[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/etch-volatile, updated. 8081f2ce97204b03267b66d99a6ef65a93312ee8
Stephen Gran
steve at lobefin.net
Thu Sep 4 13:20:31 UTC 2008
The following commit has been merged in the debian/etch-volatile branch:
commit 8081f2ce97204b03267b66d99a6ef65a93312ee8
Merge: f8a1e52a6bff14fb4574d48c6ba95255c4e3db87 9208199d82ad2ad90869c5dc93dd1bd9b9fcfe94
Author: Stephen Gran <steve at lobefin.net>
Date: Thu Sep 4 14:20:21 2008 +0100
Merge branch 'debian/unstable' into debian/etch-volatile
Conflicts:
debian/changelog
debian/clamav.links
Signed-off-by: Stephen Gran <steve at lobefin.net>
diff --combined debian/changelog
index 907d10d,3c15570..292c18f
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,12 -1,51 +1,22 @@@
-clamav (0.94.dfsg-1) unstable; urgency=low
++clamav (0.94.dfsg-1~volatile1) unstable; urgency=low
+
+ * New upstream version (closes: #497662, #497773)
+ - lots of new options for clamd.conf
+ * No longer supports --unzip option, so typo is gone (closes: #496276)
+ * Translations:
+ - sv (thanks Martin Bagge <brother at bsnet.se>) (closes: #491760)
+
- -- Stephen Gran <sgran at debian.org> Thu, 04 Sep 2008 13:02:20 +0100
++ -- Stephen Gran <sgran at debian.org> Thu, 04 Sep 2008 14:19:00 +0100
+
-clamav (0.93.3.dfsg-1) unstable; urgency=low
+clamav (0.93.3.dfsg-volatile1) etch-volatile; urgency=low
* New upstream version (closes: #489890, #492838, #491720)
* Fix AUTHORS symlink (closes: #490207)
* Fix freshclam's logcheck regex (closes: #486385)
- -- Stephen Gran <sgran at debian.org> Sun, 03 Aug 2008 20:20:40 +0100
+ -- Stephen Gran <sgran at debian.org> Sun, 03 Aug 2008 21:48:11 +0100
-clamav (0.93.1.dfsg-1.1) unstable; urgency=high
-
- * Non-maintainer upload by the Security Team.
- * This update addresses the following security issue:
- - CVE-2008-2713: A crafted petite file can trigger an out-of-bound
- read operation in petite.c resulting in a denial of sevice
- (Closes: #490925).
-
- -- Stephen Gran <sgran at debian.org> Tue, 10 Jun 2008 20:43:32 +0100
-
-clamav (0.93.1.dfsg-1) unstable; urgency=low
-
- * New upstream version
- * Move conflicts to freshclam
-
- -- Stephen Gran <sgran at debian.org> Tue, 10 Jun 2008 20:43:32 +0100
-
-clamav (0.93~dfsg-4) unstable; urgency=low
-
- * Dammit. The -f flag is there for a reason (closes: #484262)
-
- -- Stephen Gran <sgran at debian.org> Tue, 03 Jun 2008 14:35:29 +0100
-
-clamav (0.93~dfsg-3) unstable; urgency=low
-
- * Make dash happy with use of return (closes: #484170)
-
- -- Stephen Gran <sgran at debian.org> Mon, 02 Jun 2008 22:45:21 +0100
-
-clamav (0.93~dfsg-2) unstable; urgency=low
+clamav (0.93.1.dfsg-volatile1) etch-volatile; urgency=low
* Remove dpatch dependency - we keep the code in a patch system.
* Wrap evaluations of [ $variable = true ] in calls to to_lower()
@@@ -17,21 -56,10 +27,21 @@@
* Fix logcheck lines for clamav-daemon (closes: #477818)
* New translation:
- sv (thanks Martin Bagge <martin.bagge at bthstudent.se>)(closes: #483765)
+ * Move conflicts for older libclamav's to freshclam, as that is the package
+ that will change the on disk format and break apps linked against the old
+ library
+
+ -- Stephen Gran <sgran at debian.org> Tue, 10 Jun 2008 20:23:58 +0100
+
+clamav (0.93~dfsg-volatile2) etch-volatile; urgency=low
+
+ * Wrap evaluations of [ $variable = true ] in calls to to_lower()
+ * Add is_true function to catch the 7 bajillion variants of something being
+ true (closes: #483874)
- -- Stephen Gran <sgran at debian.org> Sun, 01 Jun 2008 16:25:50 +0100
+ -- Stephen Gran <sgran at debian.org> Sat, 31 May 2008 22:22:38 +0100
-clamav (0.93~dfsg-1) unstable; urgency=low
+clamav (0.93~dfsg-volatile1) etch-volatile; urgency=high
* New upstream release (closes: #476450, #477278)
- Fixes failure to lock database directory
@@@ -40,36 -68,67 +50,36 @@@
* Run adduser on every new install - this should work around the
xen-create-image thing of adding users but not groups (closes: #458015)
* Make clamav-milter be a little more self-documenting (closes: #477178)
+ * Remove dpatch dependency - we keep the code in a patch system.
