Commit Graph

52 Commits

Author SHA1 Message Date
Fabrice Fontaine
c70f31b6ac package/clamav: add SELinux module
Support for clamav is added by the services/clamav module in the SELinux
refpolicy.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-07-21 23:44:37 +02:00
Bernd Kuhls
3950ab9bc7 package/clamav: bump version to 0.103.3
Release notes:
https://blog.clamav.net/2021/06/clamav-01033-patch-release.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-23 09:04:37 +02:00
Peter Korsgaard
7aee27c2b9 package/clamav: security bump to version 0.103.2
Fixes the following security issues:

- CVE-2021-1386: Fix for UnRAR DLL load privilege escalation.  Affects
  0.103.1 and prior on Windows only.

- CVE-2021-1252: Fix for Excel XLM parser infinite loop.  Affects 0.103.0
  and 0.103.1 only.

- CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash.
  Affects 0.103.0 and 0.103.1 only.

- CVE-2021-1405: Fix for mail parser NULL-dereference crash.  Affects
  0.103.1 and prior.

- CVE-2021-27506: The ClamAV Engine (Version 0.103.1 and below) embedded in
  Storsmshield Network Security (1.0 to 4.1.5) is subject to DoS in case of
  parsing of malformed png files.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-04-10 18:39:56 +02:00
Bernd Kuhls
1ac11404a7 package/clamav: bump version to 0.103.1
Release notes:
https://blog.clamav.net/2021/02/clamav-01031-patch-release.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-02-04 22:10:43 +01:00
Fabrice Fontaine
b6f7e0a1cd package/clamav: add CLAMAV_CPE_ID_VENDOR
cpe:2.3🅰️clamav:clamav is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aclamav%3Aclamav

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-01-17 17:13:37 +01:00
Bernd Kuhls
19d1ca28d2 package/clamav: needs dynamic library
Upstream commit
9e20cdf6ea
added dlopen() to others.c
https://github.com/Cisco-Talos/clamav-devel/blob/dev/0.104/libclamav/others.c#L199

"libclamav used to build in multiple stages where an earlier stage is
a static library containing utils required by the "shared" code.
Linking clamdscan and clamdtop with this libclamav utils static lib
allowed these two apps to function without libclamav. While this is
nice in theory, the practical gains are minimal and it complicates
the build system. As such, the autotools and CMake tooling was
simplified for improved maintainability and this feature was thrown
out. clamdtop and clamdscan now require libclamav to function."

Fixes:
http://autobuild.buildroot.net/results/e27/e276894781e3e37fbc03a0745738c61541e0a211/
http://autobuild.buildroot.net/results/552/552ee8d9e44152c9d7e315a5491542771264d466/
http://autobuild.buildroot.net/results/fde/fde4af47542f0eb0bd57b172c99bd086eb566b76/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-09-23 20:45:23 +02:00
Bernd Kuhls
c9d55310e3 package/clamav: bump version to 0.103.0
Release notes:
https://lists.clamav.net/pipermail/clamav-announce/2020/000050.html

Rebased patch 0002.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-09-20 15:05:58 +02:00
Bernd Kuhls
a5beb29820 package/clamav: security bump version to 0.102.4
Release notes:
https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html

Fixes CVE-2020-3481, CVE-2020-3327 & CVE-2020-3350.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-18 15:29:51 +02:00
Bernd Kuhls
3f617ac6ca package/clamav: security bump version to 0.102.3
Fixes CVE-2020-3327 & CVE-2020-3341.

Release notes:
https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html

Reformatted hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-05-13 22:00:24 +02:00
Bernd Kuhls
19748514b8 package/clamav: security bump version to 0.102.2
Fixes CVE-2020-3123: A vulnerability in the Data-Loss-Prevention (DLP)
module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0
could allow an unauthenticated, remote attacker to cause a denial of service
condition on an affected device.  The vulnerability is due to an
out-of-bounds read affecting users that have enabled the optional DLP
feature.  An attacker could exploit this vulnerability by sending a crafted
email file to an affected device.  An exploit could allow the attacker to
cause the ClamAV scanning process crash, resulting in a denial of service
condition.

