ClamAV 0.92.1This is a bugfix release, please refer to the ChangeLog for a complete list of changes.
Changes:
Mon Feb 11 * libclamav/mew.c: fix possible heap corruption (bb#806) Found by Elliot, broken module disabled via daily.cvd published on Feb 2
* libclamav/pe.c: fix possible integer overflow (CVE-2008-0318) Found by Silvio Cesare working with the VeriSign iDefense VCP; broken module disabled via daily.cvd published on Jan 11, 2008
* libclamav/cab.c: improve handling of stored files (bb#771)
* libclamav/unarj.c: improve bounds checking (bb#811)
* libclamav/scanners.c: respect recursion limits in cli_scanembpe() (bb#771)
* libclamav/vba_extract.c: fix extraction of embedded files (bb#760)
* libclamav/others.[ch]: add cli_ctime() (uses ctime_r() if available or falls back to mutex protected ctime())
* clamd, clamav-milter, shared: use cli_ctime() instead of the thread-unsafe ctime()
* libclamav/nsis/nulsft.c: use mutex for cli_nsis_unpack() (bb#812)
* libclamunrar: Use static CRC table - bb#64
* libclamav/matcher-bm.c: on Solaris/Intel bm_shift could be improperly allocated (bb#773)
* freshclam/manager.c: advertise itself as HTTP/1.0 client
* libclamav/cab.[ch]: rewrite file/folder handling code (bb#730)
* shared/output.c: fix handling of special characters in mprintf/logg (bb#360)
* shared/misc.c: add error reporting to daemonize() (bb#729)
* configure: if available use dscl on Mac OS X (bb#753)
* libclamunrar/unrar.c: disable 'Unknown RAR pack method' error message due to false alerts with some SFX archives (bb#399)
* configure: don't link with nsl if not needed (bb#754)
* shared/misc.c, clamd, clamscan, freshclam: respect custom dbdir settings in print_version() (bb#699)
* libclamunrar_iface/unrar_iface.h: add missing #pragma pack direct. (bb#769)
* libclamav/entconv.c: don't make tmp_move negative (exper. code, bb #772).
* shared/misc.c: don't pass --rsrc flag to ditto (bb#380)
* libclamav: fix printing of size_t and off_t vars (bb#444)
* clamav-milter: Use new cli_rndnum API
* libclamav/others.c: improve cli_rndnum() and cli_gentempfd()
* libclamav/cvd.c: fix error path descriptor leak; gzdopen() may not close fd
* shared/misc.c: cvd_unpack: cli_untgz() no longer closes fd
* clamav-milter: Fix error handling in Session Mode
* clamav-milter: Correct nul termination in ping response from clamd
* libclamunrar_iface/unrar_iface.[ch]: minor cleanups
_______________Size: ~ 14.58 MBDownload:http://garr.dl.source...-0.92.1.tar.gz