From 3452dcab1e11c707bc57606370792ded0e6f6902 Mon Sep 17 00:00:00 2001 From: rasundri Date: Tue, 22 Aug 2023 13:25:44 -0400 Subject: [PATCH] Bumped version from 1.2.0 -> 1.3.0-devel FLEVEL 190 -> 200 Updated the News to have section for the new version and added previous patch versions. --- CMakeLists.txt | 4 +- Jenkinsfile | 18 +++--- NEWS.md | 122 +++++++++++++++++++++++++++++++++++++++ libclamav/bytecode_api.h | 2 + libclamav/others.h | 2 +- 5 files changed, 136 insertions(+), 12 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 5426f388e4..ec8a0e947f 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -19,10 +19,10 @@ cmake_policy(SET CMP0087 NEW) # support generator expressions in install(CODE) a # For release candidate: set(VERSION_SUFFIX "-rc") # For release: set(VERSION_SUFFIX "") string(TIMESTAMP TODAY "%Y%m%d") -set(VERSION_SUFFIX "") +set(VERSION_SUFFIX "-devel-${TODAY}") project( ClamAV - VERSION "1.2.0" + VERSION "1.3.0" DESCRIPTION "ClamAV open source email, web, and end-point anti-virus toolkit." ) set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake" ${CMAKE_MODULE_PATH}) diff --git a/Jenkinsfile b/Jenkinsfile index 3d80419700..5d2c564e16 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -10,31 +10,31 @@ properties( parameters( [ string(name: 'VERSION', - defaultValue: '1.2.0', + defaultValue: '1.3.0', description: 'ClamAV version string'), string(name: 'FRAMEWORK_BRANCH', - defaultValue: '1.2', + defaultValue: '1.3', description: 'test-framework branch'), string(name: 'TESTS_BRANCH', - defaultValue: '1.2', + defaultValue: '1.3', description: 'tests branch'), string(name: 'TESTS_CUSTOM_BRANCH', - defaultValue: '1.2', + defaultValue: '1.3', description: 'tests-custom branch'), string(name: 'TESTS_FUZZ_BRANCH', - defaultValue: '1.2', + defaultValue: '1.3', description: 'tests-fuzz-regression branch'), string(name: 'BUILD_PIPELINE', - defaultValue: 'build-1.2', + defaultValue: 'build-1.3', description: 'test-pipelines branch for build acceptance'), string(name: 'REGULAR_PIPELINE', - defaultValue: 'regular-1.2', + defaultValue: 'regular-1.3', description: 'test-pipelines branch for regular tests.'), string(name: 'CUSTOM_PIPELINE', - defaultValue: 'custom-1.2', + defaultValue: 'custom-1.3', description: 'test-pipelines branch for custom tests'), string(name: 'FUZZ_PIPELINE', - defaultValue: 'fuzz-regression-1.2', + defaultValue: 'fuzz-regression-1.3', description: 'test-pipelines branch for fuzz regression tests'), string(name: 'FUZZ_CORPUS_BRANCH', defaultValue: 'master', diff --git a/NEWS.md b/NEWS.md index 6c181d5490..b0517891df 100644 --- a/NEWS.md +++ b/NEWS.md @@ -3,6 +3,20 @@ Note: This file refers to the official packages. Things described here may differ slightly from third-party binary packages. +## 1.3.0 + +ClamAV 1.3.0 includes the following improvements and changes: + +### Major changes + +## Other improvements + +### Bug fixes + +### Acknowledgments + +Special thanks to the following people for code contributions and bug reports: + ## 1.2.0 ClamAV 1.2.0 includes the following improvements and changes: @@ -152,6 +166,37 @@ Special thanks to the following people for code contributions and bug reports: - Nils Werner - Răzvan Cojocaru +## 1.1.1 + +ClamAV 1.1.1 is a critical patch release with the following fixes: + +- [CVE-2023-20197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20197) + Fixed a possible denial of service vulnerability in the HFS+ file parser. + This issue affects versions 1.1.0, 1.0.1 through 1.0.0, 0.105.2 through 0.105.0, + 0.104.4 through 0.104.0, and 0.103.8 through 0.103.0. + Thank you to Steve Smith for reporting this issue. + +- Fixed a build issue when using the Rust nightly toolchain, which was + affecting the oss-fuzz build environment used for regression tests. + - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/997 + +- Fixed a build issue on Windows when using Rust version 1.70 or newer. + - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/994 + +- CMake build system improvement to support compiling with OpenSSL 3.x on + macOS with the Xcode toolchain. + + The official ClamAV installers and packages are now built with OpenSSL 3.1.1 + or newer. + - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/972 + +- Removed a warning message showing the HTTP response codes during the + Freshclam database update process. + - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/939 + +Special thanks to the following people for code contributions and bug reports: +- Steve Smith + ## 1.1.0 ClamAV 1.1.0 includes the following improvements and changes: @@ -325,6 +370,65 @@ Special thanks