daily-27526.cvd) = 34145504fe34d7183cac25e93cec43177a92420154b52ce37fde77e8c9a365a7a3fb9a9f92aa43825e88294cc4b00ac31f2ea8cf8c12fbc4d90d7b965083edf2 diff --git a/update_clamav.sh b/update_clamav.sh index 142324f..6cce762 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,4 +1,4 @@ -VERSION=1.4.1 +VERSION=1.4.2 REPOS="n" if [ -z "$1" ] From a5a23da3f55a76acdeb2ff2a0799bc00b0fa7f71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Thu, 23 Jan 2025 17:51:30 +0100 Subject: [PATCH 68/72] Add sysusers.d config file to allow rpm to create users/groups automatically --- clamav.spec | 65 ++++++++++++++++++++++------------------------------- 1 file changed, 27 insertions(+), 38 deletions(-) diff --git a/clamav.spec b/clamav.spec index b12245c..38e7739 100644 --- a/clamav.spec +++ b/clamav.spec @@ -26,7 +26,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.4.2 -Release: 1%{?dist} +Release: 2%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPL-2.0-only} URL: https://www.clamav.net/ %if %{with unrar} @@ -161,7 +161,6 @@ Summary: Filesystem structure for clamav # Prevent version mix Conflicts: %{name} < %{version}-%{release} Conflicts: %{name} > %{version}-%{release} -Requires(pre): shadow-utils BuildArch: noarch %description filesystem @@ -295,7 +294,6 @@ Requires: data(clamav) Requires: clamav-filesystem = %{version}-%{release} Requires: clamav-lib = %{version}-%{release} Requires: coreutils -Requires(pre): shadow-utils # This is still used by clamsmtp and exim-clamav Provides: clamav-server = %{version}-%{release} Provides: clamav-scanner-systemd = %{version}-%{release} @@ -316,9 +314,9 @@ Summary: Milter module for the Clam Antivirus scanner #Requires: clamd = %%{version}-%%{release} #Requires: /usr/sbin/sendmail Requires: clamav-filesystem = %{version}-%{release} -Requires(pre): shadow-utils Provides: clamav-milter-systemd = %{version}-%{release} Obsoletes: clamav-milter-systemd < %{version}-%{release} +Requires: group(clamscan) %description milter This package contains files which are needed to run the clamav-milter. @@ -356,6 +354,21 @@ install -p -m0644 %{SOURCE300} clamav-milter/ mkdir -p libclamunrar{,_iface} %{!?with_unrar:touch libclamunrar/{Makefile.in,all,install}} +# Create sysusers.d config files +cat >clamav.sysusers.conf <clamd.sysusers.conf <clamav-milter.sysusers.conf <= 9 %generate_buildrequires @@ -365,7 +378,6 @@ cd libclamav_rust %cargo_generate_buildrequires %endif - %build # add -Wl,--as-needed if not exist export LDFLAGS=$(echo %{?__global_ldflags} | sed '/-Wl,--as-needed/!s/$/ -Wl,--as-needed/') @@ -483,6 +495,10 @@ install -m 0644 %SOURCE1 %{buildroot}%{_includedir}/clamav-types.h # TODO: Evaluate using upstream's unit with clamav-daemon.socket rm %{buildroot}%{_unitdir}/clamav-daemon.* +install -m0644 -D clamav.sysusers.conf %{buildroot}%{_sysusersdir}/clamav.conf +install -m0644 -D clamd.sysusers.conf %{buildroot}%{_sysusersdir}/clamd.conf +install -m0644 -D clamav-milter.sysusers.conf %{buildroot}%{_sysusersdir}/clamav-milter.conf + %check %ifarch s390x @@ -516,25 +532,6 @@ do [ -f $f -a $f -nt $cvd ] && rm -f $cvd || : done - -%pre filesystem -getent group %{updateuser} >/dev/null || groupadd -r %{updateuser} -getent passwd %{updateuser} >/dev/null || \ - useradd -r -g %{updateuser} -d %{homedir} -s /sbin/nologin \ - -c "Clamav database update user" %{updateuser} -getent group virusgroup >/dev/null || groupadd -r virusgroup -usermod %{updateuser} -a -G virusgroup -exit 0 - - -%pre -n clamd -getent group %{scanuser} >/dev/null || groupadd -r %{scanuser} -getent passwd %{scanuser} >/dev/null || \ - useradd -r -g %{scanuser} -d / -s /sbin/nologin \ - -c "Clamav scanner user" %{scanuser} -usermod %{scanuser} -a -G virusgroup -exit 0 - %post -n clamd # Point to the new service unit [ -L /etc/systemd/system/multi-user.target.wants/clamd@scan.service ] && @@ -547,20 +544,6 @@ exit 0 %postun -n clamd %systemd_postun_with_restart clamd@scan.service - -%triggerin milter -- clamav-scanner -# Add the milteruser to the scanuser group; this is required when -# milter and clamd communicate through local sockets -/usr/sbin/groupmems -g %{scanuser} -a %{milteruser} &>/dev/null || : - -%pre milter -getent group %{milteruser} >/dev/null || groupadd -r %{milteruser} -getent passwd %{milteruser} >/dev/null || \ - useradd -r -g %{milteruser} -d %{_rundir}/clamav-milter -s /sbin/nologin \ - -c "Clamav Milter user" %{milteruser} -usermod %{milteruser} -a -G virusgroup -exit 0 - %post milter %systemd_post clamav-milter.service @@ -627,6 +610,7 @@ exit 0 %dir %{_sysconfdir}/clamd.d # Used by both clamd, clamdscan, and clamonacc %config(noreplace) %{_sysconfdir}/clamd.d/scan.conf +%{_sysusersdir}/clamav.conf %files data @@ -666,6 +650,7 @@ exit 0 %{_sbindir}/clamd %{_unitdir}/clamd@.service %{_tmpfilesdir}/clamd.scan.conf +%{_sysusersdir}/clamd.conf %files milter @@ -676,9 +661,13 @@ exit 0 %dir %{_sysconfdir}/mail %config(noreplace) %{_sysconfdir}/mail/clamav-milter.conf %{_tmpfilesdir}/clamav-milter.conf +%{_sysusersdir}/clamav-milter.conf %changelog +* Sat Feb 8 2025 Zbigniew Jedrzejewski-Szmek - 1.4.2-2 +- Add sysusers.d config files to allow rpm to create users/groups automatically + * Thu Jan 23 2025 Orion Poplawski - 1.4.2-1 - Update to 1.4.2 From 602cb9058682367d79804419c4c15cb47eacffd0 Mon Sep 17 00:00:00 2001 From: Gwyn Ciesla Date: Wed, 18 Jun 2025 15:01:33 -0500 Subject: [PATCH 69/72] 1.4.3 --- clamav.spec | 11 +++++++---- sources | 6 +++--- update_clamav.sh | 2 +- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/clamav.spec b/clamav.spec index 38e7739..2ad2853 100644 --- a/clamav.spec +++ b/clamav.spec @@ -25,8 +25,8 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav -Version: 1.4.2 -Release: 2%{?dist} +Version: 1.4.3 +Release: 1%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPL-2.0-only} URL: https://www.clamav.net/ %if %{with unrar} @@ -50,9 +50,9 @@ Source5: clamd-README #http://database.clamav.net/main.cvd Source10: main-62.cvd #http://database.clamav.net/daily.cvd -Source11: daily-27526.cvd +Source11: daily-27673.cvd #http://database.clamav.net/bytecode.cvd -Source12: bytecode-335.cvd +Source12: bytecode-336.cvd #for update Source200: freshclam-sleep Source201: freshclam.sysconfig @@ -665,6 +665,9 @@ done %changelog +* Wed Jun 18 2025 Gwyn Ciesla - 1.4.3-1 +- 1.4.3 + * Sat Feb 8 2025 Zbigniew Jedrzejewski-Szmek - 1.4.2-2 - Add sysusers.d config files to allow rpm to create users/groups automatically diff --git a/sources b/sources index 4a68a6e..71ea01c 