- -- Stephen Gran <sgran at debian.org> Mon, 28 Apr 2008 23:57:28 +0100
-
-clamav (0.92.1~dfsg2-1.1) unstable; urgency=high
-
- * Non-maintainer upload by the Security Team.
- * This update addresses the following security issue:
- - CVE-2008-1833: heap-based buffer overflow allows remote
- attackers to execute arbitrary code via a crafted WWPack compressed
- PE binary (Closes: #476694).
-
- -- Nico Golde <nion at debian.org> Sat, 19 Apr 2008 12:42:18 +0200
+ -- Stephen Gran <sgran at debian.org> Sat, 03 May 2008 12:54:18 +0100
-clamav (0.92.1~dfsg2-1) unstable; urgency=high
+clamav (0.92.1~dfsg-1volatile2) etch-volatile; urgency=low
* libclamav/pe.c: possible integer overflow in wwpack
* [CVE-2008-1100]: libclamav/pe.c: possible integer overflow in upack
* [CVE-2008-1387]: libclamav/spin.c: possible integer overflow
* libclamav/unarj.c: DoS in unarj
- -- Stephen Gran <sgran at debian.org> Tue, 15 Apr 2008 17:48:43 +0100
-
-clamav (0.92.1~dfsg2-0.1) unstable; urgency=low
+ -- Stephen Gran <sgran at debian.org> Tue, 15 Apr 2008 18:18:34 +0100
- * Non-maintainer upload.
- * Remove non-free unrar files and repack orig.tar.gz (Closes: #470073)
+clamav (0.92.1~dfsg-1volatile1) etch-volatile; urgency=low
- -- Scott Kitterman <scott at kitterman.com> Sat, 08 Mar 2008 19:29:19 -0500
-
-clamav (0.92.1~dfsg-1) unstable; urgency=low
-
- * New upstream bugfix release
+ * New upstream version
- [2007-6595]: libclamav/others.c: symlink vulnerability
cli_gentempfd now calls open with O_EXCL (closes: #458532)
- [CVE-2008-0318]: libclamav/pe.c: possible integer overflow
- libclamav/mew.c: possible heap corruption
- * Add a note to NEWS.Debian about unrar support being dropped
- (closes: #465203)
- * clamav-milter: off-by-one programming error in pingServer
- (closes: #458204)
- * Copyright now complete (thanks Scott Kitterman <scott at kitterman.com>)
- (closes: #456770)
- * Attempt to work around clamav-milter not bothering to check if another
- instance is running on startup (reported as LP bug 179169)
-
- -- Stephen Gran <sgran at debian.org> Tue, 12 Feb 2008 02:25:20 +0000
-clamav (0.92~dfsg-3) unstable; urgency=low
+ -- Stephen Gran <sgran at debian.org> Tue, 12 Feb 2008 02:34:25 +0000
- * Copyright clarifications (closes: #456770) (thanks
- Scott Kitterman <scott at kitterman.com>)
-
- -- Stephen Gran <sgran at debian.org> Thu, 20 Dec 2007 15:28:12 +0000
-
-clamav (0.92~dfsg-2) unstable; urgency=low
+clamav (0.92~dfsg-1~volatile2) etch-volatile; urgency=low
* Drop obsolete option NodalCoreAcceleration (closes: #457051)
- -- Stephen Gran <sgran at debian.org> Wed, 19 Dec 2007 11:45:28 +0000
+ -- Stephen Gran <sgran at debian.org> Wed, 19 Dec 2007 11:46:38 +0000
-clamav (0.92~dfsg-1) unstable; urgency=medium
+clamav (0.92~dfsg-1~volatile1) etch-volatile; urgency=medium
* New upstream version
- urgency medium due to 3 CVEs:
@@@ -85,11 -144,65 +95,11 @@@
- now displays message number during mbox scans with debug enabled
(closes: #452543)
- clamav-milter now accepts HUP to reopen logfile (closes: #414993)
- * Packaging changes:
- * Check that directories shipped in the .deb exist before chowning them.
