diff --git a/clamav-0.99.1-jitoff.patch b/clamav-0.99.1-jitoff.patch deleted file mode 100644 index 009edf0..0000000 --- a/clamav-0.99.1-jitoff.patch +++ /dev/null @@ -1,30 +0,0 @@ ---- clamav-0.99/etc/clamd.conf.sample 2015-11-24 00:13:46.000000000 +0100 -+++ clamav-0.99/etc/clamd.conf.sample.jitoff 2015-12-02 01:36:11.766462183 +0100 -@@ -614,6 +614,16 @@ - # Default: yes - #Bytecode yes - -+# Bytecode mode -+# -+# This option has been set to 'ForceInterpreter' in Fedora due to -+# security concerns by default. You might need to enable the -+# 'antivirus_use_jit' SELinux boolean after setting this option to -+# the more efficient 'ForceJIT' value. -+# -+# Default: ForceInterpreter -+#ByteCodeMode ForceInterpreter -+ - # Set bytecode security level. - # Possible values: - # None - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS ---- clamav-0.99/shared/optparser.c 2015-12-02 01:35:26.632828082 +0100 -+++ clamav-0.99/shared/optparser.c.jitoff 2015-12-02 01:36:54.249117737 +0100 -@@ -298,7 +298,7 @@ - { "BytecodeUnsigned", "bytecode-unsigned", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN, - "Allow loading bytecode from outside digitally signed .c[lv]d files.","no"}, - -- { "BytecodeMode", "bytecode-mode", 0, CLOPT_TYPE_STRING, "^(Auto|ForceJIT|ForceInterpreter|Test)$", -1, "Auto", FLAG_REQUIRED, OPT_CLAMD | OPT_CLAMSCAN, -+ { "BytecodeMode", "bytecode-mode", 0, CLOPT_TYPE_STRING, "^(Auto|ForceJIT|ForceInterpreter|Test)$", -1, "ForceInterpreter", FLAG_REQUIRED, OPT_CLAMD | OPT_CLAMSCAN, - "Set bytecode execution mode.\nPossible values:\n\tAuto - automatically choose JIT if possible, fallback to interpreter\nForceJIT - always choose JIT, fail if not possible\nForceInterpreter - always choose interpreter\nTest - run with both JIT and interpreter and compare results. Make all failures fatal.","Auto"}, - - { "Statistics", "statistics", 0, CLOPT_TYPE_STRING, "^(none|None|bytecode|Bytecode|pcre|PCRE)$", -1, NULL, FLAG_MULTIPLE, OPT_CLAMSCAN | OPT_CLAMBC, "Collect and print execution statistics.\nPossible values:\n\tBytecode - reports bytecode statistics\nPCRE - reports PCRE execution statistics\nNone - reports no statistics", "None" }, diff --git a/clamav.spec b/clamav.spec index d506ffc..1e24768 100644 --- a/clamav.spec +++ b/clamav.spec @@ -59,7 +59,7 @@ Requires(postun): /bin/systemctl\ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.99.2 -Release: 13%{?dist} +Release: 14%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} Group: Applications/File URL: http://www.clamav.net @@ -81,8 +81,6 @@ Source11: http://db.local.clamav.net/daily-21723.cvd Patch24: clamav-0.99-private.patch Patch27: clamav-0.98-umask.patch -# https://bugzilla.redhat.com/attachment.cgi?id=403775&action=diff&context=patch&collapsed=&headers=1&format=raw -Patch29: clamav-0.99.1-jitoff.patch # https://llvm.org/viewvc/llvm-project/llvm/trunk/lib/ExecutionEngine/JIT/Intercept.cpp?r1=128086&r2=137567 Patch30: llvm-glibc.patch Patch31: clamav-0.99.1-setsebool.patch @@ -417,7 +415,6 @@ The systemd initscripts for clamav-scanner. %apply -n24 -p1 -b .private %apply -n27 -p1 -b .umask -%apply -n29 -p1 -b .jitoff %apply -n30 -p1 %apply -n31 -p1 -b .setsebool %apply -n32 -p1 -b .openssl_1.1.0 @@ -904,6 +901,10 @@ test "$1" != "0" || /sbin/initctl -q stop clamav-milter || : %changelog +* Thu Jan 04 2018 Sérgio Basto - 0.99.2-14 +- Fix rhbz #1530678 +- Fix rhbz #1518016 + * Sun Nov 26 2017 Robert Scheck - 0.99.2-13 - Backported upstream patch to unbreak e2guardian vs. temp files