rpms / clamav

Clone
Source Code
GIT

#23 Update to 1.0.0
Merged a year ago by orion. Opened 2 years ago by orion.
rpms/ orion/clamav 1.0  into  rawhide

file modified
+37 -37 
@@ -1,6 +1,6 @@ 
 

- diff -up clamav-0.103.0/clamconf/clamconf.c.default_confs clamav-0.103.0/clamconf/clamconf.c
 

- --- clamav-0.103.0/clamconf/clamconf.c.default_confs	2020-09-12 18:27:09.000000000 -0600
 

- +++ clamav-0.103.0/clamconf/clamconf.c	2020-09-17 22:00:20.792879792 -0600
 

+ diff -up clamav-0.104.3/clamconf/clamconf.c.default_confs clamav-0.104.3/clamconf/clamconf.c
 

+ --- clamav-0.104.3/clamconf/clamconf.c.default_confs	2022-05-02 00:24:50.000000000 -0600
 

+ +++ clamav-0.104.3/clamconf/clamconf.c	2022-05-12 22:04:42.883348923 -0600
 

  @@ -63,9 +63,9 @@ static struct _cfgfile {
 

       const char *name;
 

       int tool;
 
@@ -13,66 +13,66 @@ 
 

       {NULL, 0}};
 

   

   static void printopts(struct optstruct *opts, int nondef)
 

- diff -up clamav-0.103.0/docs/man/clamav-milter.8.in.default_confs clamav-0.103.0/docs/man/clamav-milter.8.in
 

- --- clamav-0.103.0/docs/man/clamav-milter.8.in.default_confs	2020-09-12 18:27:09.000000000 -0600
 

- +++ clamav-0.103.0/docs/man/clamav-milter.8.in	2020-09-17 22:00:20.793879800 -0600
 

+ diff -up clamav-0.104.3/docs/man/clamav-milter.8.in.default_confs clamav-0.104.3/docs/man/clamav-milter.8.in
 

+ --- clamav-0.104.3/docs/man/clamav-milter.8.in.default_confs	2022-05-12 22:04:42.885348940 -0600
 

+ +++ clamav-0.104.3/docs/man/clamav-milter.8.in	2022-05-12 22:05:25.031719791 -0600
 

  @@ -27,7 +27,7 @@ Print the version number and exit.
 

   Read configuration from FILE.
 

   .SH "FILES"
 

-  .LP 

- -@CFGDIR@/clamav-milter.conf
 

- +@CFGDIR@/mail/clamav-milter.conf
 

+  .LP
 

+ -@CONFDIR@/clamav-milter.conf
 

+ +@CONFDIR@/mail/clamav-milter.conf
 

   .SH "AUTHOR"
 

-  .LP 

+  .LP
 

   aCaB <acab@clamav.net>
 

- diff -up clamav-0.103.0/docs/man/clamav-milter.conf.5.in.default_confs clamav-0.103.0/docs/man/clamav-milter.conf.5.in
 

- --- clamav-0.103.0/docs/man/clamav-milter.conf.5.in.default_confs	2020-09-12 18:27:09.000000000 -0600
 

- +++ clamav-0.103.0/docs/man/clamav-milter.conf.5.in	2020-09-17 22:00:20.794879808 -0600
 

+ diff -up clamav-0.104.3/docs/man/clamav-milter.conf.5.in.default_confs clamav-0.104.3/docs/man/clamav-milter.conf.5.in
 

+ --- clamav-0.104.3/docs/man/clamav-milter.conf.5.in.default_confs	2022-05-12 22:04:42.887348958 -0600
 

+ +++ clamav-0.104.3/docs/man/clamav-milter.conf.5.in	2022-05-12 22:05:48.834929418 -0600
 

  @@ -239,7 +239,7 @@ Default: no
 

   All options expressing a size are limited to max 4GB. Values in excess will be reset to the maximum.
 

   .SH "FILES"
 

-  .LP 

- -@CFGDIR@/clamav-milter.conf
 

- +@CFGDIR@/mail/clamav-milter.conf
 

+  .LP
 

+ -@CONFDIR@/clamav-milter.conf
 

+ +@CONFDIR@/mail/clamav-milter.conf
 

   .SH "AUTHOR"
 

-  .LP 

+  .LP
 

   aCaB <acab@clamav.net>
 

- diff -up clamav-0.103.0/docs/man/clamd.8.in.default_confs clamav-0.103.0/docs/man/clamd.8.in
 

- --- clamav-0.103.0/docs/man/clamd.8.in.default_confs	2020-09-12 18:27:09.000000000 -0600
 

- +++ clamav-0.103.0/docs/man/clamd.8.in	2020-09-17 22:00:20.794879808 -0600
 

+ diff -up clamav-0.104.3/docs/man/clamd.8.in.default_confs clamav-0.104.3/docs/man/clamd.8.in
 

+ --- clamav-0.104.3/docs/man/clamd.8.in.default_confs	2022-05-12 22:04:42.888348967 -0600
 