- This is apparently an unreported problem for some Ubuntu users
- * Patches:
- - remove 25_wrong_shebang.dpatch (merged upstream)
- - add 25_skip_sendmail.cf.dpatch (closes: #312575)
- * Translations:
- - fr (closes: #454128)(thanks Christian Perrier <bubulle at debian.org>)
* Handle new option LogTime for freshclam
- * Move clamav-docs to section 'doc'
- * Catch all cases where the init script is called from freshclam's postinst
- and make sure invoke-rc.d is used if available
- * Freshen patches
- -- Stephen Gran <sgran at debian.org> Mon, 17 Dec 2007 16:58:40 +0000
+ -- Stephen Gran <sgran at debian.org> Mon, 17 Dec 2007 17:04:20 +0000
-clamav (0.91.2-4) unstable; urgency=low
-
- * i18n rework (closes: #444801)
- * New translations:
- - cs (closes: #446786)(thanks Miroslav Kure <kurem at upcase.inf.upol.cz>)
- - de (closes: #447489)(thanks Helge Kreutzmann <debian at helgefjell.de>)
- - es (closes: #445605)(thanks Javier Fernández-Sanguino Peña <jfs at computer.org>)
- - fi (closes: #447000)(thanks Esko Arajärvi <edu at iki.fi>)
- - gl (closes: #446473)(thanks Jacobo Tarrio <jtarrio at trasno.net>)
- - it (closes: #445348)(thanks Cristian Rigamonti <cri at linux.it>)
- - ja (closes: #446208)(thanks Kenshi Muto <kmuto at debian.org>)
- - pt (closes: #447291)(thanks Ricardo Silva <ardoric at gmail.com>)
- - pt_BR (closes: #446940)(thanks Felipe Augusto van de Wiel (faw)
- <faw at debian.org>)
- - ru (closes: #447356)(thanks Yuri Kozlov <kozlov.y at gmail.com>)
- - vi (closes: #446898)(thanks Clytie Siddall <clytie at riverland.net.au>)
- * Get rid of some unused debconf notes
- * Update NEWS.Debian retroactively to quiet lintian
- * Add Build-Dep on po-debconf and call debconf-updatepo in clean target
- * Better watch file (closes: #449622) (thanks Raphael Geissert
- <atomo64 at gmail.com>)
- * Better integration between postfix and clamav-milter (closes: #446404)
-
- -- Stephen Gran <sgran at debian.org> Sat, 01 Dec 2007 13:01:49 +0000
-
-clamav (0.91.2-3) unstable; urgency=low
-
- * Remove spurious dependency on libcurl3-dev from libclamav-dev
- (closes: #440771)
-
- -- Stephen Gran <sgran at debian.org> Tue, 04 Sep 2007 12:29:13 +0100
-
-clamav (0.91.2-2) unstable; urgency=low
-
- * Use the correct variable for $user (closes: #439253)
- * Guard against unset $DatabaseDirectory (closes: #439913)
- * Make it easier to use clamav-milter with postfix (closes: #434995)
- * Fix shebang paths in contrib directories (closes: #439352)
- * Quiet clamav-milter startup (closes: #438454)
-
- -- Stephen Gran <sgran at debian.org> Fri, 31 Aug 2007 12:29:09 +0100
-
-clamav (0.91.2-1) unstable; urgency=low
+clamav (0.91.2-1~volatile1) etch-volatile; urgency=low
* New upstream version
- fix call to tolower() which led to a crash in libclamav
@@@ -97,31 -210,59 +107,31 @@@
URI
- fix floating point exception when using ScanOLE2
- fix possible NULL dereference in rtf.c
+ * Handle new option DetectPUA in maintainer scripts
- -- Stephen Gran <sgran at debian.org> Tue, 21 Aug 2007 11:17:01 +0100
-
-clamav (0.91.1-2) unstable; urgency=low
-
- * Move database files to -base package (closes: #434505)
- * Use right config option to determine freshclam's uid (closes: #436204)
- * Freshclam ignore.d.server update for cdiff downloads (closes: #435199)
-
- -- Stephen Gran <sgran at debian.org> Sat, 11 Aug 2007 12:53:03 +0100
+ -- Stephen Gran <sgran at debian.org> Tue, 21 Aug 2007 11:23:05 +0100
-clamav (0.91.1-1) unstable; urgency=low
+clamav (0.91.1-1~volatile1) etch-volatile; urgency=low
* New upstream version
- * Patches:
- - drop 25_phishcheck-crash.dpatch (upstream)
-
- -- Stephen Gran <sgran at debian.org> Mon, 16 Jul 2007 23:47:27 +0100
-
-clamav (0.91-2) unstable; urgency=low
-
- * Pull 25_phishcheck-crash.dpatch from upstream svn to fix a possible crash
- in phishcheck.c
- * Handle new Phish* options (no longer experimental code)
-
- -- Stephen Gran <sgran at debian.org> Sun, 15 Jul 2007 17:24:55 +0100
-
-clamav (0.91-1) unstable; urgency=low
-
- * New upstream version (closes: #432857)
- * Fixes long database load time (closes: #423879, #427154, #428675, #432334)
- * [CVE-2007-3725] DoS in unrarvm.c
- - This should make this urgency=high, but I am nervous about some changes
- in clamav.h. After discussion with the Release Wizard, I am not going
- to bump the soname unilaterally, but I am going to delay the migration
- to testing to catch any problems.
