Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bumped version from 1.2.0 -> 1.3.0-devel #1007

Merged
merged 1 commit into from
Aug 31, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,10 @@ cmake_policy(SET CMP0087 NEW) # support generator expressions in install(CODE) a
# For release candidate: set(VERSION_SUFFIX "-rc")
# For release: set(VERSION_SUFFIX "")
string(TIMESTAMP TODAY "%Y%m%d")
set(VERSION_SUFFIX "")
set(VERSION_SUFFIX "-devel-${TODAY}")

project( ClamAV
VERSION "1.2.0"
VERSION "1.3.0"
DESCRIPTION "ClamAV open source email, web, and end-point anti-virus toolkit." )

set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake" ${CMAKE_MODULE_PATH})
Expand Down
18 changes: 9 additions & 9 deletions Jenkinsfile
Original file line number Diff line number Diff line change
Expand Up @@ -10,31 +10,31 @@ properties(
parameters(
[
string(name: 'VERSION',
defaultValue: '1.2.0',
defaultValue: '1.3.0',
description: 'ClamAV version string'),
string(name: 'FRAMEWORK_BRANCH',
defaultValue: '1.2',
defaultValue: '1.3',
description: 'test-framework branch'),
string(name: 'TESTS_BRANCH',
defaultValue: '1.2',
defaultValue: '1.3',
description: 'tests branch'),
string(name: 'TESTS_CUSTOM_BRANCH',
defaultValue: '1.2',
defaultValue: '1.3',
description: 'tests-custom branch'),
string(name: 'TESTS_FUZZ_BRANCH',
defaultValue: '1.2',
defaultValue: '1.3',
description: 'tests-fuzz-regression branch'),
string(name: 'BUILD_PIPELINE',
defaultValue: 'build-1.2',
defaultValue: 'build-1.3',
description: 'test-pipelines branch for build acceptance'),
string(name: 'REGULAR_PIPELINE',
defaultValue: 'regular-1.2',
defaultValue: 'regular-1.3',
description: 'test-pipelines branch for regular tests.'),
string(name: 'CUSTOM_PIPELINE',
defaultValue: 'custom-1.2',
defaultValue: 'custom-1.3',
description: 'test-pipelines branch for custom tests'),
string(name: 'FUZZ_PIPELINE',
defaultValue: 'fuzz-regression-1.2',
defaultValue: 'fuzz-regression-1.3',
description: 'test-pipelines branch for fuzz regression tests'),
string(name: 'FUZZ_CORPUS_BRANCH',
defaultValue: 'master',
Expand Down
122 changes: 122 additions & 0 deletions NEWS.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,20 @@
Note: This file refers to the official packages. Things described here may
differ slightly from third-party binary packages.

## 1.3.0

ClamAV 1.3.0 includes the following improvements and changes:

### Major changes

## Other improvements

### Bug fixes

### Acknowledgments

Special thanks to the following people for code contributions and bug reports:

## 1.2.0

ClamAV 1.2.0 includes the following improvements and changes:
Expand Down Expand Up @@ -152,6 +166,37 @@ Special thanks to the following people for code contributions and bug reports:
- Nils Werner
- Răzvan Cojocaru

## 1.1.1

ClamAV 1.1.1 is a critical patch release with the following fixes:

- [CVE-2023-20197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20197)
Fixed a possible denial of service vulnerability in the HFS+ file parser.
This issue affects versions 1.1.0, 1.0.1 through 1.0.0, 0.105.2 through 0.105.0,
0.104.4 through 0.104.0, and 0.103.8 through 0.103.0.
Thank you to Steve Smith for reporting this issue.

- Fixed a build issue when using the Rust nightly toolchain, which was
affecting the oss-fuzz build environment used for regression tests.
- GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/997

- Fixed a build issue on Windows when using Rust version 1.70 or newer.
- GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/994

- CMake build system improvement to support compiling with OpenSSL 3.x on
macOS with the Xcode toolchain.

