Version: 1.0.0, Package name: clamav-1.0.0 |
Maintained by: Stuart Henderson |
Master sites: |
Description Clam Antivirus is an anti-virus scanner written from scratch. It is licensed under GNU GPL2 and uses the virus database from OpenAntiVirus, which is an another free anti-virus project. In contrast to the OpenAntiVirus (which is written in Java), Clam Antivirus is written entirely in C and POSIX compliant. |
Filesize: 30460.57 KB |
Version History (View Complete History) |
|
2021-11-03 16:22:39 by Stuart Henderson | Files touched by this commit (3) |
Log message: update to clamav-0.103.4 |
2021-11-03 16:22:14 by Stuart Henderson | Files touched by this commit (4) |
Log message: update to clamav-0.104.1 |
2021-10-29 04:34:08 by Stuart Henderson | Files touched by this commit (2) |
Log message: clamav/freshclam: patch resolv.h detection, cmake's check_include_file tries to compile a test file which just #includes resolv.h and doesn't seem to have a way to specify that another header is needed. problem reported by Mikolaj Kucharski, the CDN for freshclam starts refusing connections if you don't do DNS-based checks https://github.com/Cisco-Talos/clamav/issues/340 |
2021-10-19 05:17:24 by Stuart Henderson | Files touched by this commit (13) |
Log message: update to clamav-0.104.0 |
2021-10-03 13:06:41 by Stuart Henderson | Files touched by this commit (1) |
Log message: update to clamav-0.103.3 |
2021-10-03 13:06:29 by Stuart Henderson | Files touched by this commit (2) |
Log message: update to clamav-0.103.3 |
2021-06-09 13:50:11 by Stuart Henderson | Files touched by this commit (73) |
Log message: remove ports libexecinfo, we now have a libunwind-based libexecinfo in base |
2021-04-07 13:17:33 by Stuart Henderson | Files touched by this commit (3) |
Log message: update to clamav-0.103.2, https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html CVE-2021-1252 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1252>: Fix for Excel XLM parser infinite loop. Affects 0.103.0 and 0.103.1 only. CVE-2021-1404 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1404>: Fix for PDF parser buffer over-read; possible crash. Affects 0.103.0 and 0.103.1 only. CVE-2021-1405 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1405>: Fix for mail parser NULL-dereference crash. Affects 0.103.1 and prior. Fix possible memory leak in PNG parser. FreshClam: Deprecate the SafeBrowsing config option. The SafeBrowsing option will no longer do anything. FreshClam: Improved HTTP 304, 403, & 429 handling. Fix the FreshClam mirror-sync issue where a downloaded database is "older than the version advertised." |
2021-04-07 13:17:21 by Stuart Henderson | Files touched by this commit (5) |
Log message: update to clamav-0.103.2, https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html CVE-2021-1252 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1252>: Fix for Excel XLM parser infinite loop. Affects 0.103.0 and 0.103.1 only. CVE-2021-1404 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1404>: Fix for PDF parser buffer over-read; possible crash. Affects 0.103.0 and 0.103.1 only. CVE-2021-1405 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1405>: Fix for mail parser NULL-dereference crash. Affects 0.103.1 and prior. Fix possible memory leak in PNG parser. FreshClam: Deprecate the SafeBrowsing config option. The SafeBrowsing option will no longer do anything. FreshClam: Improved HTTP 304, 403, & 429 handling. Fix the FreshClam mirror-sync issue where a downloaded database is "older than the version advertised." |
2021-02-20 11:07:22 by Stuart Henderson | Files touched by this commit (1) |
Log message: drop BDEP on python/2.7, no longer used in tests |
2021-02-09 14:40:41 by Stuart Henderson | Files touched by this commit (2) |
Log message: update to clamav-0.103.1 |
2021-02-09 14:39:08 by Stuart Henderson | Files touched by this commit (3) |
Log message: update to clamav-0.103.1 |
2020-09-15 03:08:36 by Stuart Henderson | Files touched by this commit (12) |
Log message: update to clamav-0.103.0. This version now supports reloading signatures without blocking scans, at the cost of higher memory use. This is enabled by default; set ConcurrentDatabaseReload to No if this is a problem. |
2020-07-20 05:43:35 by Stuart Henderson | Files touched by this commit (1) |
Log message: update to clamav-0.102.4 |
2020-07-20 05:42:54 by Stuart Henderson | Files touched by this commit (2) |
Log message: update to clamav-0.102.4 |
2020-07-11 16:54:41 by Stuart Henderson | Files touched by this commit (98) |
Log message: switch my maintainer email addresses to my own domain |
2020-05-23 15:26:08 by Stuart Henderson | Files touched by this commit (1) |
Log message: clamav: remove stray \ which was masking FAKE_FLAGS |
2020-05-21 15:05:21 by Stuart Henderson | Files touched by this commit (1) |
Log message: clamav: set OBJC="${CC}" to use clang on clang arches, rather than trying to auto detect, which picks up gcc on those base-clang arches which still install gcc (which I think is now causing more problems than it solves). Fixes a build problem reported by solene@ on i386 with old /usr/bin/gcc present after the installer auto-removed old gcc-libs. |
