[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/etch-volatile, updated. debian/0.94.dfsg.2-1+volatile1-4-g3605937

Michael Tautschnig mt at debian.org
Fri Apr 10 14:51:16 UTC 2009 

The following commit has been merged in the debian/etch-volatile branch:
commit f0a7ffcdc1b7f0a2fdac31b8a4a9226d8c4d1b76
Author: Michael Tautschnig <mt at debian.org>
Date:   Fri Apr 3 20:47:59 2009 +0200

    Scott's patch to use #define'd FLEVEL
    
    - allows to re-enable signatures in future version that upstream has disabled
      for security reasons

diff --git a/debian/changelog b/debian/changelog
index 42453dd..6af6151 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+clamav (0.94.dfsg.2-1~volatile2) etch-volatile; urgency=low
+
+  [ Scott Kittermann ]
+  * Backported change from 0.95 of FLEVEL_DCONF to be able to re-enable
+    signatures when security issues have been fixed.
+
+ -- Michael Tautschnig <mt at debian.org>  Fri, 03 Apr 2009 20:41:05 +0200
+
 clamav (0.94.dfsg.2-1~volatile1) etch-volatile; urgency=low
 
   [ Stephen Gran ]
diff --git a/libclamav/dconf.c b/libclamav/dconf.c
index 3267cf7..f67d6b4 100644
--- a/libclamav/dconf.c
+++ b/libclamav/dconf.c
@@ -241,7 +241,7 @@ static int chkflevel(const char *entry, int field)
 	    return 0;
 	}
 
-	if((unsigned int) atoi(pt) > cl_retflevel()) {
+	if((unsigned int) atoi(pt) > CL_FLEVEL_DCONF) {
 	    free(pt);
 	    return 0;
 	}
@@ -254,7 +254,7 @@ static int chkflevel(const char *entry, int field)
 		return 0;
 	    }
 
-	    if((unsigned int) atoi(pt) < cl_retflevel()) {
+	    if((unsigned int) atoi(pt) < CL_FLEVEL_DCONF) {
 		free(pt);
 		return 0;
 	    }
diff --git a/libclamav/others.c b/libclamav/others.c
index 54784f4..a0418cc 100644
--- a/libclamav/others.c
+++ b/libclamav/others.c
@@ -90,8 +90,6 @@ static pthread_mutex_t cli_ctime_mutex = PTHREAD_MUTEX_INITIALIZER;
 #define       P_tmpdir        "C:\\WINDOWS\\TEMP"
 #endif
 
-#define CL_FLEVEL 38 /* don't touch it */
-
 uint8_t cli_debug_flag = 0, cli_leavetemps_flag = 0;
 
 #ifndef CLI_MEMFUNSONLY
diff --git a/libclamav/others.h b/libclamav/others.h
index b98dd9b..c862e22 100644
--- a/libclamav/others.h
+++ b/libclamav/others.h
@@ -32,6 +32,18 @@
 #include "clamav.h"
 #include "dconf.h"
 
+/*
+ * CL_FLEVEL is the signature f-level specific to the current code and
+ *	     should never be modified
+ * CL_FLEVEL_DCONF is used in the dconf module and can be bumped by
+ * distribution packagers provided they fix *all* security issues found
+ * in the old versions of ClamAV. Updating CL_FLEVEL_DCONF will result
+ * in re-enabling affected modules.
+ */
+
+#define CL_FLEVEL 38
+#define CL_FLEVEL_DCONF	41
+
 extern uint8_t cli_debug_flag, cli_leavetemps_flag;
 
 /*

-- 
Debian repository for ClamAV

More information about the Pkg-clamav-commits mailing list