[clamav-cn.git] / debian / changelog

clamav-cn (3:0.94-2) stable; urgency=medium

  * Sitna izmjena u clamav-sanesecurity

 -- Ivan Rako <Ivan.Rako@CARNet.hr>  Thu,  9 Oct 2008 19:48:44 +0200

clamav-cn (3:0.94-1) stable; urgency=medium

  * Ovisnost o novoj upstream verziji
  * Dodana skripta za skidanje SANE potpisa za phishing & scam
    (/etc/cron.hourly/clamav-sanesecurity)
  * Dodana ovisnost o rsyncu i curlu zbog potreba SANE skripte

 -- Ivan Rako <Ivan.Rako@CARNet.hr>  Mon, 29 Sep 2008 16:02:06 +0200

clamav-cn (3:0.93.1-1) stable; urgency=high

  * Ovisnost o najnovijoj upstream verziji
  * Dodan konflikt sa libclamav{1,2,3}
  
 -- Ivan Rako <Ivan.Rako@CARNet.hr>  Tue, 15 Jul 2008 12:50:49 +0200

clamav-cn (3:0.92.1-2) stable; urgency=high

  * Ovisnost o najnovijoj verziji koja ispravlja nekoliko sigurnosnih
    propusta:
      - libclamav/pe.c: possible integer overflow in wwpack
      - [CVE-2008-1100]: libclamav/pe.c: possible integer overflow in upack
      - [CVE-2008-1387]: libclamav/spin.c: possible integer overflow
      - libclamav/unarj.c: DoS in unarj

 -- Ivan Rako <Ivan.Rako@CARNet.hr>  Tue, 22 Apr 2008 14:57:46 +0200

clamav-cn (3:0.92.1-1) stable; urgency=high

  * Ovisnost o najnovijoj verziji koja ispravlja nekoliko sigurnosnih
    propusta:
    - [2007-6595]: libclamav/others.c: symlink vulnerability
      cli_gentempfd now calls open with O_EXCL (closes: #458532)
    - [CVE-2008-0318]: libclamav/pe.c: possible integer overflow
    - libclamav/mew.c: possible heap corruption

 -- Ivan Rako <Ivan.Rako@CARNet.hr>  Thu, 21 Feb 2008 19:32:05 +0100

clamav-cn (3:0.90.1-1) stable; urgency=medium

  * izdanje paketa za Etch
  * prva verzija sa source paketom

 -- Ivan Rako <Ivan.Rako@CARNet.hr>  Tue, 18 Sep 2007 16:28:42 +0200

clamav-cn (2:0.91.1-1) carnet-sarge; urgency=high

  * Ovisnost o novoj upstream verziji:
    - ispravlja CVE-2007-3725 (DoS in unrarvm.c).
  * Obnovljen predlozak clamd.conf datoteke, takodjer forsirana i
    zamjena freshclam.conf jer Debianov paket iskljuci NotifyClamd.

 -- Zoran Dzelajlija <zoran.dzelajlija@carnet.hr>  Fri, 27 Jul 2007 14:29:02 +0200