2020-05-18 18:56:55 by Stuart Henderson | Files touched by this commit (1) |
Log message: MFC clamav update, DoS in PDF, out-of-bounds read in ARJ |
2020-05-16 06:25:10 by Stuart Henderson | Files touched by this commit (2) |
Log message: update to clamav-0.102.3 - [CVE-2020-3327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327): Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that could cause a Denial-of-Service (DoS) condition. Improper bounds checking of an unsigned variable results in an out-of-bounds read which causes a crash. Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ parsing vulnerability. - [CVE-2020-3341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341): Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that could cause a Denial-of-Service (DoS) condition. Improper size checking of a buffer used to initialize AES decryption routines results in an out-of- bounds read which may cause a crash. Bug found by OSS-Fuzz. - Fix "Attempt to allocate 0 bytes" error when parsing some PDF documents. - Fix a couple of minor memory leaks. - Updated libclamunrar to UnRAR 5.9.2. |
2020-02-06 04:52:57 by Stuart Henderson | Files touched by this commit (1) |
Log message: update -stable to clamav-0.102.2, amongst others including a fix for a possible DoS (out-of-bounds read -> crash) when using the credit card data-loss-prevention feature. |
2020-02-06 04:52:09 by Stuart Henderson | Files touched by this commit (2) |
Log message: update to clamav-0.102.2, amongst others including a fix for a possible DoS (out-of-bounds read -> crash) when using the credit card data-loss-prevention feature. |
2019-11-20 14:21:38 by Stuart Henderson | Files touched by this commit (5) |
Log message: MFC update to clamav-0.102.1, lower daemon_timeout |
2019-11-20 12:00:25 by Stuart Henderson | Files touched by this commit (9) |
Log message: update to clamav-0.102.1, lower daemon_timeout |
2019-11-20 01:26:47 by Stuart Henderson | Files touched by this commit (1) |
Log message: unbreak packaging, from Ian McWilliam |
2019-11-19 13:35:00 by Stuart Henderson | Files touched by this commit (4) |
Log message: MFC update to clamav-0.102.0 |
2019-11-19 08:35:37 by Stuart Henderson | Files touched by this commit (13) |
Log message: update to clamav-0.102.0 (slightly delayed while i tracked down the upstream commit fixing clamav-milter) |
2019-10-20 04:57:14 by Antoine Jacoutot | Files touched by this commit (2) |
Log message: Increase daemon_timeout to 120s; loading signatures on startup takes an insane amount of time... ok sthen@ (maintainer) |
2019-08-22 10:22:07 by Stuart Henderson | Files touched by this commit (3) |
Log message: update to clamav 0.101.4, - out of bounds write in NSIS bzip2 library - improvements to the zip bomb mitigations added in 0.101.3, there is now a maximum scan time limit, defaulting to 2 minutes |
2019-08-05 14:09:59 by Stuart Henderson | Files touched by this commit (2) |
Log message: update to clamav-0.101.3 fix DoS when scanning a non-recursive zip bomb |
2019-06-03 10:06:58 by Stuart Henderson | Files touched by this commit (153) |
Log message: s/PERMIT_PACKAGE_CDROM/PERMIT_PACKAGE/ and some light whitespace tidying in ports which I maintain |
2019-05-29 08:17:05 by Stuart Henderson | Files touched by this commit (2) |
Log message: use ports libmspack; should avoid intermittent problems seen building clamav's bundled version |
2019-03-28 08:36:51 by Stuart Henderson | Files touched by this commit (2) |
Log message: update clamav in -stable to 0.100.3 https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html CVE-2019-1785 CVE-2019-1786 CVE-2019-1787 CVE-2019-1788 CVE-2019-1789 CVE-2019-1798 |
2019-03-28 08:30:01 by Solene Rapenne | Files touched by this commit (6) |
Log message: Update to clamav-0.101.2 fix the following CVEs: - CVE-2019-1785 - CVE-2019-1786 - CVE-2019-1787 - CVE-2019-1789 - CVE-2019-1788 - CVE-2019-1798 ok sthen@ |
2019-01-07 15:49:14 by Stuart Henderson | Files touched by this commit (10) |
Log message: update to clamav-0.101.1 |
2018-12-04 06:40:06 by Stuart Henderson | Files touched by this commit (3) |
Log message: fix previous a different way that avoids the extra headers |
2018-12-04 06:23:11 by Stuart Henderson | Files touched by this commit (2) |
Log message: some additional headers are needed to use libclamav but aren't installed by default; install them, and use a subdir because one of them has a common name |
2018-12-04 05:33:40 by Stuart Henderson | Files touched by this commit (9) |
Log message: update to ClamAV 0.101.0 |
2018-10-03 16:05:57 by Stuart Henderson | Files touched by this commit (3) |
Log message: security update to clamav-0.100.2 |
2018-07-26 13:52:55 by Jasper Lievisse Adriaanse | Files touched by this commit (7) |
Log message: security update to clamav-0.100.1 https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html ok sthen@ (MAINTAINER) |
2018-04-11 15:35:58 by Stuart Henderson | Files touched by this commit (12) |
Log message: update to clamav-0.100.0 |
2018-03-08 12:52:03 by Juan Francisco Cantero Hurtado | Files touched by this commit (1) |
Log message: Missing TEST_DEPENDS. OK sthen@(MAINTAINER). |
