Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: clamav | Distribution: openSUSE Tumbleweed |
Version: 1.5.1 | Vendor: openSUSE |
Release: 1.1 | Build date: Thu Oct 16 18:12:58 2025 |
Group: Productivity/Security | Build host: reproducible |
Size: 51899319 | Source RPM: clamav-1.5.1-1.1.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: https://www.clamav.net | |
Summary: Antivirus Toolkit |
ClamAV is an antivirus engine designed for detecting trojans, viruses, malware and other malicious threats. It is the de-facto standard for mail gateway scanning. It provides a multi-threaded scanning daemon, command line utilities for on-demand file scanning, and a tool for automatic signature updates. The core ClamAV library provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats.
GPL-2.0-only
* Thu Oct 16 2025 Reinhard Max <max@suse.com> - New version: 1.5.1: * Fixed a significant performance issue when scanning some PE files. * Fixed an issue recording file entries from a ZIP archive central directory which resulted in "Heuristics.Limits.Exceeded.MaxFiles" alerts when using the ClamScan --alert-exceeds-max command line option or ClamD AlertExceedsMax config file option. * Improved performance when scanning TNEF email attachments. * Fixed an issue with recording metadata for OOXML office documents. * Fixed an issue with signature matches for VBA in OLE2 office documents. * Loosened overly restrictive rules for embedded file identification and increased the limit for finding PE files embedded in other PE files. * Fixed an issue with extracting some RAR archives embedded in other files. * Fixed an issue with calculating fuzzy hashes affecting some images by updating the version for several Rust library dependencies. * Tue Oct 14 2025 Reinhard Max <max@suse.com> - Add json-c-json-c-0.18-20240915.tar.gz and link it statically into libclamav on SLE-12, because version 0.12 is too old. * Wed Oct 08 2025 Reinhard Max <max@suse.com> - New version 1.5.0: * Added checks to determine if an OLE2-based Microsoft Office document is encrypted. * Added the ability to record URIs found in HTML if the generate-JSON-metadata feature is enabled. * Added the ability to record URIs found in PDFs if the generate-JSON-metadata feature is enabled. * Added regex support for the clamd.conf OnAccessExcludePath config option. * Added CVD signing/verification with external .sign files. * Freshclam, ClamD, ClamScan, and Sigtool: Added an option to enable FIPS-like limits disabling MD5 and SHA1 from being used for verifying digital signatures or for being used to trust a file when checking for false positives * ClamD: Added an option to disable select administrative commands including SHUTDOWN, RELOAD, STATS and VERSION. * libclamav: Added extended hashing functions with a "flags" parameter that allows the caller to choose if they want to bypass FIPS hash algorithm limits. * See the release announcement for the full list of changes: https://blog.clamav.net/2025/10/clamav-150-released.html - Obsoleted patches: * clamav-freshclam_test.patch * clamav-disable-administrative-commands.patch * clamav-fips.patch - Use macros for library versions - Remove service symlinks: rcclamd, rcfreshclam, rcclamav-milter, and clamonacc. - Use rust 1.86 for SLE-12 and SLE-15-SP2. * Mon Jun 30 2025 Reinhard Max <max@suse.com> - bsc#1240363, clamav-disable-administrative-commands.patch: clamd: Add an option to toggle SHUTDOWN, RELOAD, STATS and VERSION. * Thu Jun 19 2025 Arjen de Korte <suse+build@de-korte.org> - New version 1.4.3: ClamAV 1.4.3 is a patch release with the following fixes: * CVE-2025-20260, bsc#1245054: Fixed a possible buffer overflow write bug in the PDF file parser that could cause a denial-of-service (DoS) condition or enable remote code execution. This issue only affects configurations where both: - The max file-size scan limit is set greater than or equal to 1024MB. - The max scan-size scan limit is set greater than or equal to 1025MB. The code flaw was present prior to version 1.0.0, but a change in version 1.0.0 that enables larger allocations based on untrusted data made it possible to trigger this bug. This issue affects all currently supported versions. * CVE-2025-20234, bsc#1245055: Fixed a possible buffer overflow read bug in the UDF file parser that may write to a temp file and thus disclose information, or it may crash and cause a denial-of-service (DoS) condition. This issue was introduced in version 1.2.0. * Fixed a possible use-after-free bug in the Xz decompression module in the bundled