-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 02 May 2015 22:35:37 +0200 Source: clamav Binary: clamav-base clamav-docs clamav-dbg clamav libclamav-dev libclamav6 clamav-daemon clamav-testfiles clamav-freshclam clamav-milter Architecture: source all Version: 0.98.7+dfsg-0+deb7u1 Distribution: oldstable Urgency: high Maintainer: ClamAV Team <pkg-clamav-devel@lists.alioth.debian.org> Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Description: clamav - anti-virus utility for Unix - command-line interface clamav-base - anti-virus utility for Unix - base package clamav-daemon - anti-virus utility for Unix - scanner daemon clamav-dbg - debug symbols for ClamAV clamav-docs - anti-virus utility for Unix - documentation clamav-freshclam - anti-virus utility for Unix - virus database update utility clamav-milter - anti-virus utility for Unix - sendmail integration clamav-testfiles - anti-virus utility for Unix - test files libclamav-dev - anti-virus utility for Unix - development files libclamav6 - anti-virus utility for Unix - library Closes: 778406 778445 781088 Changes: clamav (0.98.7+dfsg-0+deb7u1) oldstable; urgency=high . [ Andreas Cadhalpun ] * Fix variable name mismatch in clamav-milter.postinst in order to make preseeding work correctly. (Closes: #778445) * Drop 'XS-Testsuite: autopkgtest' from debian/control. Debhelper automatically adds the Testsuite field. This fixes the lintian warning xs-testsuite-header-in-debian-control. * Fix cleanup on purge in clamav-base.postrm. . [ Sebastian Andrzej Siewior ] * Replace ” with " in debian/common_functions (Closes: #781088) * Import new upstream: - Improvements to PDF processing: decryption, escape sequence handling, and file property collection. - Scanning/analysis of additional Microsoft Office 2003 XML format. - Fix infinite loop condition on crafted y0da cryptor file. Identified and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221. - Fix crash on crafted petite packed file. Reported and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2222. - Fix false negatives on files within iso9660 containers. This issue was reported by Minzhuan Gong. - Fix a couple crashes on crafted upack packed file. Identified and patches supplied by Sebastian Andrzej Siewior. - Fix a crash during algorithmic detection on crafted PE file. Identified and patch supplied by Sebastian Andrzej Siewior. - Fix an infinite loop condition on a crafted "xz" archive file. This was reported by Dimitri Kirchner and Goulven Guiheux. CVE-2015-2668. - Fix compilation error after ./configure --disable-pthreads. Reported and fix suggested by John E. Krokes. - Apply upstream patch for possible heap overflow in Henry Spencer's regex library. CVE-2015-2305 (Closes: #778406). - Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2170. - Fix segfault scanning certain HTML files. Reported with sample by Kai Risku. - Improve detections within xar/pkg files. * update GPG key used to verify releases to get uscan/get_orig.sh working again. * update symbol version for cl_retflevel due to CL_FLEVEL change. Checksums-Sha1: 6b755bd27eb547946424c3055b4e431adb374d52 2883 clamav_0.98.7+dfsg-0+deb7u1.dsc d00df0b36ca5ef72518e891e5cb2bdf7ffbf9b9c 8322932 clamav_0.98.7+dfsg.orig.tar.xz 9e9ba6cb4f82cea7b259d5f679cfc9caeac2eab8 852764 clamav_0.98.7+dfsg-0+deb7u1.debian.tar.gz 0c597e1edb972459961683abbe9c32a75d06f4db 282498 clamav-base_0.98.7+dfsg-0+deb7u1_all.deb 0e5edb040faa54b26fcd789f2e6995a99fff7431 903890 clamav-docs_0.98.7+dfsg-0+deb7u1_all.deb 0c56e36ada43850a1ed74bf8d44657d1959fa28e 5286736 clamav-testfiles_0.98.7+dfsg-0+deb7u1_all.deb Checksums-Sha256: a109d8300ad94c0edf38533889555eb6c2ecdedd5b14d88b69f56ca260c8b7c1 2883 clamav_0.98.7+dfsg-0+deb7u1.dsc 3a153ccdde90702dc175bd251784b66f09431b517da4ca8c99407ecd3e295fa5 8322932 clamav_0.98.7+dfsg.orig.tar.xz a950749d6d13a893abef1d7c2e1594b418a762ed60e516b190152dc2a1ac24e1 852764 clamav_0.98.7+dfsg-0+deb7u1.debian.tar.gz 872b97d291939e68e4d6278dc2aa3033a5be6ce4f73a5e9f4867dc85f3ade045 282498 clamav-base_0.98.7+dfsg-0+deb7u1_all.deb 1e28adc8b7b1f3580acd20d5894658d0cf15db4ed26866546334372f90d83425 903890 clamav-docs_0.98.7+dfsg-0+deb7u1_all.deb d69b0b68fef69855580a430b91180e23c8c32de1c4a8c427ef8cbf7a9b4d5d6d 5286736 clamav-testfiles_0.98.7+dfsg-0+deb7u1_all.deb Files: 2794f43800109b40d94322b2e5824fc4 2883 utils optional clamav_0.98.7+dfsg-0+deb7u1.dsc 7a012088d4389bd3ac2ac35442b98d37 8322932 utils optional clamav_0.98.7+dfsg.orig.tar.xz 4b56dfef2016aab476b25556db565718 852764 utils optional clamav_0.98.7+dfsg-0+deb7u1.debian.tar.gz e8bb543cd777ab0cb06ce61ad4c2ef46 282498 utils optional clamav-base_0.98.7+dfsg-0+deb7u1_all.deb 0ff20570cb447079860ab76fae4674be 903890 doc optional clamav-docs_0.98.7+dfsg-0+deb7u1_all.deb 948da1e5ed025856943a6b2e6fdad5f0 5286736 utils optional clamav-testfiles_0.98.7+dfsg-0+deb7u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJVRnkhAAoJEHuW6BYqjPXRh/oP/0ehbzhDdM/nky8nwcVo6qMp s6L5zf9ievFmqHKnlaA7faer6YP1Ip+NVYGAuKszPW7oVgsKRSC+IL41mN5LERk1 eoV7rszWXCnrMIg08pRnPTDFAH7Tn5x30nRNo/HyNBqh0N+js/kdN875dsjqV2n0 /KO90dp/UivUsZQY+jU0dXeXWCkFWDTKUKLie+pA6NOT4JEdmKV83NeN6oUqVZhZ mDzLy27VZp1o8Yrb8UvCAdWV6nz297DiLCJqHwuPSId/XukB5a2Y23bbHtbrGKcL DYJ7ACN6tpW74A54u3EuyObN6RDr/z0bFt4udKHWxBzL1eLDaDalDQwfqPstg6Fs 8JlZhqBpEa8+hgZkEyhcoixYcAK8pgu9cY8YMDSOgTNE89vvaAHd7JGWW+nJpHJf hDMBx5bNyPzuTaJd2RdTgYhXtZB66ry/5TXyv+wLyeU9qpsBFrImkpQa3Ap20FLi yTuW8wtPNifd8a4wgNILZ/CjNB+0GnJQhRJtL4HQ2cB/ry/ghR4Jwwo3a/Pjal6B QbwozEaxYgfw1gZm+onxmkRyMiWyQf3oDoCp+SjW37crHV65DQTdR8E5u9ZTe7dz 1/4mRUZGhfUNJYD9Ouiti9kV5aZtEuvJPPLdWCY0OWg36hOuyZq6mMwEApv8lCZA xMkiSiqZGDwbi/Uod3cj =bI4e -----END PGP SIGNATURE-----