2018-03-02 08:54:13 by Stuart Henderson | Files touched by this commit (3) |
Log message: MFC update to clamav-0.99.4 - fixes for the following CVE's: CVE-2012-6706, CVE-2017-6419, CVE-2017-11423, CVE-2018-0202, and CVE-2018-1000085 - also included are 2 fixes for file descriptor leaks as well fixes for a handful of other important bugs |
2018-03-02 08:53:16 by Stuart Henderson | Files touched by this commit (6) |
Log message: update to clamav-0.99.4 - fixes for the following CVE's: CVE-2012-6706, CVE-2017-6419, CVE-2017-11423, CVE-2018-0202, and CVE-2018-1000085. - also included are 2 fixes for file descriptor leaks as well fixes for a handful of other important bugs, |
2018-02-16 14:32:45 by Stuart Henderson | Files touched by this commit (6) |
Log message: update to clamav-0.99.3 |
2018-01-11 12:27:12 by Robert Peichaer | Files touched by this commit (624) |
Log message: Change the shebang line from /bin/sh to /bin/ksh in all ports rc.d daemon scripts and bump subpackages that contain the *.rc scripts. discussed with and OK aja@ OK tb |
2017-05-28 14:12:51 by Stuart Henderson | Files touched by this commit (2) |
Log message: set daemon_timeout for clamd; startup can be rather slow if you have large rulesets (for example the sanesecurity anti-spam/malware rules often used on mail servers) |
2017-05-25 07:28:27 by Marc Espie | Files touched by this commit (2) |
Log message: clean non portable construct from include. stops clang warnings |
2016-11-04 05:35:21 by Stuart Henderson | Files touched by this commit (100) |
Log message: sync WANTLIB (and in one case, add gettext to LIB_DEPENDS) in dependent ports now that internationalised domain name support has been removed from net/curl |
2016-11-03 15:10:57 by Stuart Henderson | Files touched by this commit (2) |
Log message: move clamav to using pcre2 |
2016-11-01 06:01:10 by Antoine Jacoutot | Files touched by this commit (2) |
Log message: Prevent picking up pcre2 (for now). ok sthen@ (maintainer) |
2016-05-22 15:03:33 by Stuart Henderson | Files touched by this commit (1) |
Log message: disable JIT which requires a W|X mapping |
2016-05-04 01:12:55 by Stuart Henderson | Files touched by this commit (6) |
Log message: update to clamav-0.99.2 still using the bundled llvm, the one in devel/llvm is too new |
2016-04-26 04:57:00 by Stuart Henderson | Files touched by this commit (4) |
Log message: Clean up some bits missed in yesterday's systrace removal. |
2016-03-11 12:59:18 by Christian Weisgerber | Files touched by this commit (178) |
Log message: garbage collect CONFIGURE_SHARED |
2016-03-02 19:09:09 by Stuart Henderson | Files touched by this commit (5) |
Log message: update to clamav-0.99.1 |
2016-02-20 08:23:43 by Tobias Ulmer | Files touched by this commit (1) |
Log message: add sparc to the --disable-llvm group |
2016-02-08 19:31:23 by Stuart Henderson | Files touched by this commit (2) |
Log message: uncomment the "User _clamav" line in sample config. clamd won't run without editing this file anyway, but in case somebody doesn't notice this line while reviewing the file, use a better default. |
2016-01-25 13:20:53 by Jasper Lievisse Adriaanse | Files touched by this commit (1) |
Log message: - use ${MACHINE_ARCH} instead of ${ARCH} for consistency across the tree - unbreak build on mips64 by adding it to the list of arches where llvm is disabled ok sthen@ (MAINTAINER) |
2015-12-01 16:25:09 by Stuart Henderson | Files touched by this commit (9) |
Log message: update to clamav-0.99 |
2015-11-20 09:50:06 by Stuart Henderson | Files touched by this commit (1) |
Log message: Remove clamav run deps on lha, arc and unzip. I don't see anywhere where they can possibly be used (there is an internal lib for unzip) and in the event I missed a call to use them, users can make their own decision if they want to have unmaintained decompression tools on their system. |
2015-10-30 06:59:18 by Stuart Henderson | Files touched by this commit (39) |
Log message: sync WANTLIB (curl+nghttp2) |
2015-05-05 09:03:21 by Stuart Henderson | Files touched by this commit (1) |
Log message: Disable LLVM in clamd on sparc64, the bundled one requires additional patching to work there, and ports/devel/llvm is unsuitable (halfway between versions and files moved). Reported/tested by Markus Lude, thank you - some other arch may also need this. |
2015-05-04 03:47:40 by Stuart Henderson | Files touched by this commit (2) |
Log message: MFC: Update to ClamAV 0.98.7, including several crash/infinite loop fixes (CVEs) and various improvements. http://lists.clamav.net/pipermail/clamav-announce/2015/000011.html |
2015-04-29 15:27:40 by Stuart Henderson | Files touched by this commit (6) |
Log message: Update to ClamAV 0.98.7, including several crash/infinite loop fixes (CVEs) and various improvements. http://lists.clamav.net/pipermail/clamav-announce/2015/000011.html |
2015-01-28 08:15:32 by Stuart Henderson | Files touched by this commit (3) |
Log message: MFC SECURITY update to clamav 0.98.6 http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html |
2015-01-28 08:13:51 by Stuart Henderson | Files touched by this commit (2) |
