-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 01 May 2015 22:45:55 -0400 Source: clamav Binary: clamav-base clamav-docs clamav-dbg clamav libclamav-dev libclamav6 clamav-daemon clamdscan clamav-testfiles clamav-freshclam clamav-milter Architecture: source all amd64 Version: 0.98.7+dfsg-1 Distribution: unstable Urgency: high Maintainer: ClamAV Team <pkg-clamav-devel@lists.alioth.debian.org> Changed-By: Scott Kitterman <scott@kitterman.com> Description: clamav - anti-virus utility for Unix - command-line interface clamav-base - anti-virus utility for Unix - base package clamav-daemon - anti-virus utility for Unix - scanner daemon clamav-dbg - debug symbols for ClamAV clamav-docs - anti-virus utility for Unix - documentation clamav-freshclam - anti-virus utility for Unix - virus database update utility clamav-milter - anti-virus utility for Unix - sendmail integration clamav-testfiles - anti-virus utility for Unix - test files clamdscan - anti-virus utility for Unix - scanner client libclamav-dev - anti-virus utility for Unix - development files libclamav6 - anti-virus utility for Unix - library Closes: 778406 783720 Changes: clamav (0.98.7+dfsg-1) unstable; urgency=high . [ Andreas Cadhalpun ] * Use SocketUser, SocketGroup and RemoveOnStop systemd socket options instead of using ExecStartPost and ExecStopPost for that. * Respect clamav-daemon's LocalSocket* options with the systemd unit by extending the clamav-daemon.socket file appropriately, when running dpkg-reconfigure clamav-daemon. (Closes: #783720) * Disable this extendend configuration, when handling the configuration file with debconf is disabled. * Disable clamav-daemon.socket in prerm script. . [ Sebastian Andrzej Siewior ] * Import new upstream: - Improvements to PDF processing: decryption, escape sequence handling, and file property collection. - Scanning/analysis of additional Microsoft Office 2003 XML format. - Fix infinite loop condition on crafted y0da cryptor file. Identified and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221. - Fix crash on crafted petite packed file. Reported and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2222. - Fix false negatives on files within iso9660 containers. This issue was reported by Minzhuan Gong. - Fix a couple crashes on crafted upack packed file. Identified and patches supplied by Sebastian Andrzej Siewior. - Fix a crash during algorithmic detection on crafted PE file. Identified and patch supplied by Sebastian Andrzej Siewior. - Fix an infinite loop condition on a crafted "xz" archive file. This was reported by Dimitri Kirchner and Goulven Guiheux. CVE-2015-2668. - Fix compilation error after ./configure --disable-pthreads. Reported and fix suggested by John E. Krokes. - Apply upstream patch for possible heap overflow in Henry Spencer's regex library. CVE-2015-2305 (Closes: #778406). - Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2170. - Fix segfault scanning certain HTML files. Reported with sample by Kai Risku. - Improve detections within xar/pkg files. * update GPG key used to verify releases to get uscan/get_orig.sh working again. * update symbol version for cl_retflevel due to CL_FLEVEL change. Checksums-Sha1: 9e03fcf8a028525ec8401c6ef4ca67a96bf44779 3075 clamav_0.98.7+dfsg-1.dsc d00df0b36ca5ef72518e891e5cb2bdf7ffbf9b9c 8322932 clamav_0.98.7+dfsg.orig.tar.xz 57833718904df8a722bb98f2e866307466af9f30 242168 clamav_0.98.7+dfsg-1.debian.tar.xz 1e854dadafdabcc9b4bdab198c50e8af059fe13e 283236 clamav-base_0.98.7+dfsg-1_all.deb 72c52ffa92d713a8bfb0e2c9e522cea2797b11a0 897526 clamav-docs_0.98.7+dfsg-1_all.deb 348fee6f6289174cd380621731eeff4b75cebea7 2454558 clamav-dbg_0.98.7+dfsg-1_amd64.deb 023991dee3a969158dd4a00ff53e8180f167e9aa 324626 clamav_0.98.7+dfsg-1_amd64.deb c6f38f5c96163cd04b5fe21af01a5211f740bbd7 244400 libclamav-dev_0.98.7+dfsg-1_amd64.deb e281c0695acd0738f7e983b850ba8dc343bdbeca 930034 libclamav6_0.98.7+dfsg-1_amd64.deb 943a8e7ca7cffbb3fb66aa17ab4fb9a2a72a2fb9 