Bernd Kuhls
d02cbe22da
package/clamav: security bump to version 0.99.4
...
Fixes CVE-2012-6706, CVE-2017-6419, CVE-2017-11423, CVE-2018-1000085 &
CVE-2018-0202.
For details see upstream announcement:
http://lists.clamav.net/pipermail/clamav-announce/2018/000029.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-03-02 07:58:18 +01:00
Bernd Kuhls
ffb5dee113
package/clamav: security bump to version 0.99.3
...
Fixes CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377,
CVE-2017-12378, CVE-2017-12379, CVE-2017-12380.
For details see upstream announcement:
http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
Added license hashes.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-27 14:47:03 +01:00
Thomas Petazzoni
c6882af636
clamav: use new gettext logic
...
This commit switches to use the new gettext logic, which involves:
- using TARGET_NLS_DEPENDENCIES instead of hand-encoded dependencies
on gettext/host-gettext
- dropping BR2_PACKAGE_GETTEXT selection
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-05 01:27:24 +02:00
Rahul Bedarkar
af31c309e7
boot, linux, package: use SPDX short identifier for GPLv2/GPLv2+
...
We want to use SPDX identifier for license strings as much as possible.
SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+.
This change is done by using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv2\>/GPL-2.0/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-01 15:16:38 +02:00
Bernd Kuhls
013207f2e4
package/clamav: add optional dependency to json-c
...
clamav has optional support for json-c:
$ output/host/usr/bin/i586-buildroot-linux-uclibc-readelf -a output/target/usr/lib/libclamav.so.7.1.1 | grep NEEDED
0x00000001 (NEEDED) Shared library: [libltdl.so.7]
0x00000001 (NEEDED) Shared library: [libssl.so.1.0.0]
0x00000001 (NEEDED) Shared library: [libcrypto.so.1.0.0]
0x00000001 (NEEDED) Shared library: [libz.so.1]
0x00000001 (NEEDED) Shared library: [libjson-c.so.2]
0x00000001 (NEEDED) Shared library: [libc.so.0]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-12 15:41:13 +01:00
Bernd Kuhls
a5b0607b4a
package/clamav: needs libtool
...
clamav contains a copy of libltdl which is used when the libtool
package is not present, this increases the filesize of the target libs:
linked against libltdl.so:
-rwxr-xr-x 1 bernd bernd 1838528 Mär 11 13:21 output/target/usr/lib/libclamav.so.7.1.1
$ output/host/usr/bin/i586-buildroot-linux-uclibc-readelf -a output/target/usr/lib/libclamav.so.7.1.1 | grep NEEDED
0x00000001 (NEEDED) Shared library: [libltdl.so.7]
0x00000001 (NEEDED) Shared library: [libssl.so.1.0.0]
0x00000001 (NEEDED) Shared library: [libcrypto.so.1.0.0]
0x00000001 (NEEDED) Shared library: [libz.so.1]
0x00000001 (NEEDED) Shared library: [libc.so.0]
not linked against libltdl.so:
-rwxr-xr-x 1 bernd bernd 1859548 Mär 11 13:21 output/target/usr/lib/libclamav.so.7.1.1
$ output/host/usr/bin/i586-buildroot-linux-uclibc-readelf -a output/target/usr/lib/libclamav.so.7.1.1 | grep NEEDED
0x00000001 (NEEDED) Shared library: [libssl.so.1.0.0]
0x00000001 (NEEDED) Shared library: [libcrypto.so.1.0.0]
0x00000001 (NEEDED) Shared library: [libz.so.1]
0x00000001 (NEEDED) Shared library: [libc.so.0]
Therefore this patch adds libtool as hard dependency to clamav.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-12 15:40:48 +01:00
Peter Korsgaard
4970a780b7
clamav: fix configure breakage after zlib 1.2.10 version bump
...
Fixes:
http://autobuild.buildroot.net/results/b6b/b6ba2dfb42ee41ed0b8304aa8c78645245f3b341/
http://autobuild.buildroot.net/results/eef/eef9a2dda2c172cd600dc74c1e5e60476d92280d/
http://autobuild.buildroot.net/results/827/82798118795aa6334b4dd6eac06777682131da7f/
The clamav configure script by default checks for old zlib versions with
known vulnerabilities and errors out if found:
configure: error: The installed zlib version may contain a security bug.
Please upgrade to 1.2.2 or later: http://www.zlib.net . You can omit this
check with --disable-zlib-vcheck but DO NOT REPORT any stability issues
then!
The check is unfortunately not very robust as it simply checks for a version
string matching '1.2.1' (which 1.2.10 does):
vuln=`grep "ZLIB_VERSION \"1.2.1" $ZLIB_HOME/include/zlib.h`
As a workaround, pass --disable-zlib-vcheck to skip this check.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-01-04 17:04:18 +01:00
Bernd Kuhls
71ad4dadb6
package/clamav: bump version to 0.99.2
...
Changed upstream URL to project site clamav.net, the tarball for the
new version is not available on sourceforge.net anymore.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-09 22:26:56 +02:00
Gustavo Zacarias
2c8e5dd69f
clamav: bump to version 0.99.1
...
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 15:08:04 +01:00
Bernd Kuhls
beb67930c6
package/clamav: Fix LICENSE_FILES after last version bump
...
Fixes
http://autobuild.buildroot.net/results/3a1/3a12aea6a7a3500883a6d0184da3bd8cebf50e7b/
and many others
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-12-13 14:30:26 +01:00
Bernd Kuhls
2abe487cd6
package/clamav: bump to version 0.99
...
- removed autoreconf and two patches applied upstream
b20eeffadb
785e4a90e0
- removed clamuko configure option
- disabled fanotify support because UCLIBC_HAS_FTS is disabled
https://github.com/vrtadmin/clamav-devel/blob/master/README
"Support for on-access scanning using Clamuko/Dazuko has been replaced
with fanotify."
- added host-pkgconf dependency, used by configure
- added optional dependency to pcre
- added sha256 hash
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-12-12 12:05:29 +01:00
Bernd Kuhls
1591799094
package/clamav: bump version to 0.98.7, enable ipv6 support
...
Clamav uses AC_TRY_RUN in m4/reorganization/code_checks/ipv6.m4 to check
for ipv6 support, which is not cross-compile safe. Since buildroot
supports ipv6 out-of-the-box now this patch forces ipv6 support.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-04-29 23:27:12 +02:00
Bernd Kuhls
f67fa48bd6
package/clamav: bump version to 0.98.6
...
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-01-31 13:02:27 +01:00
Peter Korsgaard
7e1728bb05
clamav: fix bzip2 detection
...
Configure gets confused if the host has bzip2 development headers, so force
the results.
Fixes:
http://autobuild.buildroot.net/results/e73/e732d1bac8fe68fd8bba50e4e9d908be3d996c83/
http://autobuild.buildroot.net/results/1a4/1a46e53cf892534f1b3a16c249fa710485290b5a/
http://autobuild.buildroot.net/results/6d0/6d09379aaba0ccddddfee9e319b84687012fd5fc/
http://autobuild.buildroot.net/results/d23/d2310a2f265e7d22c025a61e064a3c29dc6213ef/
And many more.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-11-20 23:06:41 +01:00
Gustavo Zacarias
59119da778
clamav: security bump to version 0.98.5
...
Fixes:
CVE-2013-6497 - the jwplayer.js file causes ClamAV to seg fault when
scanned with the -a (list archived files).
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-11-20 19:40:13 +01:00
Bernd Kuhls
bf3753064b
package/clamav: New package
...
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-11-01 15:38:57 +01:00