clamav-cn (2:0.90.3-3) carnet-sarge; urgency=medium

  * Ispravljena opcija AllowSupplementaryGroups

 -- Ivan Rako <Ivan.Rako@CARNet.hr>  Tue,  3 Jul 2007 13:15:02 +0200
 
clamav-cn (2:0.90.3-2) carnet-sarge; urgency=medium

  * Ispravljena opcija NotifyClamd

 -- Ivan Rako <Ivan.Rako@CARNet.hr>  Fri, 15 Jun 2007 00:52:13 +0200
 
clamav-cn (2:0.90.3-1) carnet-sarge; urgency=high

  * Nova upstream verzija
  * Sigurnosne ispravke

 -- Ivan Rako <Ivan.Rako@CARNet.hr>  Sun, 10 Jun 2007 12:52:26 +0200

clamav-cn (2:0.90.2-1) carnet-sarge; urgency=high

  * Nova upstream verzija
  * Majorne izmjene

 -- Ivan 'ico' Rako <irako@srce.hr>  Tue, 17 Apr 2007 18:17:04 +0200

clamav-cn (2:0.88.7-1) carnet-sarge; urgency=medium

  * Nova upstream verzija, razne ispravke:
    - libclamav/message.c: handle consecutive errors in base64 decoding
    - libclamav/mbox.c: honour recursion limit when scanning email messages
    - clamscan: new option --mail-max-recursion
    - clamd/clamav-milter: new option MailMaxRecursion
    - libclamav/untar.c: honour archive limits

 -- Ivan Rako <Ivan.Rako@CARNet.hr>  Fri, 15 Dec 2006 23:56:40 +0100

clamav-cn (2:0.88.6-1) carnet-sarge; urgency=medium

  * Nova upstream verzija, razne ispravke:
    - freshclam: apply timeout patch from Everton da Silva Marques
      <everton*lab.ipaccess.diveo.net.br> (new options: ConnectTimeout and
      ReceiveTimeout)
    - clamd: change stack size at the right place (closes bug#103)
      Patch from Jonathan Chen <jon+clamav*spock.org>
    - libclamav/petite.c: sanity check the number of rebuilt sections (speeds
      up handling of malformed files)

 -- Ivan Rako <Ivan.Rako@CARNet.hr>  Sun, 26 Nov 2006 21:24:12 +0100

clamav-cn (2:0.88.5-1) sarge; urgency=high

  * Nova upstream verzija, sigurnosne ispravke:
    - libclamav/rebuildpe.c: fix possible heap overflow [IDEF1597]
    - libclamav/chmunpack.c: fix possible crash [IDEF1736]

 -- Ivan 'ico' Rako <irako@srce.hr>  Thu, 19 Oct 2006 13:03:56 +0200

clamav-cn (2:0.88.4-1) sarge; urgency=high

  * Nova upstream verzija, sigurnosna ispravka:
    - libclamav/upx.c: fix possible heap overflow
      See http://www.clamav.net/security/0.88.4.html for details.

 -- Zoran Dzelajlija <jelly+paketi@adu.hr>  Mon, 14 Aug 2006 10:50:39 +0200

clamav-cn (2:0.88.3-1) sarge; urgency=high

  * Nova upstream verzija
  * Bugfixes:
    - libclamav/matcher-ac.c: fix possible false matches of alternatives
      Problem reported by Nicolas Riendeau <knightr*istop.com>
    - libclamav: Large binhex files were not being handled gracefully. Tidied
      the handling code. Note that large binhex are not currently decoded.
      Bug reported by Luca
    - libclamav/scanners.c: fix zero allocation warning reported by Sergey
      Svishchev

 -- Ivan 'ico' Rako <irako@srce.hr>  Thu, 20 Jul 2006 22:46:35 +0200

clamav-cn (2:0.88.2-1) sarge; urgency=high

  * Nova upstream verzija (kompajlirano iz source paketa sa
    volatile repozitorija)
  * Bugfixes:
    - freshclam/manager.c: fix possible buffer overflow
      Reported by Ulf Harnhammar <metaur*telia.com> and Peter <remllov_*gmx.de>
      See http://www.clamav.net/security/0.88.2.html for details.
    - libclamav/zziplib/zzip-zip.c: add missing #include "others.h"
      Patch by Alex Deiter <tiamat*komi.mts.ru>
    - fix other implicit function declarations
      Thanks to Paul Fisher <pnfisher*berkeley.edu>, Ludwig Nussel
      <ludwig.nussel*suse.de> and Stephen Gran <steve*lobefin.net>
    - shared/cfgparser.c: don't use CL_FULLSTR for file directives
      Requested by Tomasz Papszun and others
    - libclamav/mbox.c: fix compilation error on CYGWIN
    - clamav-milter: Ensure that the quarantine location reported in
      notifications is correct.
      Patch by Simon Munton <simon at nidoran.m5data.com>
  * Ispravlja sigurnosni propust: CVE-2006-1989