Log message: SECURITY update to clamav 0.98.6, tested by myself and ajacoutot on various arches, ok ajacoutot http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html |
2014-11-19 04:40:54 by Stuart Henderson | Files touched by this commit (1) |
Log message: ensure -current version > -stable version |
2014-11-19 04:40:34 by Stuart Henderson | Files touched by this commit (2) |
Log message: this patch should have been removed from the -stable commit. |
2014-11-18 17:36:40 by Stuart Henderson | Files touched by this commit (1) |
Log message: unbreak WANTLIB, libxml didn't start depending on xz (liblzma) until post-5.6 |
2014-11-18 17:20:46 by Stuart Henderson | Files touched by this commit (3) |
Log message: SECURITY update to clamav 0.98.5 (crash fixes for various maliciously crafted files, improved detection of malicious PE files, new file formats) |
2014-11-18 17:18:01 by Stuart Henderson | Files touched by this commit (11) |
Log message: SECURITY update to clamav 0.98.5 (crash fixes for various maliciously crafted files, improved detection of malicious PE files, new file formats) |
2011-07-26 08:23:46 by Stuart Henderson | Files touched by this commit (2) |
Log message: update to clamav 0.97.2; fixes problems with the bytecode engine, Safebrowsing detection, hash matcher, and other minor issues. ok giovanni@ pea@ |
2011-06-10 16:20:20 by Stuart Henderson | Files touched by this commit (5) |
Log message: bugfix update to clamav 0.97.1 |
2011-06-02 11:09:32 by Matthias Kilian | Files touched by this commit (58) |
Log message: --disable-silent-rules is now added to CONFIGURE_ARGS per default, if CONFIGURE_STYLE = gnu. |
2011-05-11 02:24:41 by Antoine Jacoutot | Files touched by this commit (22) |
Log message: Sanitize some @unexec/@extraunexec calls to rm: move them up in the PLIST and delete everything under the @sample'd directory instead of the directory itself to prevent a warning from pkg_delete(1) trying to remove a non existing directory and to help preventing left-over files and directories. |
2011-03-02 07:36:49 by Stuart Henderson | Files touched by this commit (5) |
Log message: update to 0.97 |
2011-01-04 23:06:49 by Antoine Jacoutot | Files touched by this commit (6) |
Log message: Rename rc scripts to follow our usual naming. ok sthen@ |
2010-12-27 07:50:24 by Antoine Jacoutot | Files touched by this commit (97) |
Log message: Simplify after recent rc.subr change. The framework is now stable and we will start documenting it (at last). |
2010-12-24 03:40:06 by Antoine Jacoutot | Files touched by this commit (96) |
Log message: Cope with recent rc.subr changes. |
2010-12-11 05:57:37 by Antoine Jacoutot | Files touched by this commit (31) |
Log message: Move these to rc_reload=NO. |
2010-12-01 15:59:35 by Stuart Henderson | Files touched by this commit (3) |
Log message: update ClamAV to 0.96.5 |
2010-11-20 10:22:46 by Marc Espie | Files touched by this commit (296) |
Log message: new depends |
2010-11-19 21:47:19 by William Yodlowsky | Files touched by this commit (3) |
Log message: MFC: - - - date: 2010/10/25 23:36:38; author: sthen; state: Exp; lines: +3 -3 update ClamAV to 0.96.4. as the release notes say, "a bugfix release recommended for all users" (or as ChangeLog says, "fix stack smash") - - - ok sthen |
2010-11-04 05:29:45 by Antoine Jacoutot | Files touched by this commit (2) |
Log message: Make the default config work without eating all FDs. |
2010-11-04 05:19:40 by Stuart Henderson | Files touched by this commit (2) |
Log message: remove unnecessary MESSAGE |
2010-11-04 05:18:12 by Stuart Henderson | Files touched by this commit (4) |
Log message: add rc scripts. "go ahead" ajacoutot@ |
2010-10-25 17:36:38 by Stuart Henderson | Files touched by this commit (3) |
Log message: update ClamAV to 0.96.4. as the release notes say, "a bugfix release recommended for all users" (or as ChangeLog says, "fix stack smash") |
2010-10-18 15:41:48 by Marc Espie | Files touched by this commit (144) |
Log message: USE_GROFF=Yes |
2010-09-26 07:40:12 by Christian Weisgerber | Files touched by this commit (25) |
Log message: remove -Lxxx/.libs workarounds required with GNU libtool |
2010-09-21 07:18:26 by Stuart Henderson | Files touched by this commit (3) |
Log message: update clamav to 0.96.3, ok pea@ |
2010-08-30 15:16:17 by Jasper Lievisse Adriaanse | Files touched by this commit (12) |
Log message: hump de bump for pythonp |
2010-08-19 03:17:41 by Stuart Henderson | Files touched by this commit (7) |
Log message: update ClamAV to 0.96.2; earlier version ok pea@ (with some port Makefile cleanup since then), feedback giovanni@ - better performance and reduced memory use - various other fixes and minor enhancements - new pdf parser |
2010-05-28 18:56:58 by William Yodlowsky | Files touched by this commit (2) |
Log message: SECURITY FIX Resolves CVE-2010-1639, from upstream via pea@ (thanks!) ok sthen@ jasper@ |
2010-05-27 03:54:09 by Stuart Henderson | Files touched by this commit (1) |
Log message: clamav picks up gcc4 if it's installed to build some extra things; add stdc++ to WANTLIB. (This will result in an Extra: on !gcc4 arch but that's not a problem). Discussed with espie@ |
2010-05-23 15:24:09 by Stuart Henderson | Files touched by this commit (4) |
