head 1.3; access; symbols pkgsrc-2024Q1:1.3.0.30 pkgsrc-2024Q1-base:1.3 pkgsrc-2023Q4:1.3.0.28 pkgsrc-2023Q4-base:1.3 pkgsrc-2023Q3:1.3.0.26 pkgsrc-2023Q3-base:1.3 pkgsrc-2023Q2:1.3.0.24 pkgsrc-2023Q2-base:1.3 pkgsrc-2023Q1:1.3.0.22 pkgsrc-2023Q1-base:1.3 pkgsrc-2022Q4:1.3.0.20 pkgsrc-2022Q4-base:1.3 pkgsrc-2022Q3:1.3.0.18 pkgsrc-2022Q3-base:1.3 pkgsrc-2022Q2:1.3.0.16 pkgsrc-2022Q2-base:1.3 pkgsrc-2022Q1:1.3.0.14 pkgsrc-2022Q1-base:1.3 pkgsrc-2021Q4:1.3.0.12 pkgsrc-2021Q4-base:1.3 pkgsrc-2021Q3:1.3.0.10 pkgsrc-2021Q3-base:1.3 pkgsrc-2021Q2:1.3.0.8 pkgsrc-2021Q2-base:1.3 pkgsrc-2021Q1:1.3.0.6 pkgsrc-2021Q1-base:1.3 pkgsrc-2020Q4:1.3.0.4 pkgsrc-2020Q4-base:1.3 pkgsrc-2020Q3:1.3.0.2 pkgsrc-2020Q3-base:1.3 pkgsrc-2020Q2:1.2.0.32 pkgsrc-2020Q2-base:1.2 pkgsrc-2020Q1:1.2.0.12 pkgsrc-2020Q1-base:1.2 pkgsrc-2019Q4:1.2.0.34 pkgsrc-2019Q4-base:1.2 pkgsrc-2019Q3:1.2.0.30 pkgsrc-2019Q3-base:1.2 pkgsrc-2019Q2:1.2.0.28 pkgsrc-2019Q2-base:1.2 pkgsrc-2019Q1:1.2.0.26 pkgsrc-2019Q1-base:1.2 pkgsrc-2018Q4:1.2.0.24 pkgsrc-2018Q4-base:1.2 pkgsrc-2018Q3:1.2.0.22 pkgsrc-2018Q3-base:1.2 pkgsrc-2018Q2:1.2.0.20 pkgsrc-2018Q2-base:1.2 pkgsrc-2018Q1:1.2.0.18 pkgsrc-2018Q1-base:1.2 pkgsrc-2017Q4:1.2.0.16 pkgsrc-2017Q4-base:1.2 pkgsrc-2017Q3:1.2.0.14 pkgsrc-2017Q3-base:1.2 pkgsrc-2017Q2:1.2.0.10 pkgsrc-2017Q2-base:1.2 pkgsrc-2017Q1:1.2.0.8 pkgsrc-2017Q1-base:1.2 pkgsrc-2016Q4:1.2.0.6 pkgsrc-2016Q4-base:1.2 pkgsrc-2016Q3:1.2.0.4 pkgsrc-2016Q3-base:1.2 pkgsrc-2016Q2:1.2.0.2 pkgsrc-2016Q2-base:1.2 pkgsrc-2016Q1:1.1.0.18 pkgsrc-2016Q1-base:1.1 pkgsrc-2015Q4:1.1.0.16 pkgsrc-2015Q4-base:1.1 pkgsrc-2015Q3:1.1.0.14 pkgsrc-2015Q3-base:1.1 pkgsrc-2015Q2:1.1.0.12 pkgsrc-2015Q2-base:1.1 pkgsrc-2015Q1:1.1.0.10 pkgsrc-2015Q1-base:1.1 pkgsrc-2014Q4:1.1.0.8 pkgsrc-2014Q4-base:1.1 pkgsrc-2014Q3:1.1.0.6 pkgsrc-2014Q3-base:1.1 pkgsrc-2014Q2:1.1.0.4 pkgsrc-2014Q2-base:1.1 pkgsrc-2014Q1:1.1.0.2 pkgsrc-2014Q1-base:1.1; locks; strict; comment @# @; 1.3 date 2020.09.19.13.41.42; author taca; state Exp; branches; next 1.2; commitid wCwldYQlawE17FoC; 1.2 date 2016.06.12.16.06.01; author taca; state Exp; branches; next 1.1; commitid U36WuLHRbfyu3caz; 1.1 date 2014.03.11.14.34.40; author jperkin; state Exp; branches; next ; commitid EXdByYWMBsGq2isx; desc @@ 1.3 log @security/clamav: update to 0.103.0 Update clamav package to 0.103.0. Quote from release announce: ClamAV 0.103.0 highlights With your feedback on the previous candidates, we've fixed these additional issues: * The freshclam PID file was not readable by other users in previous release candidates but is now readable by all. * An issue with how freshclam was linked with the autotools build system caused SysLog settings to be ignored. * The real-path checks introduced to clamscan and clamdscan in 0.102.4 broke scanning of some files with Unicode filenames and files on network shares for Windows users. Thanks to the users for your help in fixing these bugs. Major changes * clamd can now reload the signature database without blocking scanning. This multi-threaded database reload improvement was made possible thanks to a community effort. * Non-blocking database reloads are now the default behavior. Some systems that are more constrained on RAM may need to disable non-blocking reloads, as it will temporarily consume double the amount of memory. We added a new clamd config option ConcurrentDatabaseReload, which may be set to no. Special thanks to those who made this feature a reality: * Alberto Wu * Alexander Sulfrian * Arjen de Korte * David Heidelberg * Ged Haywood * Julius Plenz * Michael Orlitzky Notable changes * The DLP module has been enhanced with additional credit card ranges and a new engine option that allows ClamAV to alert only on credit cards (and not, for instance, gift cards) when scanning with the DLP module. John Schember developed this feature, with