Release notes:
https://lists.clamav.net/pipermail/clamav-announce/2020/000045.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-06 21:01:56 +01:00
Bernd Kuhls
ccca4f0954 package/clamav: security bump version to 0.102.1
Release notes:
https://lists.clamav.net/pipermail/clamav-announce/2019/000043.html

Fixes CVE-2019-15961.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-11-20 21:50:55 +01:00
Fabrice Fontaine
0ebf031102 package/clamav: fix clamsubmit linking
As suggested by Arnout in review of
https://patchwork.ozlabs.org/patch/1175732/, set OBJC to $(TARGET_CC)

Fixes:
 - http://autobuild.buildroot.org/results/49973b2283c65de5155deaf633cd6569a37af375

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-10-14 23:14:02 +02:00
Fabrice Fontaine
be09d22f50 package/clamav: select musl-fts if not glibc
By selecting musl-fts, a build failure on internal fts is avoided

Fixes:
 - http://autobuild.buildroot.org/results/8f0d45202c9a7dbb4d0c7431040384990f04008b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-10-13 22:19:33 +02:00
Bernd Kuhls
007f49962a package/clamav: bump version to 0.102.0
Release notes:
https://blog.clamav.net/2019/10/clamav-01020-has-been-released.html

Added dependencies to libcurl and libmspack.

Although it is technically possible to build this package without
libcurl it makes no sense because only libclamav would be built by
passing the new configure option --enable-libclamav-only but this would
disable most of the package rendering the scan for viruses impossible.
Therefore we decided to make libcurl a mandatory dependency.

libmspack was added as dependency to avoid building the internally
provided code for this package, we prefer to provide needed libraries
ourselves. Linking against internally-built libmspack is broken anyway
but we do not bother to fix the problem, use system libmspack instead.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-10-10 23:27:15 +02:00
Bernd Kuhls
914ba20600 package/clamav: security bump version to 0.101.4
Fixes CVE-2019-12900 and adds an additional fix for CVE-2019-12625.

Release notes:
https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-08-25 08:49:12 +02:00
Bernd Kuhls
9537db0d82 package/clamav: security bump version to 0.101.3
Release notes:
https://blog.clamav.net/2019/08/clamav-01013-security-patch-release-and.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-08-06 22:27:54 +02:00
Bernd Kuhls
4037c0a397 package/clamav: security bump to version 0.101.2
Release notes:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html

- Fixes for the following vulnerabilities affecting 0.101.1 and prior:
  - CVE-2019-1787:
    An out-of-bounds heap read condition may occur when scanning PDF
    documents. The defect is a failure to correctly keep track of the number
    of bytes remaining in a buffer when indexing file data.
  - CVE-2019-1789:
    An out-of-bounds heap read condition may occur when scanning PE files
    (i.e. Windows EXE and DLL files) that have been packed using Aspack as a
    result of inadequate bound-checking.
  - CVE-2019-1788:
    An out-of-bounds heap write condition may occur when scanning OLE2 files
    such as Microsoft Office 97-2003 documents. The invalid write happens when
    an invalid pointer is mistakenly used to initialize a 32bit integer to
    zero. This is likely to crash the application.

- Fixes for the following vulnerabilities affecting 0.101.1 and 0.101.0 only:
  - CVE-2019-1786:
    An out-of-bounds heap read condition may occur when scanning malformed PDF
    documents as a result of improper bounds-checking.
  - CVE-2019-1785:
    A path-traversal write condition may occur as a result of improper input
    validation when scanning RAR archives. Issue reported by aCaB.
  - CVE-2019-1798:
    A use-after-free condition may occur as a result of improper error
    handling when scanning nested RAR archives. Issue reported by David L.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-03-27 09:31:35 +01:00
Bernd Kuhls
50610dccfa package/clamav: link with libatomic when needed
Configure check for OpenSSL fails:

/accts/mlweber1/rclinux/rc-buildroot-test/scripts/instance-3/output/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libcrypto.a(threads_pthread.o): In function `CRYPTO_atomic_add':
threads_pthread.c:(.text+0x1dc): undefined reference to `__atomic_is_lock_free'
threads_pthread.c:(.text+0x1f4): undefined reference to `__atomic_fetch_add_4'

Fixes
http://autobuild.buildroot.net/results/cae8da81adff3ba493154e0ba8b21d90367f82eb/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-24 21:37:28 +01:00
Bernd Kuhls
25ff9dc1fb package/clamav: needs wchar
Fixes
http://autobuild.buildroot.net/results/77c/77cd536a0fab78eabe27e055d28db2da354008d7/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-10 11:25:11 +01:00
Fabrice Fontaine
4d85d5038e clamav: needs C++
clamav needs C++ since bump to version 0.101.1 and
d39cb6581f