The official ClamAV installers and packages are now built with OpenSSL 3.1.1
or newer.
- GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/972

- Removed a warning message showing the HTTP response codes during the
Freshclam database update process.
- GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/939

Special thanks to the following people for code contributions and bug reports:
- Steve Smith

## 1.1.0

ClamAV 1.1.0 includes the following improvements and changes:
Expand Down Expand Up @@ -325,6 +370,65 @@ Special thanks to the following people for code contributions and bug reports:
- Sebastian Andrzej Siewior
- The OSS-Fuzz project

## 1.0.2

ClamAV 1.0.2 is a critical patch release with the following fixes:

- [CVE-2023-20197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20197)
Fixed a possible denial of service vulnerability in the HFS+ file parser.
This issue affects versions 1.1.0, 1.0.1 through 1.0.0, 0.105.2 through 0.105.0,
0.104.4 through 0.104.0, and 0.103.8 through 0.103.0.
Thank you to Steve Smith for reporting this issue.

- [CVE-2023-20212](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20212)
Fixed a possible denial of service vulnerability in the AutoIt file parser.
This issue affects versions 1.0.1 and 1.0.0.
This issue does not affect version 1.1.0.

- Fixed a build issue when using the Rust nightly toolchain, which was
affecting the oss-fuzz build environment used for regression tests.
- GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/996

- Fixed a build issue on Windows when using Rust version 1.70 or newer.
- GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/993

- CMake build system improvement to support compiling with OpenSSL 3.x on
macOS with the Xcode toolchain.

The official ClamAV installers and packages are now built with OpenSSL 3.1.1
or newer.
- GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/973

- Fixed an issue where ClamAV does not abort the signature load process after
partially loading an invalid signature.
The bug would later cause a crash when scanning certain files.
- GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/952

- Fixed an issue so that ClamAV correctly removes temporary files generated
by the VBA and XLM extraction modules so that the files are not leaked in
patched versions of ClamAV where temporary files are written directly to the
temp-directory instead of writing to a unique subdirectory.
- GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/900

- Set Git attributes to prevent Git from altering line endings for bundled Rust
libraries. Third-party Rust libraries are bundled in the ClamAV release
tarball. We do not commit them to our own Git repository, but community
package maintainers may now store the tarball contents in Git.
The Rust build system verifies the library manifest, and this change
ensures that the hashes are correct.
Improvement courtesy of Nicolas R.
- GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/856

- Fixed two bugs that would cause Freshclam to fail update when applying a
CDIFF database patch if that patch adds a file to the database archive
or removes a file from the database archive.
This bug also caused Sigtool to fail to create such a patch.
- GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/901

Special thanks to the following people for code contributions and bug reports:
- Nicolas R.
- Steve Smith

## 1.0.1

ClamAV 1.0.1 is a critical patch release with the following fixes:
Expand Down Expand Up @@ -1271,6 +1375,24 @@ The ClamAV team thanks the following individuals for their code submissions:
- Vasile Papp
- Yasuhiro Kimura

## 0.103.9

ClamAV 0.103.9 is a critical patch release with the following fixes:

- [CVE-2023-20197](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20197)
Fixed a possible denial of service vulnerability in the HFS+ file parser.
This issue affects versions 1.1.0, 1.0.1 through 1.0.0, 0.105.2 through 0.105.0,
0.104.4 through 0.104.0, and 0.103.8 through 0.103.0.
Thank you to Steve Smith for reporting this issue.

- Fixed compiler warnings that may turn into errors in Clang 16.
Patch courtesy of Michael Orlitzky.
- GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/747

Special thanks to the following people for code contributions and bug reports:
- Michael Orlitzky
- Steve Smith

## 0.103.8

ClamAV 0.103.8 is a critical patch release with the following fixes:
Expand Down
2 changes: 2 additions & 0 deletions libclamav/bytecode_api.h
Original file line number Diff line number Diff line change
Expand Up @@ -171,6 +171,8 @@ enum FunctionalityLevels {
FUNC_LEVEL_1_1 = 180, /**< LibClamAV release 1.1.0 */

FUNC_LEVEL_1_2 = 190, /**< LibClamAV release 1.2.0 */

FUNC_LEVEL_1_3 = 200, /**< LibClamAV release 1.3.0 */
};

/**
Expand Down
2 changes: 1 addition & 1 deletion libclamav/others.h
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@
* in re-enabling affected modules.
*/

#define CL_FLEVEL 190
#define CL_FLEVEL 200
#define CL_FLEVEL_DCONF CL_FLEVEL
#define CL_FLEVEL_SIGTOOL CL_FLEVEL

Expand Down
Loading