| |
@@ -2,11 +2,21 @@
|
| |
### FIXME: amavisd-new requires clamd to run as user vscan, solution needed
|
| |
### REMINDER: Look and sync with Petr Kristof's work
|
| |
|
| |
+ # Work around https://bugzilla.clamav.net/show_bug.cgi?id=12162 by bundling
|
| |
+ # newer zlib version from RHEL/CentOS 7 (#1600458)
|
| |
+ %global zlibversion 1.2.7
|
| |
+ %global zlibrelease 17%{?dist}
|
| |
+
|
| |
Summary: Anti-virus software
|
| |
Name: clamav
|
| |
Version: 0.100.1
|
| |
- Release: 1%{?dist}
|
| |
+ Release: 2%{?dist}
|
| |
+ # ClamAV is GPLv2, zlib is zlib, /contrib/dotzlib/ has Boost license
|
| |
+ %if 0%{?zlibversion:1} && 0%{?zlibrelease:1}
|
| |
+ License: GPLv2 and zlib and Boost
|
| |
+ %else
|
| |
License: GPLv2
|
| |
+ %endif
|
| |
Group: Applications/System
|
| |
URL: https://www.clamav.net/
|
| |
|
| |
@@ -33,18 +43,42 @@
|
| |
Source12: http://db.local.clamav.net/daily-24741.cvd
|
| |
Source13: http://db.local.clamav.net/bytecode-324.cvd
|
| |
|
| |
+ %if 0%{?zlibversion:1} && 0%{?zlibrelease:1}
|
| |
+ # Cheerfully borrowed from zlib.spec in RHEL/CentOS 7
|
| |
+ Source90: http://www.zlib.net/zlib-%{zlibversion}.tar.bz2
|
| |
+ %endif
|
| |
+
|
| |
Patch0: clamav-0.100.0-stats-deprecation.patch
|
| |
Patch31: clamav-0.99.1-setsebool.patch
|
| |
|
| |
+ %if 0%{?zlibversion:1} && 0%{?zlibrelease:1}
|
| |
+ # Cheerfully borrowed from zlib.spec in RHEL/CentOS 7, see
|
| |
+ # also https://git.centos.org/tree/rpms!zlib.git/c7/SOURCES
|
| |
+ Patch90: zlib-1.2.5-minizip-fixuncrypt.patch
|
| |
+ # resolves: #805113
|
| |
+ Patch91: zlib-1.2.7-optimized-s390.patch
|
| |
+ # resolves: #844791
|
| |
+ Patch92: zlib-1.2.7-z-block-flush.patch
|
| |
+ # resolves: #1127330
|
| |
+ Patch93: zlib-1.2.7-fix-serious-but-very-rare-decompression-bug-in-inftr.patch
|
| |
+ # resolves: #1337441
|
| |
+ Patch94: zlib-1.2.7-Fix-bug-where-gzopen-gzclose-would-write-an-empty-fi.patch
|
| |
+ %endif
|
| |
+
|
| |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
| |
|
| |
- BuildRequires: bzip2-devel, zlib-devel, gmp-devel, curl-devel, xz, ncurses-devel, openssl-devel, libxml2-devel, pcre-devel, json-c-devel
|
| |
+ BuildRequires: bzip2-devel, gmp-devel, curl-devel, xz, ncurses-devel, openssl-devel, libxml2-devel, pcre-devel, json-c-devel
|
| |
%{!?_without_milter:BuildRequires: sendmail-devel >= 8.12}
|
| |
|
| |
Requires: clamav-db = %{version}-%{release}
|
| |
Requires(pre): shadow-utils
|
| |
|
| |
Provides: bundled(libmspack) = 0.5-0.1.alpha.modified_by_clamav
|
| |
+ %if 0%{?zlibversion:1} && 0%{?zlibrelease:1}
|
| |
+ Provides: bundled(zlib) = %{zlibversion}-%{zlibrelease}
|
| |
+ %else
|
| |
+ Requires: zlib-devel
|
| |
+ %endif
|
| |
|
| |