+ +++ clamav-0.104.3/docs/man/clamd.8.in	2022-05-12 22:07:01.657570942 -0600
 

  @@ -7,7 +7,7 @@ clamd \- an anti\-virus daemon
 

   clamd [options]
 

   .SH "DESCRIPTION"
 

-  .LP 

- -The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CFGDIR@/clamd.conf
 

- +The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CFGDIR@/clamd.d/scan.conf
 

+  .LP
 

+ -The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CONFDIR@/clamd.conf
 

+ +The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CONFDIR@/clamd.d/scan.conf
 

   .SH "COMMANDS"
 

-  .LP 

+  .LP
 

   It's recommended to prefix clamd commands with the letter \fBz\fR (eg. zSCAN) to indicate that the command will be delimited by a NULL character and that clamd should continue reading command data until a NULL character is read. The null delimiter assures that the complete command and its entire argument will be processed as a single command. Alternatively commands may be prefixed with the letter \fBn\fR (e.g. nSCAN) to use a newline character as the delimiter. Clamd replies will honour the requested terminator in turn.
 

- @@ -125,7 +125,7 @@ Reload the signature databases.
 

+ @@ -133,7 +133,7 @@ Reload the signature databases.
 

   Perform a clean exit.
 

   .SH "FILES"
 

-  .LP 

- -@CFGDIR@/clamd.conf
 

- +@CFGDIR@/clamd.d/scan.conf
 

+  .LP
 

+ -@CONFDIR@/clamd.conf
 

+ +@CONFDIR@/clamd.d/scan.conf
 

   .SH "CREDITS"
 

   Please check the full documentation for credits.
 

   .SH "AUTHOR"
 

- diff -up clamav-0.103.0/docs/man/clamd.conf.5.in.default_confs clamav-0.103.0/docs/man/clamd.conf.5.in
 

- --- clamav-0.103.0/docs/man/clamd.conf.5.in.default_confs	2020-09-17 22:00:20.795879816 -0600
 

- +++ clamav-0.103.0/docs/man/clamd.conf.5.in	2020-09-17 22:01:21.414353121 -0600
 

- @@ -759,7 +759,7 @@ Default: no
 

+ diff -up clamav-0.104.3/docs/man/clamd.conf.5.in.default_confs clamav-0.104.3/docs/man/clamd.conf.5.in
 

+ --- clamav-0.104.3/docs/man/clamd.conf.5.in.default_confs	2022-05-12 22:04:42.889348976 -0600
 

+ +++ clamav-0.104.3/docs/man/clamd.conf.5.in	2022-05-12 22:06:21.800219822 -0600
 

+ @@ -765,7 +765,7 @@ Default: no
 

   All options expressing a size are limited to max 4GB. Values in excess will be reset to the maximum.
 

   .SH "FILES"
 

   .LP
 

- -@CFGDIR@/clamd.conf
 

- +@CFGDIR@/clamd.d/scan.conf
 

+ -@CONFDIR@/clamd.conf
 

+ +@CONFDIR@/clamd.d/scan.conf
 

   .SH "AUTHORS"
 

   .LP
 

   Tomasz Kojm <tkojm@clamav.net>, Kevin Lin <klin@sourcefire.com>
 

- diff -up clamav-0.103.0/platform.h.in.default_confs clamav-0.103.0/platform.h.in
 

- --- clamav-0.103.0/platform.h.in.default_confs	2020-09-17 22:00:20.796879824 -0600
 

- +++ clamav-0.103.0/platform.h.in	2020-09-17 22:01:56.842629739 -0600
 

+ diff -up clamav-0.104.3/platform.h.in.default_confs clamav-0.104.3/platform.h.in
 

+ --- clamav-0.104.3/platform.h.in.default_confs	2022-05-02 00:24:50.000000000 -0600
 

+ +++ clamav-0.104.3/platform.h.in	2022-05-12 22:04:42.891348993 -0600
 

  @@ -112,9 +112,9 @@ typedef unsigned int in_addr_t;
 

   #endif

file modified
+5 -10 
@@ -1,17 +1,12 @@ 
 

- --- ./freshclam/clamav-freshclam.service.in.orig	2021-06-14 10:36:39.029730737 +0100
 

- +++ ./freshclam/clamav-freshclam.service.in	2021-06-14 10:37:53.621423748 +0100
 

- @@ -2,13 +2,12 @@
 

+ diff -up clamav-0.104.3/freshclam/clamav-freshclam.service.in.freshclam-service clamav-0.104.3/freshclam/clamav-freshclam.service.in
 

+ --- clamav-0.104.3/freshclam/clamav-freshclam.service.in.freshclam-service	2022-05-12 22:07:25.472780737 -0600
 

+ +++ clamav-0.104.3/freshclam/clamav-freshclam.service.in	2022-05-12 22:08:06.280140224 -0600
 