- * Patch rework:
- - freshen 02_milter_sendmail_version_patch
- - freshen 03_etc_files_patch
- - 20_clamscan-manpage-update.dpatch obsoleted
- - freshen 24_nullmailer_ftbfs.dpatch
+ - Fixes CVE-2007-3725
+ - This makes Phish* options on by default, postinst must handle them
+ - This drops Build-dep on libcurl
+ * Fix fail to install when newaliases command is not present
+ (closes: #431990)
+ * Conflict with avscan <= current stable version until we can get a version
+ that doesn't FTBFS into the archive.
- -- Stephen Gran <sgran at debian.org> Sun, 15 Jul 2007 16:48:06 +0100
+ -- Stephen Gran <sgran at debian.org> Tue, 24 Jul 2007 10:25:55 +0100
-clamav (0.90.3-2) unstable; urgency=low
+clamav (0.90.3-1~volatile2) etch-volatile; urgency=low
- * Fix newaliases test to not fail when newaliases isn't present
- (closes: #431990)
- * Quiet freshclam warnings when run from cron (closes: #427420)
+ * Don't copy the databases into place if the .inc directory exists.
+ * Sanify clamav-milter's pid (closes: #425330)
- -- Stephen Gran <sgran at debian.org> Sat, 07 Jul 2007 09:21:20 +0100
+ -- Stephen Gran <sgran at debian.org> Thu, 07 Jun 2007 00:17:27 +0100
-clamav (0.90.3-1) unstable; urgency=low
+clamav (0.90.3-1~volatile1) etch-volatile; urgency=low
* New upstream version
- Fixes segfault in segfault handler (closes: #420593)
@@@ -130,16 -271,42 +140,16 @@@
* Stop using killproc for reloading logs, at least until it stops removing
pidfiles out from under us (closes: #424618)
- -- Stephen Gran <sgran at debian.org> Thu, 31 May 2007 01:02:05 +0100
-
-clamav (0.90.2-4) unstable; urgency=low
-
- * Make sure su gets a shell (closes: #424772)
- * Correct previous chown/chmod breakage (closes: #424758)
-
- -- Stephen Gran <sgran at debian.org> Fri, 18 May 2007 11:34:29 +0100
-
-clamav (0.90.2-3) unstable; urgency=low
-
- * freshclam.postinst: s/chown/chmod/. Argg. (closes: #424128)
-
- -- Stephen Gran <sgran at debian.org> Tue, 15 May 2007 20:00:44 +0100
-
-clamav (0.90.2-2) unstable; urgency=low
-
- * clamav-milter pid recognition fixup (closes: #419983)
- * clamav-freshclam doesn't need to copy in full databases if .inc directory
- is present (closes: #420024)
- * The init scripts now su to $User before starting the daemons
- (closes: #413624)
- * Oh, fine. Remove your /var/run on every reboot for no good reason
- (closes: #406576)
- * chown 0755 the .inc directories. This is a hack to workaround a temporary
- bug that is now fixed upstream, and we can drop this soon (hopefully)
- (closes: #417985)
- * Update Build-Dependncies to also use libcurl-dev (closes: #423623)
-
- -- Stephen Gran <sgran at debian.org> Mon, 14 May 2007 23:16:27 +0100
+ -- Stephen Gran <sgran at debian.org> Thu, 31 May 2007 01:32:17 +0100
-clamav (0.90.2-1) unstable; urgency=low
+clamav (0.90.2-1~volatile1) etch-volatile; urgency=low
* New upstream version
- Fixes reconnect issue in non-block-connect (closes: #418935)
- Fixes a segfault in pdf scanning (closes: #418849)
+ - Fixes CAB File Unstore Buffer Overflow
+ - Fixes file descriptor leak in CHM handler
+ - Fixes file descriptor leak in PDF code
* Update description to reflect new features in 0.9x (closes: #414884)
* Translation:
- Ru (thanks Yuriy Talakan <yt at drsk.ru>)(closes: #416342)
--
Debian repository for ClamAV
More information about the Pkg-clamav-commits
mailing list