421032 clamav-daemon_0.98.7+dfsg-1_amd64.deb 63b5b09e424dd13a27e9cc33037e3373a652ebd8 297592 clamdscan_0.98.7+dfsg-1_amd64.deb bd07d6dd03218692667485638b6aa229b4937f94 3096090 clamav-testfiles_0.98.7+dfsg-1_all.deb 3532031dd31875cfddeb43e066a5374d7e23d79f 348192 clamav-freshclam_0.98.7+dfsg-1_amd64.deb f83a47ba73b2d9d36a1053cbe96088dbf02e8fab 387064 clamav-milter_0.98.7+dfsg-1_amd64.deb Checksums-Sha256: 30ea134e3f4e03a2f0335c026a29ab9f57f733cd4863597d1d985cdc40e98086 3075 clamav_0.98.7+dfsg-1.dsc 3a153ccdde90702dc175bd251784b66f09431b517da4ca8c99407ecd3e295fa5 8322932 clamav_0.98.7+dfsg.orig.tar.xz 993a5be4ac798cb6a4beb7bc3ca481c3dc1b22b4918116834e9618dbd7e8e094 242168 clamav_0.98.7+dfsg-1.debian.tar.xz 7690ad29246a26c405351301cb46f205046ae8554d5e20e6af0278185916e700 283236 clamav-base_0.98.7+dfsg-1_all.deb 4e7587fe5390ee1b1309e765d6d09040da84b0e00bb948488fd1c14953f96242 897526 clamav-docs_0.98.7+dfsg-1_all.deb 54fff846f9d79713d596c4a5b7914eb4eca010c6780ef1efac221d2c3e25fe7d 2454558 clamav-dbg_0.98.7+dfsg-1_amd64.deb 421a0c1bd7ae05d50ef49e9a678a271fb85fb386b2a6b031cd4939620fdfeddc 324626 clamav_0.98.7+dfsg-1_amd64.deb 8aafe5cacedd0211f9a520fdabd0491eb335abac4982ebb8cbada958150ba988 244400 libclamav-dev_0.98.7+dfsg-1_amd64.deb 2f3262e50b4760857d44f88200416ff5210ab4fdb17f4321869811cf8c848880 930034 libclamav6_0.98.7+dfsg-1_amd64.deb 49df94669c68720e1be4493e09020ddb1efcbf43f811adfc86c8ba7f26dc2bbe 421032 clamav-daemon_0.98.7+dfsg-1_amd64.deb 7662dcc860a276c77bafcf3be31dd46f8a4dc0406a4c94e5bc0af51d481cb47f 297592 clamdscan_0.98.7+dfsg-1_amd64.deb 4ea4ec98b762969c59bfcbfa3a8b5e3e1e83af8ef176dad7a5ff765745a2771b 3096090 clamav-testfiles_0.98.7+dfsg-1_all.deb 806a1fd82c634bdbdac57daaebe210e84fa146b0118d03f5fe1680a38bbf175e 348192 clamav-freshclam_0.98.7+dfsg-1_amd64.deb 3eb525f74afd71f498d191c44138fabacd31e5851de5900bac71b5a03598b49f 387064 clamav-milter_0.98.7+dfsg-1_amd64.deb Files: 6fcf3097f5d632060aab4b86cc202241 3075 utils optional clamav_0.98.7+dfsg-1.dsc 7a012088d4389bd3ac2ac35442b98d37 8322932 utils optional clamav_0.98.7+dfsg.orig.tar.xz 14dd37a7f9c824b422a9e57fac0071b2 242168 utils optional clamav_0.98.7+dfsg-1.debian.tar.xz 1fb8898ad23f2fe3118b736b90d73735 283236 utils optional clamav-base_0.98.7+dfsg-1_all.deb 0a892a2a77e0fc5fb5609611450a5b43 897526 doc optional clamav-docs_0.98.7+dfsg-1_all.deb 9cd7548b4592f84ff405cfe3bf4b8f09 2454558 debug extra clamav-dbg_0.98.7+dfsg-1_amd64.deb 204eafbdac60e48a375e823f4d69e8a3 324626 utils optional clamav_0.98.7+dfsg-1_amd64.deb 4a045ec62ae2994ad12e6e782a1130a1 244400 libdevel optional libclamav-dev_0.98.7+dfsg-1_amd64.deb 9a1474b1cb12533bb2e2fcbb717ed7de 930034 libs optional libclamav6_0.98.7+dfsg-1_amd64.deb 857b1baca9906867f86eab3e7cb02e02 421032 utils optional clamav-daemon_0.98.7+dfsg-1_amd64.deb 69b94d40358fa669cf02a28876db72d9 297592 utils optional clamdscan_0.98.7+dfsg-1_amd64.deb 20684bd02581a7a9bedddd5c8dd54277 3096090 utils optional clamav-testfiles_0.98.7+dfsg-1_all.deb 0eb100895dc2cda74f98979b86290d60 348192 utils optional clamav-freshclam_0.98.7+dfsg-1_amd64.deb cd6de31c2a7b08d5bc2d9d876d5ff575 387064 utils extra clamav-milter_0.98.7+dfsg-1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJVRET0AAoJEHjX3vua1ZrxdaQQAMoBD8ho8BL7wYwm8hQah4Jr Etr5Qz1UDcMKcJY7rnAaDOuHqBYcnP+acyxgCr8f/DEOWVsbY6tY54AZ9kcDkYT0 a7Itr8uB2qkXORPBLDsSJFllTjAcz3gN/X+TCXFjAqj11wa3XTlLoHhc7iaj+Tlu HWd3OvtDRn4WUj5hn2fBXOQETYs/YnEj+3wvV6UWSmeYir/enZxjcxmQAJmQLE43 QWGivpvuDUDxPNEya18oU76aNQHMH2UMaSbPHU+0RELhG6kqpBM/wTSkYdekh8cL vgQpGTS2UcGvUfRWEHJNgTSEGvn5m8gwk4/RhPspBwzPH3ReFkhbmWDbA1KqwuZZ UKJP7G0PQtZzt2lZBAkXxZzhwRQaXjE8CHB7/QqRyb2zTTHnWjPmoBloNK7Jj+8v 5CoATXw/MWbmdLVkyzl8dGQNdJVYZ7hlj1zJlTgRtCktrziV2lnMqBex1YNyVodi KDbaOItBYGpZLiQ0o5gdN1X6083JEyT0k1c3V21dF+B6dRN5/TUKILAA6RLWDH4P NIzrWKf1MXcGT+Uj/8waTJLVXrv6+J+q59kNJbMsNOMrAj/BWwVp8zdlzVFDxJSr h0eb38J0MFqVAub3FfQ8UtLdQ1NDvL4XAegZmeb1y3rTM8inmPTrgsk1WHsusjsz I98npVj+zwx4r1lYbLF+ =8zXL -----END PGP SIGNATURE-----