lzma-sdk library. This issue was fixed in the lzma-sdk version 18.03. ClamAV bundles a copy of the lzma-sdk with some performance changes specific to libclamav, plus select bug fixes like this one in lieu of a full upgrade to newer lzma-sdk. This issue affects all ClamAV versions at least as far back as 0.99.4. * Windows: Fixed a build install issue when a DLL dependency such as libcrypto has the exact same name as one provided by the Windows operating system. - Renew clamav.keyring * Wed May 28 2025 Reinhard Max <max@suse.com> - bsc#1243565: Add clamav-freshclam_test.patch to fix a race condition between the mockup servers started by different test cases in freshclam_test.py. * Mon Mar 24 2025 Reinhard Max <max@suse.com> - bsc#1239957: Build with PIE. - Eliminate some UTF-8 NBSP characters from the changes file. * Mon Feb 10 2025 Reinhard Max <max@suse.com> - bsc#1236949: Fix location of license files. * Thu Jan 23 2025 Reinhard Max <max@suse.com> - Drop the version dependency on libcurl. Building against versions older than 7.45 does not fail anymore, but disables support for fdpassing in clamonacc. This only affects SLE-12 up to SP3. * Wed Jan 22 2025 Reinhard Max <max@suse.com> - New version 1.4.2: * CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service (DoS) condition. * Fri Jan 10 2025 Reinhard Max <max@suse.com> - bsc#1232242: Start clamonacc with --fdpass to avoid errors due to clamd not being able to access user files. * Wed Dec 18 2024 Andreas Stieger <andreas.stieger@gmx.de> - fix factory submission (clam.tcl, clamscan.log) * Tue Sep 10 2024 Reinhard Max <max@suse.com> - New version 1.4.1: * [CVE-2024-20506, bsc#1230162]: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the 'clamd' or 'freshclam' services from using a symlink to corrupt system files. * [CVE-2024-20505, bsc#1230161]: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service (DoS) condition. * https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html - New version 1.4.0: * Added support for extracting ALZ archives. * Added support for extracting LHA/LZH archives. * Added the ability to disable image fuzzy hashing, if needed. For context, image fuzzy hashing is a detection mechanism useful for identifying malware by matching images included with the malware or phishing email/document. * https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html * Wed Sep 04 2024 Arjen de Korte <suse+build@de-korte.org> - New version 1.3.2: * CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the 'clamd' or 'freshclam' services from using a symlink to corrupt system files. * CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service condition. * Removed unused Python modules from freshclam tests including deprecated 'cgi' module that is expected to cause test failures in Python 3.13. * Fix unit test caused by expiring signing certificate. * Fixed a build issue on Windows with newer versions of Rust. Also upgraded GitHub Actions imports to fix CI failures. * Fixed an unaligned pointer dereference issue on select architectures. * Fixes to Jenkins CI pipeline. - Remove upstreamed 1305.patch * Mon Jul 29 2024 Bernhard Wiedemann <bwiedemann@suse.com> - Add upstream 1305.patch to fix tests (boo#1102840, https://github.com/Cisco-Talos/clamav/issues/1300) * Mon Apr 22 2024 Reinhard Max <max@suse.com> - New Version: 1.3.1: * CVE-2024-20380: Fixed a possible crash in the HTML file parser that could cause a denial-of-service (DoS) condition. * Updated select Rust dependencies to the latest versions. * Fixed a bug causing some text to be truncated when converting from UTF-16. * Fixed assorted complaints identified by Coverity static analysis. * Fixed a bug causing CVDs downloaded by the DatabaseCustomURL Freshclam config option to be pruned and then re-downloaded with every update. * Added the new 'valhalla' database name to the list of optional databases in preparation for future work. * Fri Mar 15 2024 Reinhard Max <max@suse.com> - New version: 1.3.0: * Added support for extracting and scanning attachments found in Microsoft OneNote section files. OneNote parsing will be enabled by default, but may be optionally disabled. * Added file type recognition for compiled Python (`.pyc`) files. * Improved support for decrypting PDFs with empty passwords. * Fixed a warning when scanning some HTML files. * ClamOnAcc: Fixed an infinite loop when a watched directory does not exist. * ClamOnAcc: Fixed an infinite loop when a file has been deleted before a scan. - New version: 1.2.0: * Added support for