* CVE-2006-1614
Damian Put discovered an integer overflow in the PE header parser.
This is only exploitable if the ArchiveMaxFileSize option is disabled.
* CVE-2006-1615
Format string vulnerabilities in the logging code have been discovered,
which might lead to the execution of arbitrary code.
* CVE-2006-1630
David Luyer discovered, that ClamAV can be tricked into an invalid
memory access in the cli_bitset_set() function, which may lead to
a denial of service.
- Use USE_RC_SUBR=script
PR: ports/95403
Submitted by: garga
Approved by: maintainer timeout (mnag on behalf of secteam)
Security: VuXML 6a5174bd-c580-11da-9110-00123ffe8333
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts.
in bsd.autotools.mk essentially makes this a no-op given that all the
old variables set a USE_AUTOTOOLS_COMPAT variable, which is parsed in
exactly the same way as USE_AUTOTOOLS itself.
Moreover, USE_AUTOTOOLS has already been extensively tested by the GNOME
team -- all GNOME 2.12.x ports use it.
Preliminary documentation can be found at:
http://people.FreeBSD.org/~ade/autotools.txt
which is in the process of being SGMLized before introduction into the
Porters Handbook.
Light blue touch-paper. Run.
If use LIBUNRAR don't need archivers/unrar
Remake patches to work without autotools
Bump PORTREVISION
PR: 87338
Approved by: Rob <rob@debank.tv> (maintainer)
A possible crash in the libmspack's Quantum decompressor has been fixed.
PR: ports/82604
Submitted by: Renato Botelho <freebsd@galle.com.br>
Approved by: maintainer
- Fix build when libmilter was built with LDAP [2]
PR: ports/77255 [1], ports/77235 [2]
Submitted by: Sergey N. Voronkov <serg@tmn.ru> [1],
Lewis Thompson <lewiz@compsoc.man.ac.uk> [2]
Approved by: Rob Evers <rob@debank.tv> (maintainer)
- Change the last instance of literal `/var/run/clamav' to %%RUNDIR%%.
- Bump PORTREVISION since the changes should improve the functionality
of the installed package.
PR: ports/75607
Approved by: maintainer
2. Shut down clamav daemons in the right order
on uninstall (or else they may refuse to quit.)
3. Use rcorder(8) keywords to guarantee the right
startup/shutdown order of the clamav services.
PR: ports/75607
Approved by: the maintainer
directory to /var/db/clamav and fix removal of db on deinstall)
For the sake of coherence, the ClamAV database should be
installed in /var/db/clamav, not /usr/local/share/clamav.
Also fixes the database removal on package deinstallation.
PR: ports/74172
Submitted by: Jean-Yves Lefort <jylefort@brutele.be>
Approved by: Rob Evers <rob@debank.tv>
+ JPEG comment exploit (MS04-028) detection
*** IMPORTANT ***
The configruration file for the clamd daemon has changed from
/usr/local/etc/clamav.conf to /usr/local/etc/clamd.conf.
PR: 72203
Approved by: Rob Evers <revers@infraqon.nl> (maintainer)