+ @@ -2,7 +2,7 @@
 

   Description=ClamAV virus database updater
 

   Documentation=man:freshclam(1) man:freshclam.conf(5) https://docs.clamav.net/
 

   # If user wants it run from cron, don't start the daemon.
 

  -ConditionPathExists=!/etc/cron.d/clamav-freshclam
 

- +# ConditionPathExists=!/etc/cron.d/clamav-update
 

+ +# ConditionPathExists=!/etc/cron.d/clamav-freshclam
 

   Wants=network-online.target
 

   After=network-online.target
 

   

-  [Service]
 

-  ExecStart=@prefix@/bin/freshclam -d --foreground=true
 

- -StandardOutput=syslog
 

-  

-  [Install]
 

-  WantedBy=multi-user.target

file added
+18 
@@ -0,0 +1,18 @@ 
 

+ diff -up clamav-1.0.0/CMakeLists.txt.rpath clamav-1.0.0/CMakeLists.txt
 

+ --- clamav-1.0.0/CMakeLists.txt.rpath	2023-01-15 22:04:58.217120124 -0700
 

+ +++ clamav-1.0.0/CMakeLists.txt	2023-01-15 22:05:57.121818812 -0700
 

+ @@ -180,14 +180,6 @@ endif()
 

+  

+  include(GNUInstallDirs)
 

+  

+ -if (NOT DEFINED CMAKE_INSTALL_RPATH)
 

+ -    if(CMAKE_INSTALL_FULL_LIBDIR)
 

+ -        set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_FULL_LIBDIR}")
 

+ -    else()
 

+ -        set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/lib")
 

+ -    endif()
 

+ -endif()
 

+ -
 

+  if("${CMAKE_CXX_COMPILER_ID}" MATCHES "Clang")
 

+    set(USING_CLANG ON)
 

+  else()

file removed
-17 
@@ -1,17 +0,0 @@ 
 

- diff -up clamav-0.102.0/shared/optparser.c.stats-deprecation clamav-0.102.0/shared/optparser.c
 

- --- clamav-0.102.0/shared/optparser.c.stats-deprecation	2019-10-10 21:55:31.245995091 -0600
 

- +++ clamav-0.102.0/shared/optparser.c	2019-10-11 20:40:04.580067432 -0600
 

- @@ -524,6 +524,13 @@ const struct clam_option __clam_options[
 

-      {"ArchiveLimitMemoryUsage", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD | OPT_DEPRECATED, "", ""},
 

-      {"MailFollowURLs", "mail-follow-urls", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", ""},
 

-      {"AllowSupplementaryGroups", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_MILTER | OPT_DEPRECATED, "Initialize a supplementary group access (the process must be started by root).", "no"},
 

- +    {"StatsHostID", "stats-host-id", 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },
 

- +    {"StatsEnabled", "enable-stats", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_CLAMSCAN | OPT_DEPRECATED, "", ""},
 

- +    {"StatsPEDisabled", "disable-pe-stats", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", ""},
 

- +    {"StatsTimeout", "stats-timeout", 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, -1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_FRESHCLAM | OPT_DEPRECATED, "", ""},
 

- +    {"SubmitDetectionStats", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", ""},
 

- +    {"DetectionStatsCountry", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", ""},
 

- +    {"DetectionStatsHostID", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", ""},
 

-      {"ScanOnAccess", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD | OPT_DEPRECATED, "", ""},
 

-  

-      /* Milter specific options */

file modified
+54 -104 
@@ -1,21 +1,12 @@ 
 

- #global prerelease  rc1
 

+ #global prerelease  -rc2
 

  

  %global _hardened_build 1
 

  

  ## Fedora specific customization below...
 

  %bcond_without  clamonacc
 

  %bcond_with     unrar
 

- %ifnarch ppc64
 

- %bcond_without  llvm
 

- %else
 

- %bcond_with     llvm
 

- %endif
 

- 

- %if 0%{?fedora} || 0%{?rhel} >= 8
 

- %bcond_with old_freshclam
 

- %else
 

- %bcond_without old_freshclam
 

- %endif
 

+ # Failing with llvm 14 https://github.com/Cisco-Talos/clamav/issues/581
 

+ %bcond_with  llvm
 

  

  %ifnarch s390 s390x
 

  %global have_ocaml  1
 
@@ -33,8 +24,8 @@ 
 

  

  Summary:    End-user tools for the Clam Antivirus scanner
 

  Name:       clamav
 

- Version:    0.103.7
 

- Release:    5%{?dist}
 

+ Version:    1.0.0
 

+ Release:    1%{?dist}
 

  License:    %{?with_unrar:proprietary}%{!?with_unrar:GPLv2}
 

  URL:        https://www.clamav.net/
 

  %if %{with unrar}
 
@@ -56,7 +47,7 @@ 
 

  #http://database.clamav.net/main.cvd
 

  Source10:   main-62.cvd
 

  #http://database.clamav.net/daily.cvd
 

- Source11:   daily-26614.cvd
 

+ Source11:   daily-26722.cvd
 

  #http://database.clamav.net/bytecode.cvd
 

  Source12:   bytecode-333.cvd
 

  #for update
 
@@ -71,39 +62,43 @@ 
 

  #for scanner-systemd/server-systemd
 

  Source530:  clamd@.service
 

  