extracting Universal Disk Format (UDF) partitions. * Added an option to customize the size of ClamAV's clean file cache. * Raised the MaxScanSize limit so the total amount of data scanned when scanning a file or archive may exceed 4 gigabytes. * Added ability for Freshclam to use a client certificate PEM file and a private key PEM file for authentication to a private mirror. * Fix an issue extracting files from ISO9660 partitions where the files are listed in the plain ISO tree and there also exists an empty Joliet tree. * PID and socket are now located under /run/clamav/clamd.pid and /run/clamav/clamd.sock . * bsc#1211594: Fixed an issue where ClamAV does not abort the signature load process after partially loading an invalid signature. - New version 1.1.0: * https://blog.clamav.net/2023/05/clamav-110-released.html * Added the ability to extract images embedded in HTML CSS <style> blocks. * Updated to Sigtool so that the --vba option will extract VBA code from Microsoft Office documents the same way that libclamav extracts VBA. * Added a new option --fail-if-cvd-older-than=days to clamscan and clamd, and FailIfCvdOlderThan to clamd.conf * Added a new function cl_cvdgetage() to the libclamav API. * Added a new function cl_engine_set_clcb_vba() to the libclamav API. * obsoletes clamav-ec32.patch. - boo#1180296: Integrate clamonacc as a service. - New version 1.0.1 LTS (including changes in 0.104 and 0.105): * As of ClamAV 0.104, CMake is required to build ClamAV. * As of ClamAV 0.105, Rust is now required to compile ClamAV. * Increased the default limits for file and scan size: * MaxScanSize: 100M to 400M * MaxFileSize: 25M to 100M * StreamMaxLength: 25M to 100M * PCREMaxFileSize: 25M to 100M * MaxEmbeddedPE: 10M to 40M * MaxHTMLNormalize: 10M to 40M * MaxScriptNormalize: 5M to 20M * MaxHTMLNoTags: 2M to 8M * Added image fuzzy hash subsignatures for logical signatures. * Support for decrypting read-only OLE2-based XLS files that are encrypted with the default password. * Overhauled the implementation of the all-match feature. * Added a new callback to the public API for inspecting file content during a scan at each layer of archive extraction. * Added a new function to the public API for unpacking CVD signature archives. * The option to build with an external TomsFastMath library has been removed. ClamAV requires non-default build options for TomsFastMath to support bigger floating point numbers. * For a full list of changes see the release announcements: * https://blog.clamav.net/2022/11/clamav-100-lts-released.html * https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html * https://blog.clamav.net/2021/09/clamav-01040-released.html - Build clamd with systemd support. - Fix format strings on 32bit platforms (clamav-format.patch). - Add missing endianness conversions (clamav-ec32.patch). - Don't build on armv7l for now due to some test failures. - Drop clamav-disable-yara.patch as yara cannot be disabled anymore * Mon Feb 26 2024 Dominique Leuenberger <dimstar@opensuse.org> - Use %patch -P N instead of deprecated %patchN. * Wed Oct 25 2023 Arjen de Korte <suse+build@de-korte.org> - Update to 0.103.11 * Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.12. * Windows: libjson-c 0.17 compatibility fix. with ssize_t type definition. * Windows: Update build system to use OpenSSL 3 and PThreads-Win32 v3. - Update to 0.103.10 * Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.10. (bsc#1216625, CVE-2023-40477) * Fri Aug 18 2023 Reinhard Max <max@suse.com> - Renew clamav.keyring . * Wed Aug 16 2023 Arjen de Korte <suse+build@de-korte.org> - Update to 0.103.9 * CVE-2023-20197: Fixed a possible denial of service vulnerability in the HFS+ file parser. This issue affects versions 1.1.0, 1.0.1 through 1.0.0, 0.105.2 through 0.105.0, 0.104.4 through 0.104.0, and 0.103.8 through 0.103.0. (boo#1214342) * Fixed compiler warnings that may turn into errors in Clang 16. * Wed Feb 15 2023 Arjen de Korte <suse+build@de-korte.org> - Update to 0.103.8 * CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser. Issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. (bsc#1208363) * CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser. Issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. (bsc#1208365) * Update vendored libmspack library to version 0.11alpha. (bsc#1103032: CVE-2018-14679) - Package huge .html documentation in a separate subpackage. * Fri Aug 05 2022 ecsos <ecsos@opensuse.org> - Update to 0.103.7 (bsc#1202986) - Zip parser: tolerate 2-byte overlap in file entries - Fix bug with logical signature Intermediates feature - Update to UnRAR v6.1.7 - Patch UnRAR: allow skipping files in solid archives - Patch UnRAR: limit dict winsize to 1GB * Thu May 05 2022 Arjen de Korte <suse+build@de-korte.org> - Update to 0.103.6 * CVE-2022-20770: Fixed a possible infinite loop vulnerability in the CHM file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. (boo#1199242) * CVE-2022-20796: Fixed a possible NULL-pointer dereference crash in the scan verdict cache check. Issue affects versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2. (boo#1199246) * CVE-2022-20771: Fixed a possible infinite loop vulnerability in the TIFF file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. The issue only occurs if the "--alert-broken-media" ClamScan option is enabled. For ClamD, the affected option is "AlertBrokenMedia yes", and for libclamav it is the "CL_SCAN_HEURISTIC_BROKEN_MEDIA" scan option. (boo#1199244) * CVE-2022-20785: Fixed a possible memory leak in the HTML file parser / Javascript normalizer. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. (boo#1199245) * CVE-2022-20792: Fixed a possible multi-byte heap buffer overflow write vulnerability in the signature database load module. The fix was to update the vendored regex library to the latest version. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. (boo#1199274) * ClamOnAcc: Fixed a number of assorted stability issues and added niceties for debugging ClamOnAcc. * Fixed an issue causing byte-compare subsignatures to cause an alert when they match even if other conditions of the given logical signatures were not met. * Fix memleak when using multiple byte-compare subsignatures. This fix was backported from 0.104.0. * Assorted bug fixes and improvements. - Remove upstreamed clamav-ck_assert_msg.patch * Tue Apr 12 2022 Marcus Meissner <meissner@suse.com> - https source urls * Wed Jan 12 2022 Arjen de Korte <suse+build@de-korte.org> - Update to 0.103.5 * CVE-2022-20698: Fix for invalid pointer read that may cause a crash. This issue affects 0.104.1, 0.103.4 and prior when ClamAV is compiled with libjson-c and the CL_SCAN_GENERAL_COLLECT_METADATA scan option (the clamscan --gen-json option) is enabled. (bsc#1194731) * Fixed ability to disable the file size limit with libclamav C API, like this: cl_engine_set_num(engine, CL_ENGINE_MAX_FILESIZE, 0); This issue didn't affect ClamD or ClamScan which also can disable the limit by setting it to zero using MaxFileSize 0 in clamd.conf for ClamD, or clamscan --max-filesize=0 for ClamScan. Note: Internally, the max file size is still set to 2 GiB. Disabling the limit for a scan will fall back on the internal 2 GiB limitation. * Increased the maximum line length for ClamAV config files from 512 bytes to 1,024 bytes to allow for longer config option strings. * SigTool: Fix insufficient buffer size for --list-sigs that caused a failure when listing a database containing one or more very long signatures. This fix was backported from 0.104.
/etc/certs /etc/certs/clamav.crt /etc/clamd.conf /etc/freshclam.conf /run/clamav /usr/bin/clamav-config /usr/bin/clambc /usr/bin/clamconf /usr/bin/clamdscan /usr/bin/clamdtop /usr/bin/clamscan /usr/bin/clamsubmit /usr/bin/freshclam /usr/bin/sigtool /usr/lib/systemd/system/clamd.service /usr/lib/systemd/system/clamonacc.service /usr/lib/systemd/system/freshclam.service /usr/lib/systemd/system/freshclam.timer /usr/lib/tmpfiles.d/clamav.conf /usr/sbin/clamd /usr/sbin/clamonacc /usr/share/licenses/clamav /usr/share/licenses/clamav/COPYING.LGPL /usr/share/licenses/clamav/COPYING.YARA /usr/share/licenses/clamav/COPYING.bzip2 /usr/share/licenses/clamav/COPYING.curl /usr/share/licenses/clamav/COPYING.file /usr/share/licenses/clamav/COPYING.getopt /usr/share/licenses/clamav/COPYING.llvm /usr/share/licenses/clamav/COPYING.lzma /usr/share/licenses/clamav/COPYING.pcre /usr/share/licenses/clamav/COPYING.regex /usr/share/licenses/clamav/COPYING.txt /usr/share/licenses/clamav/COPYING.unrar /usr/share/licenses/clamav/COPYING.zlib /usr/share/man/man1/clambc.1.gz /usr/share/man/man1/clamconf.1.gz /usr/share/man/man1/clamdscan.1.gz /usr/share/man/man1/clamdtop.1.gz /usr/share/man/man1/clamscan.1.gz /usr/share/man/man1/clamsubmit.1.gz /usr/share/man/man1/freshclam.1.gz /usr/share/man/man1/sigtool.1.gz /usr/share/man/man5/clamd.conf.5.gz /usr/share/man/man5/freshclam.conf.5.gz /usr/share/man/man8/clamd.8.gz /usr/share/man/man8/clamonacc.8.gz /var/lib/clamav
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed Oct 22 22:37:11 2025