Log message: update to 0.96.1 |
2010-04-01 07:18:54 by Stuart Henderson | Files touched by this commit (12) |
Log message: update to 0.96, ok pea@ |
2009-11-13 20:26:13 by William Yodlowsky | Files touched by this commit (3) |
Log message: MFC: Update to clamav-0.95.3, bugfixes ok sthen@ |
2009-10-29 19:09:34 by Stuart Henderson | Files touched by this commit (8) |
Log message: update to 0.95.3, partly from pea@. |
2009-09-15 12:06:28 by Stuart Henderson | Files touched by this commit (2) |
Log message: take MAINTAINER on these. ok jasper@ |
2009-09-15 11:37:22 by Jasper Lievisse Adriaanse | Files touched by this commit (83) |
Log message: remove marc balmer as maintainer of all of his ports, to take away the illusion marc still maintains them. as requested by himself. |
2009-06-11 04:50:49 by Stuart Henderson | Files touched by this commit (3) |
Log message: update to 0.95.2; ok giovanni@ "This version improves handling of archives, adds support for --file-list in clamscan and clamdscan, and fixes various issues found in previous releases." |
2009-04-12 03:28:45 by Stuart Henderson | Files touched by this commit (1) |
Log message: it seems something was fixed between 0.95 and 0.95.1 meaning the bundled libltdl no longer needs be used, so switch back to the usual one and add the dependency on ports-tree libltdl. prompted by a diff from Mikolaj Kucharski, ok with mbalmer (maintainer). |
2009-04-11 08:13:59 by Stuart Henderson | Files touched by this commit (12) |
Log message: security update to 0.95.1. it doesn't build with ports-tree libtool, so use the bundled one and mark with XXX until it can be fixed better. commit requested by mbalmer (maintainer). |
2008-12-13 03:19:09 by Marc Balmer | Files touched by this commit (2) |
Log message: Update to ClamAV 0.94.2 |
2008-11-07 15:33:06 by Stuart Henderson | Files touched by this commit (9) |
Log message: update to 0.94.1; sundry fixes ok mbalmer (maintainer) |
2008-09-14 09:00:43 by Stuart Henderson | Files touched by this commit (17) |
Log message: SECURITY and other bug fixes. - A vulnerability in ClamAV's chm-parser allowed remote attackers to cause a denial of service (application crash) via a malformed CHM file (CVE-2008-1389). - A vulnerability in libclamav would allow attackers to cause a denial of service via vectors related to an out-of-memory condition (CVE-2008-3912). - Multiple memory leaks were found in ClamAV that could possibly allow attackers to cause a denial of service via excessive memory consumption (CVE-2008-3913). - A number of unspecified vulnerabilities in ClamAV were reported that have an unknown impact and attack vectors related to file descriptor leaks (CVE-2008-3914). various OpenBSD patches rolled in upstream. thanks to sturm@ for looking over systrace.filter (needed for the test of sendmsg() in configure to enable FD passing). |
2008-07-08 16:38:12 by Stuart Henderson | Files touched by this commit (10) |
Log message: update clamav to 0.93.3. possible SECURITY. since 0.93: - fixes DoS with MailFollowURLs (CVE-2008-2713) - improves handling of PDF, CAB, RTF, OLE2 and HTML files and includes various bugfixes for 0.93 issues. "if it works" mbalmer@ |
2008-04-16 13:46:02 by Marc Balmer | Files touched by this commit (23) |
Log message: Update ClamAV to version 0.93, which fixes mostly security problems, at least one highly critical (remote). See http://secunia.com/advisories/29000 for details. Thanks to kurt@ for helping analyzing the threaded code issues. |
2008-02-12 03:42:17 by Marc Balmer | Files touched by this commit (2) |
Log message: Update to ClamAV 0.92.1. ok sthen, rui |
2008-01-02 11:10:51 by Bernd Ahlers | Files touched by this commit (3) |
Log message: Disable rar until the license has been checked. Noticed by sturm@, thanks! ok mbalmer@ (MAINTAINER) |
2007-12-30 15:42:39 by Bernd Ahlers | Files touched by this commit (16) |
Log message: Security update to clamav-0.92. (CVE-2007-6335) "ClamAV libclamav MEW PE File Integer Overflow Vulnerability" More info: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=634 Similar diff submitted by grunk@ on ports@. test & ok mbalmer@ (MAINTAINER) |
2007-09-17 15:13:13 by Antoine Jacoutot | Files touched by this commit (3) |
Log message: - use "_clamav" user as default in the config files (not "clamav") "of course" mbalmer@ |
2007-09-12 08:51:58 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: Update ClamAV to version 0.91.2 work done by ajacoutot@ |
2007-09-12 08:48:06 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: Update ClamAV to version 0.91.2 work done by ajacoutot@ |
2007-08-25 04:08:28 by Marc Balmer | Files touched by this commit (13) |
Log message: Update ClamAV to version 0.91.2. Note to -stable ports maintainers: This should probably be put into -stable since the ClamAV people do not provide virus data to outdated scan engines. ok simon |
2007-08-02 12:12:55 by Alexandre Anriot | Files touched by this commit (2) |
Log message: - fix the configure script so that TCP Wrappers support gets enabled. - bump SHARED_LIBS / PKGNAME. - while there, remove quotes from COMMENT. ok mbalmer@ |
2007-06-13 11:25:00 by Alexandre Anriot | Files touched by this commit (2) |