- # Restore some options removed in 0.100 as deprecated
 

- # Could be dropped in F32 with a note
 

- # https://bugzilla.redhat.com/show_bug.cgi?id=1565381#c1
 

- Patch0:     clamav-stats-deprecation.patch
 

  # Change default config locations for Fedora
 

  Patch1:     clamav-default_confs.patch
 

  # Fix pkg-config flags for static linking, multilib
 

  Patch2:     clamav-0.99-private.patch
 

+ # Remove rpath
 

+ Patch3:     clamav-rpath.patch
 

  # Modify clamav-clamonacc.service for Fedora compatibility
 

  Patch5:     clamav-clamonacc-service.patch
 

- 

+ # Allow freshclam service to run if cron.d file is present
 

  Patch6:     clamav-freshclam.service.patch
 

+ # Debian patch to fix big-endian
 

+ Patch7:     https://salsa.debian.org/clamav-team/clamav/-/raw/unstable/debian/patches/libclamav-pe-Use-endian-wrapper-in-more-places.patch
 

  

- BuildRequires:  autoconf
 

- BuildRequires:  automake
 

+ BuildRequires:  cmake
 

  BuildRequires:  gettext-devel
 

- BuildRequires:  libtool
 

- BuildRequires:  libtool-ltdl-devel
 

  BuildRequires:  make
 

  BuildRequires:  gcc-c++
 

+ BuildRequires:  rust
 

+ BuildRequires:  rust-packaging
 

+ BuildRequires:  cargo
 

  BuildRequires:  bzip2-devel
 

+ BuildRequires:  check-devel
 

  BuildRequires:  curl-devel
 

+ BuildRequires:  git-core
 

  BuildRequires:  gmp-devel
 

  BuildRequires:  json-c-devel
 

  BuildRequires:  libprelude-devel
 

  # libprelude-config --libs brings in gnutls, pcre
 

  # https://bugzilla.redhat.com/show_bug.cgi?id=1830473
 

  BuildRequires:  gnutls-devel
 

- BuildRequires:  pcre2-devel
 

  BuildRequires:  libxml2-devel
 

  BuildRequires:  ncurses-devel
 

  BuildRequires:  openssl-devel
 

  BuildRequires:  pcre2-devel
 

+ # Explicitly needed on EL8
 

+ BuildRequires:  python3
 

+ BuildRequires:  python3-pytest
 

  BuildRequires:  zlib-devel
 

  #BuildRequires:  %%{_includedir}/tcpd.h
 

  BuildRequires:  bc
 
@@ -119,6 +114,7 @@ 
 

  BuildRequires:  systemd-rpm-macros
 

  #for milter
 

  BuildRequires:  sendmail-devel
 

+ BuildRequires:  valgrind
 

  

  Requires:   clamav-filesystem = %{version}-%{release}
 

  Requires:   clamav-lib = %{version}-%{release}
 
@@ -197,11 +193,6 @@ 
 

  Summary:    Auto-updater for the Clam Antivirus scanner data-files
 

  Requires:   clamav-filesystem = %{version}-%{release}
 

  Requires:   clamav-lib        = %{version}-%{release}
 

- %if %{with old_freshclam}
 

- Requires:   crontabs
 

- Requires:   /etc/cron.d
 

- Requires(post): %{__chown} %{__chmod}
 

- %endif
 

  Provides:   data(clamav) = empty
 

  Provides:   clamav-data-empty = %{version}-%{release}
 

  Obsoletes:  clamav-data-empty < %{version}-%{release}
 
@@ -252,15 +243,19 @@ 
 

  

  %prep
 

  %setup -q -n %{name}-%{version}%{?prerelease}
 

+ sed -i -e 's/cbindgen = "0.20"/cbindgen = "0.24"/' libclamav_rust/Cargo.toml
 

+ %cargo_prep
 

+ cd libclamav_rust
 

+ rm -r .cargo
 

+ %cargo_prep
 

+ cd ..
 

