GNU bug report logs - #55437
[PATCH] gnu: clamav: Update to 0.103.6 [fixes CVE-2022-{20803,20770,20796,20771,20785,20792}].

Previous Next

Package: guix-patches;

Reported by: kiasoc5 <at> disroot.org

Date: Sun, 15 May 2022 22:17:02 UTC

Severity: normal

Tags: patch

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: kiasoc5 <at> disroot.org
To: guix-patches <at> gnu.org
Subject: [PATCH] gnu: clamav: Update to 0.103.6 [fixes
 CVE-2022-{20803,20770,20796,20771,20785,20792}].
Date: Sun, 15 May 2022 20:12:37 +0000

[Message part 1 (text/plain, inline)]

This patch updates clamav to the latest LTS version.
Per the release notes [1], a future update of clamav to 0.105+ will take some effort:

1. 0.105+ needs Rust 1.57+ to build.
2. The build should switch from tarball to git to avoid vendored crates.
3. 0.105+ works with llvm 8-12 (no more llvm 3.7).

I suggest we keep clamav on the LTS version until we update Rust.

PS: As you can see from the email address, I am migrating from Tutanota to Disroot.

[1] https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html#more

[0001-gnu-clamav-Update-to-0.103.6-fixes-CVE-2022-20803-20.patch (application/octet-stream, attachment)]

This bug report was last modified 3 years and 48 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #55437 [PATCH] gnu: clamav: Update to 0.103.6 [fixes CVE-2022-{20803,20770,20796,20771,20785,20792}].

GNU bug report logs - #55437
[PATCH] gnu: clamav: Update to 0.103.6 [fixes CVE-2022-{20803,20770,20796,20771,20785,20792}].