 -- Ivan 'ico' Rako <irako@srce.hr>  Thu,  6 Apr 2006 08:04:48 +0200

clamav-cn (2:0.88.1-1) sarge; urgency=high

  * Nova upstream verzija (kompajlirano iz source paketa sa
    volatile repozitorija)
  * Ispravke pogresaka:
    - libclamav/matcher.c: properly handle partial reads in cli_scandesc()
    - libclamav/mbox.c: sync with CVS, fixes detection of Worm.Bagle.CT
    - freshclam: fix support for LocalIPAddress
      Patch by Anton Yuzhaninov <citrin*citrin.ru>
    - docs/man: multiple manpage typo fixes
      Patch by A. Costa <agcosta*gis.net>)
    - shared/output.c: properly handle return value of vsnprintf
      Thanks to Anton Yuzhaninov <citrin*rambler-co.ru>
    - libclamav/htmlnorm.c: fix typo spotted by Gianluigi Tiesi
      <sherpya*netfarm.it>
    - sigtool/sigtool.c: fix possible crash in build(), thanks to Sven
    - clamd/session.c: remove static timeout (5s) for SESSION
      Pointed out by Joseph Benden <joe*thrallingpenguin.com>
    - libclamav/pe.c: fix possible integer overflow reported by Damian Put
      Note: only exploitable if file size limit (ArchiveMaxFileSize) disabled
    - libclamav/scanners.c: properly report archive unpacking errors
      Problem spotted by David F. Skoll <dfs*roaringpenguin.com>
    - libclamav/others.c: fix possible crash in cli_bitset_test()
      Reported by David Luyer <david_luyer*pacific.net.au>
    - libclamav/zziplib: fix possible crash on FreeBSD
      Reported by Robert Rebbun <robert*desertsurf.com>
    - clamav-milter: fall back if sendfile() fails
  * Ispravlja sigurnosne propuste: CVE-2006-1614, CVE-2006-1615,
    CVE-2006-1630

 -- Ivan 'ico' Rako <irako@srce.hr>  Thu,  6 Apr 2006 08:04:48 +0200

clamav-cn (2:0.88-1) sarge; urgency=high

  * Nova upstream verzija (kompajlirano iz source paketa sa volatile
    repozitorija)
  * Bugfiksevi
  * Ispravlja sigurnosni propust CVE-2006-0162

 -- Ivan 'ico' Rako <irako@srce.hr>  Thu, 12 Jan 2006 18:51:11 +0100
 
clamav-cn (2:0.87.1-1) sarge; urgency=high

  * Nova upstream verzija (kompajlirano iz source paketa sa volatile
    repozitorija)
  * Bugfiksevi
  * Ispravlja sigurnosne nedostatke: CVE-2005-3239, CVE-2005-3303,
    CVE-2005-3500 i CVE-2005-3501

 -- Ivan 'ico' Rako <irako@srce.hr>  Sun,  6 Nov 2005 17:23:18 +0100

clamav-cn (2:0.87-0) sarge; urgency=high

  * Nova upstream verzija (kompajlirano iz source paketa sa volatile
    repozitorija)
  * Ispravke sigurnosnih bugova prilikom hendlanja UPX i FSG kompresiranih
    izvrsnih datoteka (CAN-2005-2920 i CAN-2005-2919)
 
 -- Ivan 'ico' Rako <irako@srce.hr>  Mon, 19 Sep 2005 15:19:58 +0200

clamav-cn (2:0.86.2-1) sarge; urgency=high

  * nova upstream verzija
  * ovisnost o novoj verziji koja ispravlja sigurnosni nedostatak
    opisan na <URL:http://www.rem0te.com/public/images/clamav.pdf>