  

- # No longer support deprecated options in F32+ and EL8+
 

- %if (0%{?fedora} && 0%{?fedora} < 32) || (0%{?rhel} && 0%{?rhel} < 8)
 

- %patch0 -p1 -b .stats-deprecation
 

- %endif
 

  %patch1 -p1 -b .default_confs
 

  %patch2 -p1 -b .private
 

+ %patch3 -p1 -b .rpath
 

  %patch5 -p1 -b .clamonacc-service
 

  %patch6 -p1 -b .freshclam-service
 

+ %patch7 -p1 -b .big-endian
 

  

  install -p -m0644 %{SOURCE300} clamav-milter/
 

  
@@ -268,47 +263,40 @@ 
 

  %{!?with_unrar:touch libclamunrar/{Makefile.in,all,install}}
 

  

  

+ %generate_buildrequires
 

+ cd libclamav_rust
 

+ %cargo_generate_buildrequires
 

+ 

+ 

  %build
 

  # add -Wl,--as-needed if not exist
 

  export LDFLAGS=$(echo %{?__global_ldflags} | sed '/-Wl,--as-needed/!s/$/ -Wl,--as-needed/')
 

  # IPv6 check is buggy and does not work when there are no IPv6 interface on build machine
 

  export have_cv_ipv6=yes
 

  

- rm -rf libltdl autom4te.cache Makefile.in
 

- autoreconf -i
 

- %configure \
 

-     --enable-milter \
 

-     --disable-clamav \
 

-     --disable-static \
 

-     --disable-zlib-vcheck \
 

-     %{!?with_unrar:--disable-unrar} \
 

-     --enable-id-check \
 

-     --enable-dns \
 

-     --with-dbdir=%{homedir} \
 

-     --with-group=%{updateuser} \
 

-     --with-user=%{updateuser} \
 

-     --disable-rpath \
 

-     --disable-silent-rules \
 

-     --enable-clamdtop \
 

-     --enable-prelude \
 

-     %{!?with_clamonacc:--disable-clamonacc} \
 

-     %{!?with_llvm:--disable-llvm}
 

+ %cmake \
 

+     -DAPP_CONFIG_DIRECTORY=%{_sysconfdir} \
 

+     -DCMAKE_INSTALL_DOCDIR=%{_pkgdocdir} \
 

+     -DCLAMAV_USER=%{updateuser} -DCLAMAV_GROUP=%{updateuser} \
 

+     -DDATABASE_DIRECTORY=%{homedir} \
 

+     %{!?with_clamonacc:-DENABLE_CLAMONACC=OFF} \
 

+     %{?with_llvm:-DBYTECODE_RUNTIME=llvm -D LLVM_FIND_VERSION="3.6.0"} \
 

+     %{!?with_unrar:-DENABLE_UNRAR=OFF}
 

  

  # TODO: check periodically that CLAMAVUSER is used for freshclam only
 

  

- %make_build
 

+ %cmake_build
 

  

  

  %install
 

- %make_install
 

+ rm -rf _doc*
 

+ %cmake_install
 

  

  install -d -m 0755 \
 

      %{buildroot}%{_tmpfilesdir} \
 

      %{buildroot}%{homedir} \
 

      %{buildroot}%{quarantinedir}
 

  

- rm -f %{buildroot}%{_libdir}/*.la
 

- 

  ### data
 

  install -D -m 0644 -p %{SOURCE10}     %{buildroot}%{homedir}/main.cvd
 

  install -D -m 0644 -p %{SOURCE11}     %{buildroot}%{homedir}/daily.cvd
 
@@ -324,15 +312,6 @@ 
 

  # Can contain HTTPProxyPassword (bugz#1733112)
 

  chmod 600 %{buildroot}%{_sysconfdir}/freshclam.conf
 

  

- %if %{with old_freshclam}
 

- install -d -m 0755 %{buildroot}%{_var}/log
 

- install -d -m 0755 %{buildroot}%{_sysconfdir}/logrotate.d
 

- install -D -p -m 0755 %{SOURCE200}    %{buildroot}%{_datadir}/%{name}/freshclam-sleep
 

- install -D -p -m 0644 %{SOURCE201}    %{buildroot}%{_sysconfdir}/sysconfig/freshclam
 

- install -D -p -m 0600 %{SOURCE202}    %{buildroot}%{_sysconfdir}/cron.d/clamav-update
 

- install -D -m 0644 -p %{SOURCE203}    %{buildroot}%{_sysconfdir}/logrotate.d/clamav-update
 

- %endif
 

- 

  ### The scanner stuff
 

  install -D -m 0644 -p %{SOURCE3}      _doc_server/clamd.logrotate
 

  install -D -m 0644 -p %{SOURCE5}      _doc_server/README
 
@@ -388,7 +367,9 @@ 
 

  

  

  %check
 

- make check
 

+ %ctest3 -- -E valgrind
 

+ # valgrind tests fail https://github.com/Cisco-Talos/clamav/issues/584
 

+ %ctest3 -- -R valgrind || :
 

  

  

  %post
 
@@ -424,12 +405,6 @@ 
 

  [ -L /etc/systemd/system/multi-user.target.wants/clamd@scan.service ] &&
 

      ln -sf /usr/lib/systemd/system/clamd@.service /etc/systemd/system/multi-user.target.wants/clamd@scan.service || :
 

  %systemd_post clamd@scan.service
 

- %if 0%{?rhel}
 

- if [ $1 -eq 1 ] && [ -x /usr/bin/systemctl ]; then
 

- # Initial installation
 

- /bin/systemd-tmpfiles --create %{_tmpfilesdir}/clamd.scan.conf
 

- fi
 

- %endif
 

  