Fixes:
 - http://autobuild.buildroot.org/results/be14aa571309cda32a5963feed9fd7f220e87fe6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-01-28 22:05:15 +01:00
Bernd Kuhls
e1cfe35066 package/clamav: add optional dependency to pcre2
Upstream recommends pcre2 over pcre:
1f71c2b21c

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-01-27 10:49:47 +01:00
Bernd Kuhls
0e424610bc package/clamav: bump version to 0.101.1
Removed patch applied upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-01-27 10:49:33 +01:00
Fabrice Fontaine
70992f5b69 clamav: add optional systemd dependency
clamav has an optional systemd dependency

Moreover, since the bump to 1.5.3, pkgconf prepends the sysroot to all
absolute paths found in the .pc file. This is correct when the paths
refer to something in STAGING_DIR (e.g. libdir, includedir), but not
when it refers to something used for the target.

clamav uses the systemdsystemunitdir variable from systemd.pc to decide
where to install things. Since DESTDIR is prepended to the install
destination, this will end up in the wrong location.

Until a better solution is found in pkgconf, pass the
systemdsystemunitdir to use explicitly instead of relying on systemd.pc.

Fixes:
 - http://autobuild.buildroot.org/results/fe526c60542527112e6441e453b4df5de49242d9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-12-13 21:31:26 +01:00
Bernd Kuhls
bbd6fb9c2d package/clamav: security bump to 0.100.2
Fixes CVE-2018-15378, CVE-2018-14680, CVE-2018-14681 & CVE-2018-14682:
http://lists.clamav.net/pipermail/clamav-announce/2018/000033.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-04 14:21:52 +02:00
Bernd Kuhls
b80886388d package/clamav: security bump to 0.100.1
Fixes CVE-2017-16932, CVE-2018-0360 & CVE-2018-0361:
http://lists.clamav.net/pipermail/clamav-announce/2018/000032.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-07-10 10:25:09 +02:00
Thomas Petazzoni
037572ee56 clamav: add patch to fix build failure caused by lack of libcurl
When json-c is enabled but libcurl is disabled, clamav tries to build
the clamsubmit program, which fails with:

  CC       clamsubmit.o
clamsubmit.c:6:23: fatal error: curl/curl.h: No such file or directory
 #include <curl/curl.h>

This is due to an incorrect curl-config detection logic, leading to
/bin/curl-config being present making the configure script believe
that curl is available, even when --without-libcurl is explicitly
passed.

This commit adds a patch, submitted upstream, which fixes this
problem.

Fixes:

  http://autobuild.buildroot.net/results/c43d2ebd8ab30016969d642dbd71c297dc5f6bab/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-13 22:59:53 +02:00
Thomas Petazzoni
eb4b00129c clamav: reformat patches as Git-formatted patches
ClamAV is using Git upstream
(https://github.com/Cisco-Talos/clamav-devel), so it makes sense to
use Git-formatted patches.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-13 22:59:52 +02:00
Bernd Kuhls
6088fedd73 package/clamav: bump version to 0.100.0
Release notes:
http://lists.clamav.net/pipermail/clamav-announce/2018/000031.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-04-11 16:17:55 +02:00
Bernd Kuhls
d02cbe22da package/clamav: security bump to version 0.99.4
Fixes CVE-2012-6706, CVE-2017-6419, CVE-2017-11423, CVE-2018-1000085 &
CVE-2018-0202.

For details see upstream announcement:
http://lists.clamav.net/pipermail/clamav-announce/2018/000029.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-03-02 07:58:18 +01:00
Bernd Kuhls
ffb5dee113 package/clamav: security bump to version 0.99.3
Fixes CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377,
CVE-2017-12378, CVE-2017-12379, CVE-2017-12380.

For details see upstream announcement:
http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html

Added license hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-27 14:47:03 +01:00
Thomas Petazzoni
c6882af636 clamav: use new gettext logic
This commit switches to use the new gettext logic, which involves:

 - using TARGET_NLS_DEPENDENCIES instead of hand-encoded dependencies
   on gettext/host-gettext

 - dropping BR2_PACKAGE_GETTEXT selection

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-05 01:27:24 +02:00
Peter Korsgaard
11271540bf Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 22:28:14 +02:00
Adam Duskett
ee71aa2375 package/c*/Config.in: fix help text wrapping
The check-package script when ran gives warnings on text wrapping
on all of these Config files.  This patch cleans up all warnings
related to the text wrapping for the Config files starting with
the letter c in the package directory.

The appropriate indentation is: <tab><2 spaces><62 chars>
See http://nightly.buildroot.org/#writing-rules-config-in for more
information.

Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-05-11 23:28:01 +02:00
Bernd Kuhls
c60a54ff8b package/clamav: renumber patch
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-05-11 21:50:55 +02:00
Adam Duskett
e22b287ca7 package/c*/Config.in: fix ordering of statements
The check-package script when ran gives warnings on ordering issues
on all of these Config files.  This patch cleans up all warnings
related to the ordering in the Config files for packages starting with
the letter c in the package directory.

The appropriate ordering is: type, default, depends on, select, help
See http://nightly.buildroot.org/#_config_files for more information.

Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-29 21:12:10 +02:00
Rahul Bedarkar
af31c309e7 boot, linux, package: use SPDX short identifier for GPLv2/GPLv2+
We want to use SPDX identifier for license strings as much as possible.
SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+.

This change is done by using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv2\>/GPL-2.0/g'

Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-01 15:16:38 +02:00
Bernd Kuhls
013207f2e4 package/clamav: add optional dependency to json-c
clamav has optional support for json-c:

$ output/host/usr/bin/i586-buildroot-linux-uclibc-readelf -a output/target/usr/lib/libclamav.so.7.1.1 | grep NEEDED
 0x00000001 (NEEDED)                     Shared library: [libltdl.so.7]
 0x00000001 (NEEDED)                     Shared library: [libssl.so.1.0.0]
 0x00000001 (NEEDED)                     Shared library: [libcrypto.so.1.0.0]
 0x00000001 (NEEDED)                     Shared library: [libz.so.1]
 0x00000001 (NEEDED)                     Shared library: [libjson-c.so.2]
 0x00000001 (NEEDED)                     Shared library: [libc.so.0]

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-12 15:41:13 +01:00
Bernd Kuhls
a5b0607b4a package/clamav: needs libtool
clamav contains a copy of libltdl which is used when the libtool
package is not present, this increases the filesize of the target libs:

linked against libltdl.so:

-rwxr-xr-x 1 bernd bernd 1838528 Mär 11 13:21 output/target/usr/lib/libclamav.so.7.1.1

$ output/host/usr/bin/i586-buildroot-linux-uclibc-readelf -a output/target/usr/lib/libclamav.so.7.1.1 | grep NEEDED
 0x00000001 (NEEDED)                     Shared library: [libltdl.so.7]
 0x00000001 (NEEDED)                     Shared library: [libssl.so.1.0.0]
 0x00000001 (NEEDED)                     Shared library: [libcrypto.so.1.0.0]
 0x00000001 (NEEDED)                     Shared library: [libz.so.1]
 0x00000001 (NEEDED)                     Shared library: [libc.so.0]

not linked against libltdl.so:

-rwxr-xr-x 1 bernd bernd 1859548 Mär 11 13:21 output/target/usr/lib/libclamav.so.7.1.1

$ output/host/usr/bin/i586-buildroot-linux-uclibc-readelf -a output/target/usr/lib/libclamav.so.7.1.1 | grep NEEDED
 0x00000001 (NEEDED)                     Shared library: [libssl.so.1.0.0]
 0x00000001 (NEEDED)                     Shared library: [libcrypto.so.1.0.0]
 0x00000001 (NEEDED)                     Shared library: [libz.so.1]
 0x00000001 (NEEDED)                     Shared library: [libc.so.0]

Therefore this patch adds libtool as hard dependency to clamav.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-12 15:40:48 +01:00
Peter Korsgaard
4970a780b7 clamav: fix configure breakage after zlib 1.2.10 version bump
Fixes:
http://autobuild.buildroot.net/results/b6b/b6ba2dfb42ee41ed0b8304aa8c78645245f3b341/
http://autobuild.buildroot.net/results/eef/eef9a2dda2c172cd600dc74c1e5e60476d92280d/
http://autobuild.buildroot.net/results/827/82798118795aa6334b4dd6eac06777682131da7f/

The clamav configure script by default checks for old zlib versions with
known vulnerabilities and errors out if found:

configure: error: The installed zlib version may contain a security bug.
Please upgrade to 1.2.2 or later: http://www.zlib.net.  You can omit this
check with --disable-zlib-vcheck but DO NOT REPORT any stability issues
then!

