rpms/clamav/devel clamav-0.88.4-visibility.patch, NONE, 1.1 clamav.spec, 1.42, 1.43 sources, 1.19, 1.20

Enrico Scholz (ensc) fedora-extras-commits at redhat.com
Wed Oct 18 07:22:49 UTC 2006 

Author: ensc

Update of /cvs/extras/rpms/clamav/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25792

Modified Files:
	clamav.spec sources 
Added Files:
	clamav-0.88.4-visibility.patch 
Log Message:
- updated to 0.88.5 (SECURITY); fixes CVE-2006-4182, CVE-2006-5295
- added patch to set '__attribute__ ((visibility("hidden")))' for
  exported MD5_*() functions (fixes #202043)



clamav-0.88.4-visibility.patch:

--- NEW FILE clamav-0.88.4-visibility.patch ---
--- clamav-0.88.4/libclamav/md5.c.visibility	2005-06-23 22:03:12.000000000 +0200
+++ clamav-0.88.4/libclamav/md5.c	2006-08-11 08:19:02.000000000 +0200
@@ -176,7 +176,7 @@ static void *body(MD5_CTX *ctx, void *da
 	return ptr;
 }
 
-void MD5_Init(MD5_CTX *ctx)
+void  __attribute__ ((__visibility__("hidden"))) MD5_Init(MD5_CTX *ctx)
 {
 	ctx->a = 0x67452301;
 	ctx->b = 0xefcdab89;
@@ -187,7 +187,7 @@ void MD5_Init(MD5_CTX *ctx)
 	ctx->hi = 0;
 }
 
-void MD5_Update(MD5_CTX *ctx, void *data, unsigned long size)
+void __attribute__ ((__visibility__("hidden"))) MD5_Update(MD5_CTX *ctx, void *data, unsigned long size)
 {
 	MD5_u32plus saved_lo;
 	unsigned long used, free;
@@ -221,7 +221,7 @@ void MD5_Update(MD5_CTX *ctx, void *data
 	memcpy(ctx->buffer, data, size);
 }
 
-void MD5_Final(unsigned char *result, MD5_CTX *ctx)
+void __attribute__ ((__visibility__("hidden"))) MD5_Final(unsigned char *result, MD5_CTX *ctx)
 {
 	unsigned long used, free;
 


Index: clamav.spec
===================================================================
RCS file: /cvs/extras/rpms/clamav/devel/clamav.spec,v
retrieving revision 1.42
retrieving revision 1.43
diff -u -r1.42 -r1.43
--- clamav.spec	4 Oct 2006 22:32:25 -0000	1.42
+++ clamav.spec	18 Oct 2006 07:22:18 -0000	1.43
@@ -18,8 +18,8 @@
 
 Summary:	End-user tools for the Clam Antivirus scanner
 Name:		clamav
-Version:	0.88.4
-Release: %release_func 4
+Version:	0.88.5
+Release: %release_func 1
 
 License:	GPL
 Group:		Applications/File
@@ -38,6 +38,7 @@
 Patch20:	clamav-0.70-user.patch
 Patch21:	clamav-0.70-path.patch
 Patch22:	clamav-0.80-initoff.patch
+Patch23:	clamav-0.88.4-visibility.patch
 BuildRoot:	%_tmppath/%name-%version-%release-root
 Requires:	clamav-lib = %version-%release
 Requires:	data(clamav)
@@ -185,6 +186,7 @@
 %patch20 -p1 -b .user
 %patch21 -p1 -b .path
 %patch22 -p1 -b .initoff
+%patch23 -p1 -b .visibility
 
 perl -pi -e 's!^(#?LogFile ).*!\1/var/log/clamd.<SERVICE>!g;
 	     s!^#?(LocalSocket ).*!\1/var/run/clamd.<SERVICE>/clamd.sock!g;
@@ -446,6 +448,11 @@
 
 
 %changelog
+* Wed Oct 18 2006 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.88.5-1
+- updated to 0.88.5 (SECURITY); fixes CVE-2006-4182, CVE-2006-5295
+- added patch to set '__attribute__ ((visibility("hidden")))' for
+  exported MD5_*() functions (fixes #202043)
+
 * Thu Oct 05 2006 Christian Iseli <Christian.Iseli at licr.org> 0.88.4-4
  - rebuilt for unwind info generation, broken in gcc-4.1.1-21
 


Index: sources
===================================================================
RCS file: /cvs/extras/rpms/clamav/devel/sources,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- sources	9 Aug 2006 06:49:22 -0000	1.19
+++ sources	18 Oct 2006 07:22:18 -0000	1.20
@@ -1,2 +1,2 @@
-7759784aa4506b314e6543e0f2a8587b  clamav-0.88.4.tar.gz
-450d59c0a663b5986cda1105b85ae673  clamav-0.88.4.tar.gz.sig
+d62376205647b208eba4191dde821830  clamav-0.88.5.tar.gz
+5daea1b5d8ab49257dea3ccc5dacaf35  clamav-0.88.5.tar.gz.sig

More information about the scm-commits mailing list