  %preun -n clamd
 

  %systemd_preun clamd@scan.service
 
@@ -453,12 +428,6 @@ 
 

  

  %post milter
 

  %systemd_post clamav-milter.service
 

- %if 0%{?rhel}
 

- if [ $1 -eq 1 ] && [ -x /usr/bin/systemctl ]; then
 

- # Initial installation
 

- /bin/systemd-tmpfiles --create %{_tmpfilesdir}/clamav-milter.conf || :
 

- fi
 

- %endif
 

  

  %preun milter
 

  %systemd_preun clamav-milter.service
 
@@ -467,21 +436,6 @@ 
 

  %systemd_postun_with_restart clamav-milter.service
 

  

  %post update
 

- %if %{with old_freshclam}
 

- test -e %{freshclamlog} || {
 

-     touch %{freshclamlog}
 

-     %{__chmod} 0664 %{freshclamlog}
 

-     %{__chown} root:%{updateuser} %{freshclamlog}
 

-     ! test -x /sbin/restorecon || /sbin/restorecon %{freshclamlog}
 

- }
 

- #%%else
 

- #if [ $1 -eq 2 ] ; then
 

- #   echo "Warning: clamav-update package changed"
 

- #   echo "Now we provide clamav-freshclam.service systemd unit instead old scripts and the cron.d entry."
 

- #   echo "Unfortunately this may break existing unattended installations."
 

- #   echo "Please run 'systemctl enable clamav-freshclam --now' to enable freshclam updates again."
 

- #fi
 

- %endif
 

  %systemd_post clamav-freshclam.service
 

  

  %preun update
 
@@ -513,13 +467,14 @@ 
 

  %{_unitdir}/clamonacc.service
 

  %{_unitdir}/clamav-clamonacc.service
 

  %attr(0750,root,root) %dir %{quarantinedir}
 

+ %{_pkgdocdir}/html/
 

  

  

  %files lib
 

- %{_libdir}/libclamav.so.9*
 

+ %{_libdir}/libclamav.so.11*
 

  %{_libdir}/libclammspack.so.0*
 

  %if %{with unrar}
 

- %{_libdir}/libclamunrar*.so.9*
 

+ %{_libdir}/libclamunrar*.so.11*
 

  %endif
 

  

  
@@ -556,14 +511,6 @@ 
 

  %{_mandir}/*/freshclam*
 

  %{_unitdir}/clamav-freshclam.service
 

  %config(noreplace) %verify(not mtime)    %{_sysconfdir}/freshclam.conf
 

- %if %{with old_freshclam}
 

- %{_datadir}/%{name}/freshclam-sleep
 

- %config(noreplace) %{_sysconfdir}/cron.d/clamav-update
 

- %config(noreplace) %{_sysconfdir}/sysconfig/freshclam
 

- %config(noreplace) %verify(not mtime)  %{_sysconfdir}/logrotate.d/*
 

- # freshclamlog file is created in post
 

- %ghost %attr(0664,root,%{updateuser}) %verify(not size md5 mtime) %{freshclamlog}
 

- %endif
 

  %ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/main.cvd
 

  %ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/freshclam.dat
 

  %ghost %attr(0644,%{updateuser},%{updateuser}) %{homedir}/daily.cld
 
@@ -590,6 +537,9 @@ 
 

  

  

  %changelog
 

+ * Sun Jan 22 2023 Orion Poplawski <orion@nwra.com> - 1.0.0-1
 

+ - Update to 1.0.0
 

+ 

  * Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.103.7-5
 

  - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild

file added
+91 
@@ -0,0 +1,91 @@ 
 

+ From 5a7b1cdfadc980fb1c4fa32e6275e7c96a963110 Mon Sep 17 00:00:00 2001
 

+ From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
 

+ Date: Fri, 6 Jan 2023 21:42:30 +0100
 

+ Subject: libclamav/pe: Use endian wrapper in more places.
 

+ 

+ A few user of VirtualAddress and Size in cli_exe_info::pe_image_data_dir
 

+ don't use the endian wrapper while other places do. This leads to
 

+ testsuite failures on big endian machines.
 

+ 

+ Use the endian wrapper in all places across pe.c for the two members.
 