The check is unfortunately not very robust as it simply checks for a version
string matching '1.2.1' (which 1.2.10 does):

vuln=`grep "ZLIB_VERSION \"1.2.1" $ZLIB_HOME/include/zlib.h`

As a workaround, pass --disable-zlib-vcheck to skip this check.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-01-04 17:04:18 +01:00
Bernd Kuhls
71ad4dadb6 package/clamav: bump version to 0.99.2
Changed upstream URL to project site clamav.net, the tarball for the
new version is not available on sourceforge.net anymore.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-05-09 22:26:56 +02:00
Gustavo Zacarias
2c8e5dd69f clamav: bump to version 0.99.1
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-03 15:08:04 +01:00
Bernd Kuhls
beb67930c6 package/clamav: Fix LICENSE_FILES after last version bump
Fixes
http://autobuild.buildroot.net/results/3a1/3a12aea6a7a3500883a6d0184da3bd8cebf50e7b/
and many others

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-12-13 14:30:26 +01:00
Bernd Kuhls
2abe487cd6 package/clamav: bump to version 0.99
- removed autoreconf and two patches applied upstream
b20eeffadb
785e4a90e0

- removed clamuko configure option
- disabled fanotify support because UCLIBC_HAS_FTS is disabled
https://github.com/vrtadmin/clamav-devel/blob/master/README
"Support for on-access scanning using Clamuko/Dazuko has been replaced
 with fanotify."

- added host-pkgconf dependency, used by configure
- added optional dependency to pcre
- added sha256 hash

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-12-12 12:05:29 +01:00
Bernd Kuhls
1591799094 package/clamav: bump version to 0.98.7, enable ipv6 support
Clamav uses AC_TRY_RUN in m4/reorganization/code_checks/ipv6.m4 to check
for ipv6 support, which is not cross-compile safe. Since buildroot
supports ipv6 out-of-the-box now this patch forces ipv6 support.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-04-29 23:27:12 +02:00
Peter Korsgaard
298cd8eaa2 package/*: rename patches according to the new policy
Autogenerated from rename-patch.py (http://patchwork.ozlabs.org/patch/403345)

Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-02-03 14:52:56 +01:00
Bernd Kuhls
f67fa48bd6 package/clamav: bump version to 0.98.6
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-01-31 13:02:27 +01:00
Yann E. MORIN
a3926f3a64 package/clamav: fix static build
clamav unconditionally includes dlfcn.h which is missing on a uClibc
that is configured as a pure-static C library.

Thus, the build fails.

But the including file does not even makes use of any function from the
dlopen() familly, so it does not need to include dlfcn.h to start with.

Add a patch to clamav to not include dlfcn.h where not needed.

Fixes:
    http://autobuild.buildroot.net/results/b49/b491f4e5e1760248adb8d21b404e8aa15f7dbdd1/

[Peter: fix typo in patch description]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-11-25 22:35:43 +01:00
Peter Korsgaard
7e1728bb05 clamav: fix bzip2 detection
Configure gets confused if the host has bzip2 development headers, so force
the results.

Fixes:
http://autobuild.buildroot.net/results/e73/e732d1bac8fe68fd8bba50e4e9d908be3d996c83/
http://autobuild.buildroot.net/results/1a4/1a46e53cf892534f1b3a16c249fa710485290b5a/
http://autobuild.buildroot.net/results/6d0/6d09379aaba0ccddddfee9e319b84687012fd5fc/
http://autobuild.buildroot.net/results/d23/d2310a2f265e7d22c025a61e064a3c29dc6213ef/

And many more.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-11-20 23:06:41 +01:00
Gustavo Zacarias
59119da778 clamav: security bump to version 0.98.5
Fixes:
CVE-2013-6497 - the jwplayer.js file causes ClamAV to seg fault when
scanned with the -a (list archived files).

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-11-20 19:40:13 +01:00
Yann E. MORIN
85101d3741 package/clamav: fix build with uClibc
clamav wants to use backtrace, and decides whether it can use it if it
detects a glibc >= 2.1.

But uClibc does impersonate a glibc >= 2.1, so clamav concludes it is
possible to use backtrace. So it includes execinfo.h, which is missing
in our default uClibc config file.

So, just extend the test so that backtrace support is disable on uClibc,
unless it has been configured with backtrace support.

A far better solution would be to add a ./configure check for backtrace,
but this patch is sufficient enough.

Fixes:
    http://autobuild.buildroot.net/results/cff/cffa32fcedda735983d4805d6d4fa77844539b10/
    http://autobuild.buildroot.net/results/e0a/e0a765a94a538b0b936ea512f7aba0264fac6309/
    ...

Bugtracker: https://bugzilla.clamav.net/show_bug.cgi?id=11170

[Peter: add bugtracker URL as suggested by Bernd]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-11-16 23:03:00 +01:00