GNU bug report logs - #55437
[PATCH] gnu: clamav: Update to 0.103.6 [fixes CVE-2022-{20803,20770,20796,20771,20785,20792}].

Previous Next

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: tracker <at> debbugs.gnu.org
Subject: bug#55437: closed ([PATCH] gnu: clamav: Update to 0.103.6 [fixes
 CVE-2022-{20803,20770,20796,20771,20785,20792}].)
Date: Fri, 20 May 2022 22:02:02 +0000

[Message part 1 (text/plain, inline)]

Your message dated Sat, 21 May 2022 00:01:34 +0200
with message-id <87y1yvvp6p.fsf_-_ <at> gnu.org>
and subject line Re: bug#55437: [PATCH] gnu: clamav: Update to 0.103.6 [fixes CVE-2022-{20803,20770,20796,20771,20785,20792}].
has caused the debbugs.gnu.org bug report #55437,
regarding [PATCH] gnu: clamav: Update to 0.103.6 [fixes CVE-2022-{20803,20770,20796,20771,20785,20792}].
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)


-- 
55437: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=55437
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]

From: kiasoc5 <at> disroot.org
To: guix-patches <at> gnu.org
Subject: [PATCH] gnu: clamav: Update to 0.103.6 [fixes
 CVE-2022-{20803,20770,20796,20771,20785,20792}].
Date: Sun, 15 May 2022 20:12:37 +0000

[Message part 3 (text/plain, inline)]

This patch updates clamav to the latest LTS version.
Per the release notes [1], a future update of clamav to 0.105+ will take some effort:

1. 0.105+ needs Rust 1.57+ to build.
2. The build should switch from tarball to git to avoid vendored crates.
3. 0.105+ works with llvm 8-12 (no more llvm 3.7).

I suggest we keep clamav on the LTS version until we update Rust.

PS: As you can see from the email address, I am migrating from Tutanota to Disroot.

[1] https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html#more

[0001-gnu-clamav-Update-to-0.103.6-fixes-CVE-2022-20803-20.patch (application/octet-stream, attachment)]

[Message part 5 (message/rfc822, inline)]

From: Ludovic Courtès <ludo <at> gnu.org>
To: kiasoc5 <at> disroot.org
Cc: 55437-done <at> debbugs.gnu.org
Subject: Re: bug#55437: [PATCH] gnu: clamav: Update to 0.103.6 [fixes
 CVE-2022-{20803,20770,20796,20771,20785,20792}].
Date: Sat, 21 May 2022 00:01:34 +0200

Hi,

kiasoc5 <at> disroot.org skribis:

> From c453008d05f4bc897eecd6f2545ff8047dc4e1fd Mon Sep 17 00:00:00 2001
> From: kiasoc5 <kiasoc5 <at> disroot.org>
> Date: Sun, 15 May 2022 03:37:58 -0400
> Subject: [PATCH] gnu: clamav: Update to 0.103.6 [fixes
>  CVE-2022-{20803,20770,20796,20771,20785,20792}].
>
> * gnu/packages/antivirus.scm (clamav): Update to 0.103.6.

[...]

>>From 151cbfbefd039ce28d38109493bf8b49f19a2edc Mon Sep 17 00:00:00 2001
> From: kiasoc5 <kiasoc5 <at> disroot.org>
> Date: Wed, 18 May 2022 22:51:14 -0400
> Subject: [PATCH 2/2] gnu: clamav: Use new style and G-expressions.
>
> * gnu/packages/antivirus.scm (clamav)[source]: Remove trailing #t from snippet.
> [inputs]: Use new input style.
> [arguments]: Use G-expressions. Remove trailing #t from phases
> [configure-flags]: Adjust to new input style.

Applied, thanks!

Ludo’.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.