clamav (0.101.4+dfsg-1) [PTS] [DDPO]

COMMITS: VCS has seen 22 commits since the debian-0.101.2+dfsg-2 tag

Git: https://salsa.debian.org/clamav-team/clamav.git
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: unstable
Path: debian/changelog
Browser: https://salsa.debian.org/clamav-team/clamav
Last scan: 2019-09-15 03:06:43+00
Next scan: 2019-09-21 22:07:00+00
Merge requests: 1

Debian changelog in Git:

clamav (0.101.4+dfsg-1) unstable; urgency=medium

  * Import 0.101.4
   - CVE-2019-12625 (Add scan time limit to limit the processing zip-bombs)
     (Closes:934359)
   - CVE-2019-12900 (An out of bounds write was possible within ClamAV's
     NSIS bzip)
   - update symbols file (bump to 101.4 and drop unused cli_strnstr).

 -- Sebastian Andrzej Siewior <sebastian@breakpoint.cc>  Sun, 25 Aug 2019 12:38:25 +0200

This branch is 22 commits ahead of tag debian-0.101.2+dfsg-2

Git log:

commit e86bc2791ce4961781b86d5a5246d48a03a195b6
Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date:   Sun Aug 25 12:38:38 2019 +0200

    prepare 0.101.4+dfsg-1
    
    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

commit bee7a2d7da2e63e3f61a20d22d23260ff0f417f6
Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date:   Sun Aug 25 14:11:19 2019 +0200

    Add bugs to close
    
    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

commit 3bfa4953991a12c92aade634f80eabd46dec2d4c
Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date:   Sun Aug 25 14:00:26 2019 +0200

    symbols: boost cl_engine_set_num due to new CL_ENGINE_MAX_SCANTIME
    
    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

commit 5b280f6ef8c49fe94442b71c01f68a31bceb6f01
Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date:   Sun Aug 25 12:37:35 2019 +0200

    debian/changelog: obay 80 char line limit
    
    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

commit 6af1a6d6d58fc2bea5f232aafc9bc7b12c875fc8
Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date:   Sun Aug 25 12:14:11 2019 +0200

    Add MaxScanTime Option
    
    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

commit 59c5782beeecaf249d31f93640c3c628c100c8dd
Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date:   Sun Aug 25 12:13:22 2019 +0200

    Update symbols
    
    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

commit cf3d22e2bcb8c8b083371dde1620b4afbdbd95d7
Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date:   Sun Aug 25 11:38:56 2019 +0200

    Update changelog
    
    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

commit 4a3717e6288f1610738596e8ae2f250d39889fd3
Merge: b6c3d3c3 e6e5de56
Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date:   Sun Aug 25 11:38:22 2019 +0200

    merge patched-unstable into unstable

commit e6e5de56f86171c36b12d1b3d17eba09e407f6c2
Author: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Date:   Fri Oct 14 20:24:56 2016 +0200

    Add support for LLVM 3.9
    
    Changes:
    IRBuilder no longer has a preserveNames template argument.
    AtomicOrdering is now a strongly typed enum.
    
    Patch-Name: Add-support-for-LLVM-3.9.patch

commit 4fe7217636ff6b00fc1f809f4ea9918a522977e0
Author: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Date:   Fri Oct 14 20:24:48 2016 +0200

    Add support for LLVM 3.8
    
    Main changes:
    llvm/Config/config.h was removed.
    The ScalarEvolution pass is now a WrapperPass.
    Iterators are no longer automatically converted to and from pointers.
    The GVNPass causes the test_bswap_jit test to fail; replaced with
    ConstantPropagationPass.
    LLVMIsMultithreaded is from the C API, while llvm_is_multithreaded is
    the corresponding C++ API.
    
    Patch-Name: Add-support-for-LLVM-3.8.patch

commit 67fc7175d7193307fe6787b8068a2a6733291031
Author: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Date:   Fri Oct 14 20:24:39 2016 +0200

    Add support for LLVM 3.7
    
    Main changes:
    The DataLayoutPass is no longer necessary.
    The LoopInfo pass is now a WrapperPass.
    Before creating TargetLibraryInfo one needs to create a
    TargetLibraryInfoImpl.
    PassManager is now in the legacy:: namespace.
    GetElementPtrInst::getIndexedType changed behavior causing segfaults in
    the testsuite; emulating the old behavior now.
    CreateCallX functions for fixed number X of elements got removed.
    JITEmitDebugInfo Option was removed.
    DIDescriptor was removed.
    
    Patch-Name: Add-support-for-LLVM-3.7.patch

commit 17fcedafce4c36ea008261590c4586bc0c3cf980
Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date:   Thu Aug 11 21:54:10 2016 +0200

    clamd: don't depend on clamav-demon.socket
    
    Let's try to live without it.
    This should avoid the endless loop in #824042. Newer systemd have
    rate-limiting on (re)starts. This rate-limiting would stop the socket
    service. The only purpose for the socket activation is to get clamd
    started after the initial freshclam run on installs so I think we can
    live without and manually start the daemon after installation.
    
    Patch-Name: clamd_dont_depend_on_clamav_demon_socket.patch
    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

commit 2466dcbede39220e16930ff3406b23081601d0b4
Author: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Date:   Wed Mar 11 20:03:15 2015 +0100

    add support for system tomsfastmath
    
    Patch-Name: add-support-for-system-tomsfastmath.patch

commit 600055d46bada90964bde7573e586ccfbbd15bd4
Author: Scott Kitterman <scott@kitterman.com>
Date:   Mon Mar 10 19:20:18 2014 -0400

    Change paths in sample conf file to match Debian
    
    Patch-Name: Change-paths-in-sample-conf-file-to-match-Debian.patch

commit b6c3d3c3f0ad0d5de1a030e8b96307c7a2c50547
Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date:   Sun Aug 25 11:38:04 2019 +0200

    record new upstream branch created by importing clamav_0.101.4+dfsg.orig.tar.xz

commit 2ef384b1d0316b03c71b17de219c056c19169197
Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date:   Sun Aug 25 11:38:04 2019 +0200

    Import clamav_0.101.4+dfsg.orig.tar.xz

commit 484da6fbb3400dbd2f3c9f6b2024dd843cd02049
Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date:   Tue Aug 6 21:54:51 2019 +0200

    Release 0.101.2+dfsg-3
    
    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

commit 7a96b0253b2d43bc3ac08af483ba7b114f2fa3a2
Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date:   Tue Aug 6 21:41:33 2019 +0200

    debian: prepare new the 0.101.3 based .2 release
    
    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

commit 270f10592633200d63ca1b062ab42db972120061
Merge: ef1caea9 e3d28e97
Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date:   Tue Aug 6 21:37:40 2019 +0200

    merge patched-unstable into unstable

commit e3d28e9715aec18842c2df29e00fc772a8c8551d
Author: Micah Snyder <micasnyd@cisco.com>
Date:   Fri Jul 12 21:09:45 2019 -0400

    Adds detection and heuristic alert for zips with overlapping files, preventing extraction of non-recursive zip bombs.
    
    Patch-Name: Adds-detection-and-heuristic-alert-for-zips-with-ove.patch
    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

commit 535161dd4d6349eed64a532f6614920c9620c66d
Author: Micah Snyder <micasnyd@cisco.com>
Date:   Fri Jul 12 17:16:42 2019 -0400

    Bumped version number to 0.101.3.
    
    Patch-Name: Bumped-version-number-to-0.101.3.patch
    [sebastian@breakpoint.cc: remove "configure" and "win32/"]
    Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>