input from Alexander Sulfrian. * We added support for Adobe Reader X PDF encryption and overhauled the PNG-scanning tool to detect PNG-specific exploits. We also made a major change to GIF parsing that now makes it more tolerant of problematic files and adds the ability to scan overlays, all thanks to work and patches submitted by Aldo Mazzeo. * clamdtop.exe is now available for Windows users. The functionality is somewhat limited when compared to clamdtop on Linux. PDCurses is required to build clamdtop.exe for ClamAV on Windows. * The phishing detection module will now print "Suspicious link found!" along with the "Real URL" and "Display URL" each time ClamAV detects phishing. In a future version, we would like to print out alert-related metadata like this at the end of a scan, but for now, this detail will help users understand why a given file is being flagged as phishing. * Added new *experimental* CMake build tooling. CMake is not yet recommended for production builds. Our team would appreciate any assistance improving the CMake build tooling so we can one day deprecate autotools and remove the Visual Studio solutions. - Please see the new CMake installation instructions found in INSTALL.cmake.md for detailed instructions on how to build ClamAV with CMake. * Added --ping and --wait options to the clamdscan and clamonacc client applications. * The --ping (-p) command will attempt to ping clamd up to a specified maximum number of attempts at an optional interval. If the interval isn't specified, a default one-second interval is used. It will exit with status code `0` when it receives a PONG from clamd or status code `21` if the timeout expires before it receives a response. @ text @$NetBSD: patch-etc_clamd.conf.sample,v 1.2 2016/06/12 16:06:01 taca Exp $ Make this useable out of the box. --- etc/clamd.conf.sample.orig 2020-09-13 00:27:09.000000000 +0000 +++ etc/clamd.conf.sample @@@@ -5,7 +5,7 @@@@ # Comment or remove the line below. -Example +# Example # Uncomment this option to enable logging. # LogFile must be writable for the user running daemon. @@@@ -74,7 +74,7 @@@@ Example # It is recommended that the directory where this file is stored is # also owned by root to keep other users from tampering with it. # Default: disabled -#PidFile /var/run/clamd.pid +PidFile @@CLAMAV_DBDIR@@/clamd.pid # Optional path to the global temporary directory. # Default: system specific (usually /tmp or /var/tmp). @@@@ -93,7 +93,7 @@@@ Example # Path to a local socket file the daemon will listen on. # Default: disabled (must be specified by a user) -#LocalSocket /tmp/clamd.socket +LocalSocket @@CLAMAV_DBDIR@@/clamd.sock # Sets the group ownership on the unix socket. # Default: disabled (the primary group of the user running clamd) @ 1.2 log @Update clamav to 0.99.2, based on patch vy Matthias Ferdinand on pkgsrc-users. Changes from 0.99.1 to 0.99.2 are available only with ChangeLog and it is too many to write here. Please refer ChangeLog file. 0.99.1 ------ ClamAV 0.99.1 contains a new feature for parsing Hancom Office files including extracting and scanning embedded objects. ClamAV 0.99.1 also contains important bug fixes. Please see ChangeLog for details. @ text @d1 1 a1 1 $NetBSD: patch-etc_clamd.conf.sample,v 1.1 2014/03/11 14:34:40 jperkin Exp $ d5 1 a5 1 --- etc/clamd.conf.sample.orig 2016-04-22 15:02:19.000000000 +0000 d16 3 a18 3 @@@@ -63,7 +63,7 @@@@ Example # This option allows you to save a process identifier of the listening # daemon (main thread). d25 1 a25 1 @@@@ -82,7 +82,7 @@@@ Example @ 1.1 log @Import initial SMF support for individual packages. @ text @d1 1 a1 1 $NetBSD$ d5 1 a5 1 --- etc/clamd.conf.sample.orig 2013-04-17 15:25:09.000000000 +0000 d12 1 a12 1 +#Example d16 1 a16 1 @@@@ -58,7 +58,7 @@@@ Example d25 1 a25 1 @@@@ -77,7 +77,7 @@@@ Example @