Log message: - more @sample directories, needed by clamd. - bump PKGNAME. ok mbalmer@ |
2007-06-06 00:00:38 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: Security Update to ClamAV 0.90.3. This release contains various bugfixes, see ChangeLog for details. |
2007-06-06 00:00:05 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: Security Update to ClamAV 0.90.3. This release contains various bugfixes, see ChangeLog for details. |
2007-05-31 10:02:27 by Alexandre Anriot | Files touched by this commit (3) |
Log message: Security Update to ClamAV 0.90.3. This release contains various bugfixes, see ChangeLog for details. ok mbalmer@ |
2007-05-15 09:09:12 by Christian Weisgerber | Files touched by this commit (9) |
Log message: chase wantlib changes after curl update |
2007-05-01 10:24:35 by Nikolay Sturm | Files touched by this commit (3) |
Log message: MFC: Update to ClamAV 0.90.1. Work done mostly by Stuart Henderson, with some tweaks by myself. --- Security update to ClamAV 0.90.2. This containe three import security fixes: - ClamAV CAB File Unstore Buffer Overflow Vulnerability - File descriptor leak in CHM handler - PDF fd leak >From the original annoucement: **Important note**: on April 16th CHM, CAB and PDF handlers will be disabled for 0.90 and 0.90.1 users through the dynamic engine configuration module (DCONF). Please upgrade to 0.90.2 immediately. |
2007-04-13 07:25:25 by Nikolay Sturm | Files touched by this commit (1) |
Log message: MFC: Security update to ClamAV 0.90.2. This containe three import security fixes: - ClamAV CAB File Unstore Buffer Overflow Vulnerability - File descriptor leak in CHM handler - PDF fd leak >From the original annoucement: **Important note**: on April 16th CHM, CAB and PDF handlers will be disabled for 0.90 and 0.90.1 users through the dynamic engine configuration module (DCONF). Please upgrade to 0.90.2 immediately. |
2007-04-13 07:00:32 by Nikolay Sturm | Files touched by this commit (1) |
Log message: MFC: Security update to ClamAV 0.90.2. This containe three import security fixes: - ClamAV CAB File Unstore Buffer Overflow Vulnerability - File descriptor leak in CHM handler - PDF fd leak >From the original annoucement: **Important note**: on April 16th CHM, CAB and PDF handlers will be disabled for 0.90 and 0.90.1 users through the dynamic engine configuration module (DCONF). Please upgrade to 0.90.2 immediately. |
2007-04-13 00:17:47 by Marc Balmer | Files touched by this commit (2) |
Log message: Security update to ClamAV 0.90.2. This containe three import security fixes: - ClamAV CAB File Unstore Buffer Overflow Vulnerability - File descriptor leak in CHM handler - PDF fd leak >From the original annoucement: **Important note**: on April 16th CHM, CAB and PDF handlers will be disabled for 0.90 and 0.90.1 users through the dynamic engine configuration module (DCONF). Please upgrade to 0.90.2 immediately. |
2007-04-11 11:54:11 by Marc Balmer | Files touched by this commit (2) |
Log message: Port maintenance: - Build a new version even if the old one is still installed - Only chmod 700 the /var/clamav/quantine directory >From Jeremy Evans <jeremyevans0@gmail.com> |
2007-04-05 11:26:27 by Marc Espie | Files touched by this commit (815) |
Log message: more base64 checksums |
2007-04-02 08:02:01 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: Update to ClamAV 0.90.1. Work done mostly by Stuart Henderson, with some tweaks by myself. |
2007-03-28 13:53:19 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: Update to ClamAV 0.90.1. Work done mostly by Stuart Henderson, with some tweaks by myself. |
2007-03-25 05:24:02 by Marc Balmer | Files touched by this commit (9) |
Log message: Update to ClamAV 0.90.1. Work done mostly by Stuart Henderson, with some tweaks by myself. |
2007-03-16 16:12:34 by Nikolay Sturm | Files touched by this commit (4) |
Log message: MFC: Update to ClamAV 0.90. A lot of improvments and bugfixes, see www.clamav.net for all details. |
2007-03-16 15:32:04 by Nikolay Sturm | Files touched by this commit (1) |
Log message: need these, too |
2007-03-16 15:31:20 by Nikolay Sturm | Files touched by this commit (3) |
Log message: MFC: Update to ClamAV 0.90. A lot of improvments and bugfixes, see www.clamav.net for all details. |
2007-02-28 13:31:08 by Marc Balmer | Files touched by this commit (18) |
Log message: Update to ClamAV 0.90. A lot of improvments and bugfixes, see www.clamav.net for all details. ok nikolay |
2007-01-17 01:27:20 by Marc Balmer | Files touched by this commit (3) |
Log message: Implement scanning by filedescriptor passing. Makes it much simpler to configure a mail scanning gateway using ClamAV and smtp-vilter. ok jsg (who also had the idea for this) |
2007-01-13 06:13:11 by Marc Balmer | Files touched by this commit (2) |
Log message: Remove two RUN_DEPENDS to software that is only available by manually installing ports. This makes using the clamav package much easier. ok ajacoutot |
2006-12-23 23:27:19 by Nikolay Sturm | Files touched by this commit (1) |
Log message: MFC: Maintenance update to version 0.88.7, improvements in mail scanning. Bump the major SHARED_LIBS number because exposed structs and interfaces changed. |