 -- Ivan 'ico' Rako <irako@srce.hr>  Fri, 29 Jul 2005 11:34:53 +0200

clamav-cn (2:0.86.1-1.1) sarge; urgency=high

  * dodana ovisnost o paketu clamav

 -- Ivan 'ico' Rako <irako@srce.hr>  Thu, 14 Jul 2005 22:34:52 +0200
 
clamav-cn (2:0.86.1-1) sarge; urgency=high

  * nova upstream verzija
  * ovisnost o novoj verziji koja ispravlja vise sigurnosnih problema
    (CAN-2005-1922, CAN-2005-1923, CAN-2005-2056, CAN-2005-2070 i DSA 737-1)

 -- Ivan 'ico' Rako <irako@srce.hr>  Wed,  6 Jul 2005 14:41:06 +0200

clamav-cn (2:0.85.1-2) sarge; urgency=medium

  * nova upstream verzija
  * kozmetika postinsta
  * restarta clamav-{daemon,freshclam} samo ako je potrebno

 -- Ivan 'ico' Rako <irako@srce.hr>  Thu, 19 May 2005 14:51:41 +0200

clamav-cn (2:0.83-3.1) testing; urgency=low

  * backup_conffile -> cp_backup_conffile

 -- Ivan 'ico' Rako <irako@srce.hr>  Tue, 29 Mar 2005 09:40:02 +0200

clamav-cn (2:0.83-3) testing; urgency=low

  * postinst koristi funkcije iz novog carnet-tools-cn paketa

 -- Ivan 'ico' Rako <irako@srce.hr>  Thu, 17 Mar 2005 15:53:34 +0100

clamav-cn (2:0.81-2) testing; urgency=low

  * nova upstream verzija

 -- Ivan 'ico' Rako <irako@srce.hr>  Fri, 28 Jan 2005 15:36:02 +0100

clamav-cn (2:0.80-2) testing; urgency=high

  * popravlja /etc/logrotate.d/clamav-daemon i
    /etc/logrotate.d/clamav-freshclam (T# 2005010813000012)
  * kozmetika postinsta

 -- Ivan 'ico' Rako <irako@srce.hr>  Sun,  9 Jan 2005 13:08:12 +0100

clamav-cn (2:0.80-1) testing; urgency=high

  * /etc/clamav/clamav.conf -> /etc/clamav/clamd.conf
  * kozmetika postinsta
  * nova majorna verzija

 -- Ivan 'ico' Rako <irako@srce.hr>  Mon,  8 Nov 2004 14:28:05 +0100

clamav-cn (2:0.75.1-1) testing; urgency=high

  * Ispravljen bug u /etc/clamav/freshclam.conf (OTRS #2004090810000014)
  * Vracen User clamav i DatabaseOwner clamav
  * Maknuto divertanje konfiguracijske datoteke

 -- Ivan 'ico' Rako <irako@srce.hr>  Mon, 20 Sep 2004 08:59:22 +0200

clamav-cn (2:0.70-2) testing; urgency=high

  * Inacica paketa koja ispravlja sigurnosni nedostatak Bugtraq ID: 9897
    ("Udaljeno uskracivanje resursa preko RAR arhiva")
  * Konflikta s verzijama iz woody distribucije

 -- Zeljko Boros <zelja@ravnica.ptfos.hr>  Tue, 30 Mar 2004 13:07:16 +0200

clamav-cn (2:0.70-1) testing; urgency=low

  * Dodano redirektiranje konfiguracije Debian na CARNetovu konfiguraciju
  * Pokretanje clamav-freshclam daemona ako nije pokrenut

 -- Zeljko Boros <zelja@ravnica.ptfos.hr>  Mon, 29 Mar 2004 09:46:04 +0200

clamav-cn (0.67-2) unstable; urgency=low

  * Nova inacica paketa

 -- Zeljko Boros <zelja@ravnica.ptfos.hr>  Tue, 24 Feb 2004 19:10:06 +0100