### Fedora Extras introduced them differently :(
|
| |
Provides: libclamav
|
| |
@@ -196,7 +230,40 @@
|
| |
s|^#(ClamdSocket) .+$|$1 unix:%{_localstatedir}/run/clamav/clamd.sock|;
|
| |
' etc/clamav-milter.conf.sample
|
| |
|
| |
+ %if 0%{?zlibversion:1} && 0%{?zlibrelease:1}
|
| |
+ # Cheerfully borrowed from zlib.spec in RHEL/CentOS 7, see
|
| |
+ # https://git.centos.org/blob/rpms!zlib.git/c7/SPECS!zlib.spec
|
| |
+ tar xfj %{SOURCE90}
|
| |
+ pushd zlib-%{zlibversion}
|
| |
+ %patch90 -p1 -b .fixuncrypt
|
| |
+ %ifarch s390 s390x
|
| |
+ %patch91 -p1 -b .optimized-deflate
|
| |
+ %endif
|
| |
+ %patch92 -p1 -b .z-flush
|
| |
+ %patch93 -p1
|
| |
+ %patch94 -p1
|
| |
+ popd
|
| |
+ %endif
|
| |
+
|
| |
%build
|
| |
+ %if 0%{?zlibversion:1} && 0%{?zlibrelease:1}
|
| |
+ # Cheerfully borrowed from zlib.spec in RHEL/CentOS 7, see
|
| |
+ # https://git.centos.org/blob/rpms!zlib.git/c7/SPECS!zlib.spec
|
| |
+ pushd zlib-%{zlibversion}
|
| |
+ %ifarch ppc64 ppc64le
|
| |
+ export CFLAGS="$RPM_OPT_FLAGS -fPIC -O3"
|
| |
+ %else
|
| |
+ export CFLAGS="$RPM_OPT_FLAGS -fPIC"
|
| |
+ %endif
|
| |
+
|
| |
+ export LDFLAGS="$LDFLAGS -Wl,-z,relro"
|
| |
+
|
| |
+ ./configure --libdir=%{_libdir} --includedir=%{_includedir} --prefix=%{_prefix} --static
|
| |
+ make %{?_smp_mflags}
|
| |
+ make install DESTDIR=%{_builddir}/%{name}-%{version}/zlib-%{zlibversion}-%{zlibrelease}
|
| |
+ popd
|
| |
+ %endif
|
| |
+
|
| |
%configure \
|
| |
--program-prefix="%{?_program_prefix}" \
|
| |
%{!?_without_milter:--enable-milter} \
|
| |
@@ -210,6 +277,9 @@
|
| |
--with-group="clam" \
|
| |
--with-libcurl=%{_prefix} \
|
| |
--with-user="clam" \
|
| |
+ %if 0%{?zlibversion:1} && 0%{?zlibrelease:1}
|
| |
+ --with-zlib=%{_builddir}/%{name}-%{version}/zlib-%{zlibversion}-%{zlibrelease}%{_prefix} \
|
| |
+ %endif
|
| |
# --disable-llvm
|
| |
|
| |
make %{?_smp_mflags}
|
| |
@@ -418,6 +488,9 @@
|
| |
%exclude %{_libdir}/libclammspack.la
|
| |
|
| |
%changelog
|
| |
+ * Sun Aug 12 2018 Robert Scheck <robert@fedoraproject.org> - 0.100.1-2
|
| |
+ - Bundle zlib 1.2.7-17.el7 to avoid malformed database errors (#1600458)
|
| |
+
|
| |
* Wed Jul 11 2018 Sérgio Basto <sergio@serjux.com> - 0.100.1-1
|
| |
- Update to 0.100.1
|
| |
|
| |
Patch suggestion for https://bugzilla.redhat.com/show_bug.cgi?id=1600458#c29 - please note, that it is intended to use the bundled zlib on all architectures on EL-6 to avoid other/further/new issues due to old zlib. Bundled zlib is marked as such as per https://fedoraproject.org/wiki/Bundled_Libraries?rd=Packaging:Bundled_Libraries, the bundled zlib has been taken from RHEL/CentOS 7 to ensure possible security updates/patches/bugfixes until CentOS 6 reaches EOL in 2020.