2006-12-23 11:13:46 by Nikolay Sturm | Files touched by this commit (1) |
Log message: MFC: Maintenance update to version 0.88.7, improvements in mail scanning. Bump the major SHARED_LIBS number because exposed structs and interfaces changed. |
2006-12-17 08:19:30 by Marc Balmer | Files touched by this commit (2) |
Log message: Maintenance update to version 0.88.7, improvements in mail scanning. Bump the major SHARED_LIBS number because exposed structs and interfaces changed. |
2006-12-13 15:44:12 by Nikolay Sturm | Files touched by this commit (2) |
Log message: update to ClamAV 0.88.6 to silence warnings about clamav being outdated |
2006-12-13 15:16:12 by Nikolay Sturm | Files touched by this commit (2) |
Log message: update to ClamAV 0.88.6 to silence warnings about clamav being outdated |
2006-11-05 15:17:28 by Marc Balmer | Files touched by this commit (2) |
Log message: Update to ClamAV 0.88.6. Changes in this release include better handling of network problems in freshclam and other minor bugfixes. |
2006-11-01 06:17:28 by Nikolay Sturm | Files touched by this commit (1) |
Log message: MFC: ClamAV 0.88.5 Security: ClamAV 0.88.5 fixes a crash in the CHM unpacker and a heap overflow in the function rebuilding PE files after unpacking. |
2006-10-19 09:11:06 by Nikolay Sturm | Files touched by this commit (1) |
Log message: MFC: ClamAV 0.88.5 Security: ClamAV 0.88.5 fixes a crash in the CHM unpacker and a heap overflow in the function rebuilding PE files after unpacking. |
2006-10-19 09:10:16 by Nikolay Sturm | Files touched by this commit (1) |
Log message: MFC: ClamAV 0.88.5 Security: ClamAV 0.88.5 fixes a crash in the CHM unpacker and a heap overflow in the function rebuilding PE files after unpacking. |
2006-10-16 01:03:42 by Marc Balmer | Files touched by this commit (2) |
Log message: ClamAV 0.88.5 Security: ClamAV 0.88.5 fixes a crash in the CHM unpacker and a heap overflow in the function rebuilding PE files after unpacking. |
2006-08-20 04:11:40 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: security update to 0.88.4 |
2006-08-20 04:11:17 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: security update to 0.88.4 |
2006-08-15 12:48:22 by Marc Balmer | Files touched by this commit (9) |
Log message: security update to 0.88.4 ok pvalchev |
2006-08-03 17:28:12 by Marc Espie | Files touched by this commit (43) |
Log message: new lib specs |
2006-05-01 15:53:16 by Nikolay Sturm | Files touched by this commit (1) |
Log message: MFC: Update to ClamAV 0.88.2 This release improves virus detection and fixes zip handling on 64-bit architectures. SECURITY This release fixes a possible security problem in freshclam. See http://www.clamav.net/security/0.88.2.html for a full security report. |
2006-05-01 14:36:10 by Nikolay Sturm | Files touched by this commit (1) |
Log message: MFC: Update to ClamAV 0.88.2 This release improves virus detection and fixes zip handling on 64-bit architectures. SECURITY This release fixes a possible security problem in freshclam. See http://www.clamav.net/security/0.88.2.html for a full security report. |
2006-05-01 12:59:41 by Nikolay Sturm | Files touched by this commit (1) |
Log message: MFC: Update to ClamAV 0.88.1. 1) An unspecified integer overflow error exists in the PE header parser in "libclamav/pe.c". 2) Some format string errors in the logging handling in "shared/output.c" may be exploited to execute arbitrary code. 3) An out-of-bounds memory access error in the "cli_bitset_test()" function in "ibclamav/others.c" may be exploited to cause a crash. CVE reference: CVE-2006-1614, CVE-2006-1615, CVE-2006-1630 More info: http://secunia.com/advisories/19534/ ----------- Update to ClamAV 0.88.2 This release improves virus detection and fixes zip handling on 64-bit architectures. SECURITY This release fixes a possible security problem in freshclam. See http://www.clamav.net/security/0.88.2.html for a full security report. |
2006-04-30 00:38:25 by Marc Balmer | Files touched by this commit (2) |
Log message: Update to ClamAV 0.88.2 This release improves virus detection and fixes zip handling on 64-bit architectures. SECURITY This release fixes a possible security problem in freshclam. See http://www.clamav.net/security/0.88.2.html for a full security report. |
2006-04-07 13:11:43 by Nikolay Sturm | Files touched by this commit (1) |
Log message: security update to ClamAV 0.88.1. 1) An unspecified integer overflow error exists in the PE header parser in "libclamav/pe.c". 2) Some format string errors in the logging handling in "shared/output.c" may be exploited to execute arbitrary code. 3) An out-of-bounds memory access error in the "cli_bitset_test()" function in "ibclamav/others.c" may be exploited to cause a crash. CVE reference: CVE-2006-1614, CVE-2006-1615, CVE-2006-1630 |
2006-04-07 13:11:19 by Nikolay Sturm | Files touched by this commit (1) |
Log message: security update to ClamAV 0.88.1. 1) An unspecified integer overflow error exists in the PE header parser in "libclamav/pe.c". 2) Some format string errors in the logging handling in "shared/output.c" may be exploited to execute arbitrary code. 3) An out-of-bounds memory access error in the "cli_bitset_test()" function in "ibclamav/others.c" may be exploited to cause a crash. CVE reference: CVE-2006-1614, CVE-2006-1615, CVE-2006-1630 |