+ 

+ Patch-Name: libclamav-pe-Use-endian-wrapper-in-more-places.patch
 

+ Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
 

+ ---
 

+  libclamav/pe.c | 18 +++++++++---------
 

+  1 file changed, 9 insertions(+), 9 deletions(-)
 

+ 

+ diff --git a/libclamav/pe.c b/libclamav/pe.c
 

+ index f5dcea9..19cd2d4 100644
 

+ --- a/libclamav/pe.c
 

+ +++ b/libclamav/pe.c
 

+ @@ -2422,22 +2422,22 @@ static cl_error_t hash_imptbl(cli_ctx *ctx, unsigned char **digest, uint32_t *im
 

+  

+      /* If the PE doesn't have an import table then skip it. This is an
 

+       * uncommon case but can happen. */
 

+ -    if (peinfo->dirs[1].VirtualAddress == 0 || peinfo->dirs[1].Size == 0) {
 

+ +    if (EC32(peinfo->dirs[1].VirtualAddress) == 0 || EC32(peinfo->dirs[1].Size) == 0) {
 

+          cli_dbgmsg("scan_pe: import table data dir does not exist (skipping .imp scanning)\n");
 

+          status = CL_BREAK;
 

+          goto done;
 

+      }
 

+  

+      // TODO Add EC32 wrappers
 

+ -    impoff = cli_rawaddr(peinfo->dirs[1].VirtualAddress, peinfo->sections, peinfo->nsections, &err, fsize, peinfo->hdr_size);
 

+ -    if (err || impoff + peinfo->dirs[1].Size > fsize) {
 

+ +    impoff = cli_rawaddr(EC32(peinfo->dirs[1].VirtualAddress), peinfo->sections, peinfo->nsections, &err, fsize, peinfo->hdr_size);
 

+ +    if (err || impoff + EC32(peinfo->dirs[1].Size) > fsize) {
 

+          cli_dbgmsg("scan_pe: invalid rva for import table data\n");
 

+          status = CL_BREAK;
 

+          goto done;
 

+      }
 

+  

+      // TODO Add EC32 wrapper
 

+ -    impdes = (const struct pe_image_import_descriptor *)fmap_need_off(map, impoff, peinfo->dirs[1].Size);
 

+ +    impdes = (const struct pe_image_import_descriptor *)fmap_need_off(map, impoff, EC32(peinfo->dirs[1].Size));
 

+      if (impdes == NULL) {
 

+          cli_dbgmsg("scan_pe: failed to acquire fmap buffer\n");
 

+          status = CL_EREAD;
 

+ @@ -2447,7 +2447,7 @@ static cl_error_t hash_imptbl(cli_ctx *ctx, unsigned char **digest, uint32_t *im
 

+  

+      /* Safety: We can trust peinfo->dirs[1].Size only because `fmap_need_off()` (above)
 

+       * would have failed if the size exceeds the end of the fmap. */
 

+ -    left = peinfo->dirs[1].Size;
 

+ +    left = EC32(peinfo->dirs[1].Size);
 

+  

+      if (genhash[CLI_HASH_MD5]) {
 

+          hashctx[CLI_HASH_MD5] = cl_hash_init("md5");
 

+ @@ -2546,7 +2546,7 @@ static cl_error_t hash_imptbl(cli_ctx *ctx, unsigned char **digest, uint32_t *im
 

+  

+  done:
 

+      if (needed_impoff) {
 

+ -        fmap_unneed_off(map, impoff, peinfo->dirs[1].Size);
 

+ +        fmap_unneed_off(map, impoff, EC32(peinfo->dirs[1].Size));
 

+      }
 

+  

+      for (type = CLI_HASH_MD5; type < CLI_HASH_AVAIL_TYPES; type++) {
 

+ @@ -3250,7 +3250,7 @@ int cli_scanpe(cli_ctx *ctx)
 

+  

+      /* Trojan.Swizzor.Gen */
 

+      if (SCAN_HEURISTICS && (DCONF & PE_CONF_SWIZZOR) && peinfo->nsections > 1 && fsize > 64 * 1024 && fsize < 4 * 1024 * 1024) {
 

+ -        if (peinfo->dirs[2].Size) {
 

+ +        if (EC32(peinfo->dirs[2].Size)) {
 

+              struct swizz_stats *stats = cli_calloc(1, sizeof(*stats));
 

+              unsigned int m            = 1000;
 

+              ret                       = CL_CLEAN;
 

+ @@ -5292,13 +5292,13 @@ cl_error_t cli_peheader(fmap_t *map, struct cli_exe_info *peinfo, uint32_t opts,
 

+          cli_dbgmsg("EntryPoint offset: 0x%x (%d)\n", peinfo->ep, peinfo->ep);
 

+      }
 

+  

+ -    if (is_dll || peinfo->ndatadirs < 3 || !peinfo->dirs[2].Size)
 

+ +    if (is_dll || peinfo->ndatadirs < 3 || !EC32(peinfo->dirs[2].Size))
 

+          peinfo->res_addr = 0;
 

+      else
 

+          peinfo->res_addr = EC32(peinfo->dirs[2].VirtualAddress);
 

+  

+      while (opts & CLI_PEHEADER_OPT_EXTRACT_VINFO &&
 

+ -           peinfo->ndatadirs >= 3 && peinfo->dirs[2].Size) {
 

+ +           peinfo->ndatadirs >= 3 && EC32(peinfo->dirs[2].Size)) {
 

+          struct vinfo_list vlist;
 

+          const uint8_t *vptr, *baseptr;
 