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (clamav-1.4.2-norar.tar.xz) = b36ed02823f2d2495b21292580a2d09c45ac6af9c64a09ec9549bc4fd4740b69bcedaa5b9eccbc40763d34bd0cf6dd445f569da9431a046c53f43792bbb92393 +SHA512 (clamav-1.4.3-norar.tar.xz) = d9e6835b88e4934a36b037d28cf01e627b7843e52ef9fc6858f59000acf26120f3534e7a6b262d3ad66a2668557f3a1d0a93fb676711c91f64c8b97fa36fe191 SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e -SHA512 (bytecode-335.cvd) = 9177c0533658b21584de0623ff9b7c70b2ec92ce9f6fecf98a881902c98025930430415715e9914ce7c0c6fb91aad532b4c907677c3010a0da47583b7ad24d4f -SHA512 (daily-27526.cvd) = 34145504fe34d7183cac25e93cec43177a92420154b52ce37fde77e8c9a365a7a3fb9a9f92aa43825e88294cc4b00ac31f2ea8cf8c12fbc4d90d7b965083edf2 +SHA512 (daily-27673.cvd) = e0447f80ef2cc8981b0e1ea430a7006a1027de0b989f5a3256766804f74a50aac52f577ef929c8e1789b9353d1a4cf18d289a27b1f7e609098e11ad81bb62226 +SHA512 (bytecode-336.cvd) = 62a7f8b62da2a2476d3f66851d71e84f055f84543112b18f14e86484b02370d4daff0cb3e2b9ec77acf4a179327619a8b9950122e7882003074a9a0bf4a7ebab diff --git a/update_clamav.sh b/update_clamav.sh index 6cce762..7718896 100755 --- a/update_clamav.sh +++ b/update_clamav.sh @@ -1,4 +1,4 @@ -VERSION=1.4.2 +VERSION=1.4.3 REPOS="n" if [ -z "$1" ] From 174d267d5a849178c742c574edcf60a831e63695 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 23 Jul 2025 18:20:35 +0000 Subject: [PATCH 70/72] Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild --- clamav.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index 2ad2853..7bbdc37 100644 --- a/clamav.spec +++ b/clamav.spec @@ -26,7 +26,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.4.3 -Release: 1%{?dist} +Release: 2%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPL-2.0-only} URL: https://www.clamav.net/ %if %{with unrar} @@ -665,6 +665,9 @@ done %changelog +* Wed Jul 23 2025 Fedora Release Engineering - 1.4.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + * Wed Jun 18 2025 Gwyn Ciesla - 1.4.3-1 - 1.4.3 From 997040fb1e1c61fbdc3e7d1e25936c17eb6354b3 Mon Sep 17 00:00:00 2001 From: "Benjamin A. Beasley" Date: Thu, 4 Dec 2025 10:03:08 +0000 Subject: [PATCH 71/72] Allow hex-literal 1.0 --- ...341e8e34aa325ac03718121e33a3b4e5b75e.patch | 22 ------------------- clamav-rust-dependency-versions.patch | 21 ++++++++++++++++++ clamav.spec | 14 ++++++------ 3 files changed, 28 insertions(+), 29 deletions(-) delete mode 100644 24d1341e8e34aa325ac03718121e33a3b4e5b75e.patch create mode 100644 clamav-rust-dependency-versions.patch diff --git a/24d1341e8e34aa325ac03718121e33a3b4e5b75e.patch b/24d1341e8e34aa325ac03718121e33a3b4e5b75e.patch deleted file mode 100644 index 7bd5cfb..0000000 --- a/24d1341e8e34aa325ac03718121e33a3b4e5b75e.patch +++ /dev/null @@ -1,22 +0,0 @@ -From 24d1341e8e34aa325ac03718121e33a3b4e5b75e Mon Sep 17 00:00:00 2001 -From: "Benjamin A. Beasley" -Date: Sun, 15 Sep 2024 12:50:07 -0400 -Subject: [PATCH] In libclamav_rust, use the current version of the image crate - ---- - libclamav_rust/Cargo.toml | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/libclamav_rust/Cargo.toml b/libclamav_rust/Cargo.toml -index 526951c519..eb95ca8011 100644 ---- a/libclamav_rust/Cargo.toml -+++ b/libclamav_rust/Cargo.toml -@@ -12,7 +12,7 @@ log = { version = "0.4", features = ["std"] } - sha2 = "0.10" - tempfile = "3" - thiserror = "1" --image = "0.24" -+image = "0.25" - rustdct = "0.7" - transpose = "0.2" - num-traits = "0.2" diff --git a/clamav-rust-dependency-versions.patch b/clamav-rust-dependency-versions.patch new file mode 100644 index 0000000..56bd08d --- /dev/null +++ b/clamav-rust-dependency-versions.patch @@ -0,0 +1,21 @@ +diff -Naur clamav-1.4.3-original/libclamav_rust/Cargo.toml clamav-1.4.3/libclamav_rust/Cargo.toml +--- clamav-1.4.3-original/libclamav_rust/Cargo.toml 2025-12-04 10:01:33.233889863 +0000 ++++ clamav-1.4.3/libclamav_rust/Cargo.toml 2025-12-04 10:02:29.088468217 +0000 +@@ -12,7 +12,7 @@ + sha2 = "0.10" + tempfile = "3" + thiserror = "1" +-image = "0.24" ++image = ">=0.24, <0.26" + rustdct = "0.7" + transpose = "0.2" + num-traits = "0.2" +@@ -21,7 +21,7 @@ + unicode-segmentation = "1.10" + bindgen = "0.69" + onenote_parser = "0.3.1" +-hex-literal = "0.4" ++hex-literal = ">=0.4, <2.0" + inflate = "0.4" + bzip2-rs = "0.1" + byteorder = "1.5" diff --git a/clamav.spec b/clamav.spec index 7bbdc37..e09b9c4 100644 --- a/clamav.spec +++ b/clamav.spec @@ -75,8 +75,12 @@ Patch5: clamav-clamonacc-service.patch Patch6: clamav-freshclam.service.patch # Debian patch to fix big-endian Patch7: https://salsa.debian.org/clamav-team/clamav/-/raw/unstable/debian/patches/libclamav-pe-Use-endian-wrapper-in-more-places.patch -# Update the image crate dependency to 0.25, the current release -Patch8: https://github.com/Cisco-Talos/clamav/pull/1366/commits/24d1341e8e34aa325ac03718121e33a3b4e5b75e.patch +# - Update the image crate dependency to 0.25, the current release, +# https://github.com/Cisco-Talos/clamav/pull/1366/commits/24d1341e8e34aa325ac03718121e33a3b4e5b75e, +# allowing 0.24 for backwards-compatibility with vendored dependencies in EPEL8 +# - Allow version 1.0 of the hex-literal crate dependency; not suitable for +# upstream yet due to MSRV +Patch8: clamav-rust-dependency-versions.patch BuildRequires: cmake3 BuildRequires: gettext-devel @@ -343,11 +347,7 @@ cd .. %patch -P5 -p1 -b .clamonacc-service %patch -P6 -p1 -b .freshclam-service %patch -P7 -p1 -b .big-endian -# This patch is not made to be backwards-compatible (even though it could have -# been), and the vendored dependencies in EPEL8 include image 0.24, not 0.25. -%if 0%{?fedora} || 0%{?rhel} >= 9 -%patch -P8 -p1 -b .image-0.25 -%endif +%patch -P8 -p1 -b .rust-dependencies install -p -m0644 %{SOURCE300} clamav-milter/ From 1fb46f57547554441dd90612360f0198aee5971b Mon Sep 17 00:00:00 2001 From: Gwyn Ciesla Date: Thu, 4 Dec 2025 16:45:08 -0600 Subject: [PATCH 72/72] Bump EVR --- clamav.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/clamav.spec b/clamav.spec index e09b9c4..60ea311 100644 --- a/clamav.spec +++ b/clamav.spec @@ -26,7 +26,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 1.4.3 -Release: 2%{?dist} +Release: 3%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPL-2.0-only} URL: https://www.clamav.net/ %if %{with unrar} @@ -665,6 +665,9 @@ done %changelog +* Thu Dec 04 2025 Gwyn Ciesla - 1.4.3-3 +- Bump EVR, hex-literal patches. + * Wed Jul 23 2025 Fedora Release Engineering - 1.4.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild