security/clamav: update to 0.103.12

0.103.12 (2024-09-04) ClamAV 0.103.12 is a patch release with the following fixes: - [CVE-2024-20506](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20506): Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the 'clamd' or 'freshclam' services from using a symlink to corrupt system files. This issue affects all currently supported versions. It will be fixed in: - 1.4.1 - 1.3.2 - 1.0.7 - 0.103.12 Thank you to Detlef for identifying this issue. - [CVE-2024-20505](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20505): Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service (DoS) condition. This issue affects all currently supported versions. It will be fixed in: - 1.4.1 - 1.3.2 - 1.0.7 - 0.103.12 Thank you to OSS-Fuzz for identifying this issue. - ClamOnAcc: Fixed an infinite loop when a watched directory does not exist. - [GitHub pull request](Cisco-Talos/clamav#1198) - Fixed a bug causing CVDs downloaded by the `DatabaseCustomURL` Freshclam config option to be pruned and then re-downloaded with every update. Also added the new 'valhalla' database name to the list of optional databases in preparation for future work. - Backport of [GitHub pull request](Cisco-Talos/clamav#1233) - Fixed an unaligned pointer dereference issue on select architectures. Fix courtesy of Sebastian Andrzej Siewior. - Backport of [GitHub pull request](Cisco-Talos/clamav#1293)
NetBSD · Sep 5, 2024 · 7c0e652 · 7c0e652
1 parent 077211f
commit 7c0e652
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 9 deletions.
diff --git a/security/clamav/Makefile b/security/clamav/Makefile
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.93 2024/05/29 16:34:13 adam Exp $
+# $NetBSD: Makefile,v 1.94 2024/09/05 15:10:15 taca Exp $
 
-PKGREVISION= 4
 .include "Makefile.common"
 
 COMMENT=	Anti-virus toolkit

diff --git a/security/clamav/Makefile.common b/security/clamav/Makefile.common
@@ -1,11 +1,11 @@
-# $NetBSD: Makefile.common,v 1.26 2023/08/29 14:43:01 taca Exp $
+# $NetBSD: Makefile.common,v 1.27 2024/09/05 15:10:15 taca Exp $
 #
 # used by security/clamav/Makefile
 # used by security/clamav-doc/Makefile
 
-DISTNAME=	clamav-0.103.10
+DISTNAME=	clamav-0.103.12
 CATEGORIES=	security
-MASTER_SITES=	http://www.clamav.net/downloads/production/
+MASTER_SITES=	https://www.clamav.net/downloads/production/
 
 MAINTAINER?=	[email protected]
 HOMEPAGE=	https://www.clamav.net/

diff --git a/security/clamav/distinfo b/security/clamav/distinfo
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.45 2023/08/29 14:43:01 taca Exp $
+$NetBSD: distinfo,v 1.46 2024/09/05 15:10:15 taca Exp $
 
-BLAKE2s (clamav-0.103.10.tar.gz) = b3c19d4d3f55f17d10e4afd45c8f74df36abfbb9c62793fa7a10cb0a325c21c0
-SHA512 (clamav-0.103.10.tar.gz) = fceda0297f32b0741a978e365a9fb9fe1c24c0d5027ee41665516917fbff405c01621cb0894bcfa70bc0884332987e1ecaa096a344580b67c3b401f2a77bc78c
-Size (clamav-0.103.10.tar.gz) = 16538627 bytes
+BLAKE2s (clamav-0.103.12.tar.gz) = a329d1da82016fce84d87bee336cd7364f0a93b8347e81f607fba11607109b4d
+SHA512 (clamav-0.103.12.tar.gz) = 0e870a5fd035fbf090359ef7634b1b36e346ff3066b896ff17c2c6ace04f4c17e16181a21fead8b8b2f397de9ea47b928515b717a41996bac4c8efed4d16ec4e
+Size (clamav-0.103.12.tar.gz) = 16507685 bytes
 SHA1 (patch-Makefile.in) = 51e0f42323f07b7ae0cb35a640469dce4e1a2041
 SHA1 (patch-aa) = c07a7b6e883f384ce278964645f0658c0d986ab5
 SHA1 (patch-ab) = 78793f0267ce8c820b51937186dc17dabb4a1ccf