+          uint32_t rva, res_sz;

file modified
+2 -2 
@@ -1,4 +1,4 @@ 
 

- SHA512 (clamav-0.103.7-norar.tar.xz) = 496ba3b2a72ecb534c55bc11a9f050b201da8475b54cfdfb67e559f8e075b8f3d03c58f9bd3a27909985cc563b69f37ca879d9fe596d87ce35a704d48623c5db
 

+ SHA512 (clamav-1.0.0-norar.tar.xz) = 9acae4fb4041b3e482b2cca72e3d2993c90621bc11f3e7d2dc30aa10e2a0dcee4f30163632fa21887a5faa8cbc59a1e6e71f1457af49b542a844215dfeccaad4
 

  SHA512 (main-62.cvd) = b52e5d9ecacbd9b11c3b0cc460388746fccb353a7520522ed15ee25f645a432bed5be7e6b38512f134f085eb9be76a1e26c19de8b09491d4ec46da8c5afc318e
 

- SHA512 (daily-26614.cvd) = 918b4601bf62c9c4ac13e96f39b25121e3b3ade79482081dbf13f6e6d9f9f3ad38a22acdec7e9c44062ed84ef9bb5b40e4c8dc0af766afd0632bb0ba934a1dec
 

+ SHA512 (daily-26722.cvd) = 303307664fb9f245444e472f46acbb80d840a45998a892a9d04405fb15d4d85c96a4aa52b7107005626684ca6ca77a33044248af612ab50c1cfdda1a8d27fb25
 

  SHA512 (bytecode-333.cvd) = 895c41266b9bc332f3a00c9267907251ad32abe3a5bff7584285e087430fe0dd7343e4ac0245308f3734d971d6ecb5656fd9ce6caf0fa24f9da7a41a96bc4d07

file modified
+2 -2 
@@ -1,5 +1,5 @@ 
 

- VERSION=0.103.7
 

- REPOS="f36 f35 epel9 epel8 epel7"
 

+ VERSION=1.0.0
 

+ REPOS="n"
 

  

  if [ -z "$1" ]
 

  then

This move to the cmake build system and the rust library. The assumption would be that this would only be on F38+ at least for a while.

I think it's time to let this bake in rawhide.

rebased onto b06e84e
2 years ago

rebased onto 8e517b2
2 years ago

rebased onto c2037ba
2 years ago

not at all , is welcome

1 new commit added

  • version-script
2 years ago

rebased onto d096e9e
a year ago

rebased onto 6ce93b4
a year ago

Okay, I think we're finally ready for this. I'll announce an upcoming build next week. Test builds of deps are here: https://copr.fedorainfracloud.org/coprs/orion/clamav-1.0/builds/

rebased onto 1f873aa
a year ago

Pull-Request has been merged by orion
a year ago

@orion

The assumption would be that this would only be on F38+ at least for a while.
I think it's time to let this bake in rawhide.

thxalot!

fwiw, from my COPR (pgfed/clamav),

lsb_release -rd
    Description:    Fedora release 37 (Thirty Seven)
    Release:        37

rpm -qa | grep -i clamav | sort
    clamav-1.0.0-1.fc37.x86_64
    clamav-filesystem-1.0.0-1.fc37.noarch
    clamav-lib-1.0.0-1.fc37.x86_64
    clamav-milter-1.0.0-1.fc37.x86_64
    clamav-update-1.0.0-1.fc37.x86_64

systemctl status -ln0 clamav-daemon clamav-milter clamav-freshclam | egrep "● |Loaded|Active"
    ● clamav-daemon.service - clamd scanner daemon
         Loaded: loaded (/etc/systemd/system/clamav-daemon.service; enabled; preset: disabled)
         Active: active (running) since Sun 2023-01-22 16:17:40 EST; 2min 43s ago
    ● clamav-milter.service - Milter module for the Clam Antivirus scanner
         Loaded: loaded (/etc/systemd/system/clamav-milter.service; enabled; preset: disabled)
         Active: active (running) since Sun 2023-01-22 16:17:41 EST; 2min 43s ago
    ● clamav-freshclam.service
         Loaded: loaded (/etc/systemd/system/clamav-freshclam.service; enabled; preset: disabled)
         Active: active (running) since Sun 2023-01-22 16:17:15 EST; 3min 9s ago

here clamav-milter serves a postfix 3.7.3 install and (initially ...) looks ok:

...
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 1.0.0 at clamav-milter.mx.example.com
...
Metadata
None
No Tags
Changes Summary 8
+37 -37
file changed
clamav-default_confs.patch
+5 -10
file changed
clamav-freshclam.service.patch
+18
file added
clamav-rpath.patch
-17
file removed
clamav-stats-deprecation.patch
+54 -104
file changed
clamav.spec
+91
file added
libclamav-pe-Use-endian-wrapper-in-more-places.patch
+2 -2
file changed
sources
+2 -2
file changed
update_clamav.sh
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.