2006-04-06 00:20:17 by Marc Balmer | Files touched by this commit (3) |
Log message: Update to ClamAV 0.88.1. |
2006-01-11 00:27:43 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: Update to ClamAV 0.88. SECURITY: A possible heap overflow in the UPX code has been fixed. The security of the UPX, FSG and Petite modules has been improved, too. |
2006-01-11 00:23:25 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: Update to ClamAV 0.88. SECURITY: A possible heap overflow in the UPX code has been fixed. The security of the UPX, FSG and Petite modules has been improved, too. |
2006-01-10 02:26:28 by Marc Balmer | Files touched by this commit (2) |
Log message: Update to ClamAV 0.88. SECURITY: A possible heap overflow in the UPX code has been fixed. The security of the UPX, FSG and Petite modules has been improved, too. |
2005-12-25 03:40:27 by Nikolay Sturm | Files touched by this commit (2) |
Log message: forgot these |
2005-12-24 13:52:59 by Nikolay Sturm | Files touched by this commit (21) |
Log message: SHARED_LIBS USE_LIBTOOL where appropriate |
2005-11-09 12:53:35 by Nikolay Sturm | Files touched by this commit (1) |
Log message: update to clamav 0.87.1, which fixes several security flaws |
2005-11-09 12:53:15 by Nikolay Sturm | Files touched by this commit (1) |
Log message: update to clamav 0.87.1, which fixes several security flaws |
2005-11-06 12:31:44 by Marc Balmer | Files touched by this commit (2) |
Log message: Update to ClamAV 0.87.1 This release includes major bugfixes for problems with handling TNEF attachments, cabinet files and FSG compressed executables. |
2005-11-01 09:22:40 by Marc Balmer | Files touched by this commit (1) |
Log message: libmilter is now a shared lib. Add it to WANTLIB and bump the package name. Reported by espie@ |
2005-11-01 04:50:23 by Nikolay Sturm | Files touched by this commit (7) |
Log message: bump PKGNAMEs to not fall behind 3.7 |
2005-11-01 04:22:11 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: Update to version 0.87. Notes: This version fixes vulnerabilities in handling of UPX and FSG compressed executables. Support for PE files, Zip and Cabinet archives has been improved and other small bugfixes have been made. The new option "--on-outdated-execute" allows freshclam to run a command when system reports a new engine version. ok brad@ |
2005-10-27 14:06:09 by Nikolay Sturm | Files touched by this commit (11) |
Log message: bump PKGNAMEs for new packages after libcurl update discussed with pval |
2005-10-27 14:03:25 by Nikolay Sturm | Files touched by this commit (5) |
Log message: bump PKGNAMEs to permit the same in -stable, needed for new packages after recent libcurl update |
2005-09-28 11:37:57 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: Update to version 0.87. Notes: This version fixes vulnerabilities in handling of UPX and FSG compressed executables. Support for PE files, Zip and Cabinet archives has been improved and other small bugfixes have been made. The new option "--on-outdated-execute" allows freshclam to run a command when system reports a new engine version. ok brad@ |
2005-09-22 15:14:55 by Marc Balmer | Files touched by this commit (3) |
Log message: Update to version 0.87. Notes: This version fixes vulnerabilities in handling of UPX and FSG compressed executables. Support for PE files, Zip and Cabinet archives has been improved and other small bugfixes have been made. The new option "--on-outdated-execute" allows freshclam to run a command when system reports a new engine version. |
2005-08-31 13:55:37 by Nikolay Sturm | Files touched by this commit (8) |
Log message: bump PKGNAME so that 3.7 won't have higher PKGNAMEs than 3.8 suggested by espie@, ok pval@ |
2005-08-31 13:51:42 by Nikolay Sturm | Files touched by this commit (11) |
Log message: updated packages for these ports where not build in a sane environment bump PKGNAME for fixed packages |
2005-07-28 13:31:38 by Nikolay Sturm | Files touched by this commit (3) |
Log message: Security update to 0.86.2 http://www.security.nnov.ru/Jdocument282.html ok brad@ |
2005-07-27 16:15:24 by Marc Balmer | Files touched by this commit (3) |
Log message: Update to ClamAV 0.86.2. |
2005-06-29 04:12:10 by Marc Balmer | Files touched by this commit (10) |
Log message: Update to version 0.86.1 and add patches to fix problems on macppc (comparisons that are always true due to char not being signed on this platform). This update fixes a possible crash, see http://sourceforge.net/project/shownotes.php?release_id=337279 for details. |
2005-05-16 23:18:27 by Marc Balmer | Files touched by this commit (3) |
Log message: Update to version 0.85.1 which fixes a problem in email handling. |
2005-05-12 08:55:21 by Marc Balmer | Files touched by this commit (12) |
Log message: Update to ClamAV version 0.85 |
2005-02-21 02:36:29 by Marc Balmer | Files touched by this commit (5) |
Log message: Update to ClamAV version 0.83. |
2005-01-27 12:47:47 by Marc Balmer | Files touched by this commit (8) |
Log message: Upgrade to ClamAV 0.81 on popular request. ok alek@ |