to the following people for code contributions and bug reports: - Sebastian Andrzej Siewior - The OSS-Fuzz project +## 1.0.2 + +ClamAV 1.0.2 is a critical patch release with the following fixes: + +- [CVE-2023-20197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20197) + Fixed a possible denial of service vulnerability in the HFS+ file parser. + This issue affects versions 1.1.0, 1.0.1 through 1.0.0, 0.105.2 through 0.105.0, + 0.104.4 through 0.104.0, and 0.103.8 through 0.103.0. + Thank you to Steve Smith for reporting this issue. + +- [CVE-2023-20212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20212) + Fixed a possible denial of service vulnerability in the AutoIt file parser. + This issue affects versions 1.0.1 and 1.0.0. + This issue does not affect version 1.1.0. + +- Fixed a build issue when using the Rust nightly toolchain, which was + affecting the oss-fuzz build environment used for regression tests. + - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/996 + +- Fixed a build issue on Windows when using Rust version 1.70 or newer. + - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/993 + +- CMake build system improvement to support compiling with OpenSSL 3.x on + macOS with the Xcode toolchain. + + The official ClamAV installers and packages are now built with OpenSSL 3.1.1 + or newer. + - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/973 + +- Fixed an issue where ClamAV does not abort the signature load process after + partially loading an invalid signature. + The bug would later cause a crash when scanning certain files. + - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/952 + +- Fixed an issue so that ClamAV correctly removes temporary files generated + by the VBA and XLM extraction modules so that the files are not leaked in + patched versions of ClamAV where temporary files are written directly to the + temp-directory instead of writing to a unique subdirectory. + - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/900 + +- Set Git attributes to prevent Git from altering line endings for bundled Rust + libraries. Third-party Rust libraries are bundled in the ClamAV release + tarball. We do not commit them to our own Git repository, but community + package maintainers may now store the tarball contents in Git. + The Rust build system verifies the library manifest, and this change + ensures that the hashes are correct. + Improvement courtesy of Nicolas R. + - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/856 + +- Fixed two bugs that would cause Freshclam to fail update when applying a + CDIFF database patch if that patch adds a file to the database archive + or removes a file from the database archive. + This bug also caused Sigtool to fail to create such a patch. + - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/901 + +Special thanks to the following people for code contributions and bug reports: +- Nicolas R. +- Steve Smith + ## 1.0.1 ClamAV 1.0.1 is a critical patch release with the following fixes: @@ -1271,6 +1375,24 @@ The ClamAV team thanks the following individuals for their code submissions: - Vasile Papp - Yasuhiro Kimura +## 0.103.9 + +ClamAV 0.103.9 is a critical patch release with the following fixes: + +- [CVE-2023-20197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20197) + Fixed a possible denial of service vulnerability in the HFS+ file parser. + This issue affects versions 1.1.0, 1.0.1 through 1.0.0, 0.105.2 through 0.105.0, + 0.104.4 through 0.104.0, and 0.103.8 through 0.103.0. + Thank you to Steve Smith for reporting this issue. + +- Fixed compiler warnings that may turn into errors in Clang 16. + Patch courtesy of Michael Orlitzky. + - GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/747 + +Special thanks to the following people for code contributions and bug reports: +- Michael Orlitzky +- Steve Smith + ## 0.103.8 ClamAV 0.103.8 is a critical patch release with the following fixes: diff --git a/libclamav/bytecode_api.h b/libclamav/bytecode_api.h index 6bf3b3485b..545ea95de2 100644 --- a/libclamav/bytecode_api.h +++ b/libclamav/bytecode_api.h @@ -171,6 +171,8 @@ enum FunctionalityLevels { FUNC_LEVEL_1_1 = 180, /**< LibClamAV release 1.1.0 */ FUNC_LEVEL_1_2 = 190, /**< LibClamAV release 1.2.0 */ + + FUNC_LEVEL_1_3 = 200, /**< LibClamAV release 1.3.0 */ }; /** diff --git a/libclamav/others.h b/libclamav/others.h index c43a590d83..df8b025d61 100644 --- a/libclamav/others.h +++ b/libclamav/others.h @@ -73,7 +73,7 @@ * in re-enabling affected modules. */ -#define CL_FLEVEL 190 +#define CL_FLEVEL 200 #define CL_FLEVEL_DCONF CL_FLEVEL #define CL_FLEVEL_SIGTOOL CL_FLEVEL