!62 Upgrade to 0.103.6 version for fix CVE-2022-20785 CVE-2022-20771 CVE-2022-20770 CVE-2022-20792

From: @houyingchao Reviewed-by: @small_leek Signed-off-by: @small_leek
2022-05-16 06:24:33 +00:00 · 2022-05-16 06:24:33 +00:00 · c6ec14912a
commit c6ec14912a
parent ce604eaece 62e4055377
5 changed files with 6 additions and 68 deletions
--- a/CVE-2022-20698.patch
+++ b/CVE-2022-20698.patch
@ -1,31 +0,0 @@
 From 9a6bb57f89721db637f4ddb5b233c1c4e23d223a Mon Sep 17 00:00:00 2001
 From: Micah Snyder <micasnyd@cisco.com>
 Date: Wed, 15 Sep 2021 15:51:53 -0700
 Subject: [PATCH] OOXML: Fix invalid pointer dereference
 The OOXML parser in libclamav may try to extract an entry that is
 missing a file name. This results in an invalid 0x1 pointer dereference
 in the ZIP parser that is likely to crash the scanning application.
 This commit fixes the issue by requiring both the PartName (PN) *and*
 the ContentType (CT) variables to be non-NULL or else the entry will be
 skipped.
 Thank you Laurent Delosieres for reporting this issue.
 ---
 libclamav/ooxml.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/libclamav/ooxml.c b/libclamav/ooxml.c
 index 16c436f1a5..644779432c 100644
 --- a/libclamav/ooxml.c
 +++ b/libclamav/ooxml.c
@@ -245,7 +245,7 @@ static cl_error_t ooxml_content_cb(int fd, const char *filepath, cli_ctx *ctx, c
             cli_dbgmsg("%s: %s\n", localname, value);
         }
 -        if (!CT && !PN) continue;
 +        if (!CT || !PN) continue;
         if (!xmlStrcmp(CT, (const xmlChar *)"application/vnd.openxmlformats-package.core-properties+xml")) {
             /* default: /docProps/core.xml*/
--- a/clamav-0.103.6.tar.gz
+++ b/clamav-0.103.6.tar.gz
--- a/clamav-check.patch
+++ b/clamav-check.patch
@ -1,12 +0,0 @@
 diff -up clamav-0.103.0/unit_tests/check_jsnorm.c.check clamav-0.103.0/unit_tests/check_jsnorm.c
 --- clamav-0.103.0/unit_tests/check_jsnorm.c.check	2020-09-12 18:27:10.000000000 -0600
 +++ clamav-0.103.0/unit_tests/check_jsnorm.c	2020-09-17 22:15:26.199957518 -0600
@@ -247,7 +247,7 @@ static void tokenizer_test(const char *i
     fd = open(filename, O_RDONLY);
     if (fd < 0) {
         jstest_teardown();
 -        ck_assert_msg("failed to open output file: %s", filename);
 +        ck_assert_msg(0, "failed to open output file: %s", filename);
     }
     diff_file_mem(fd, expected, len);
--- a/clamav-clamonacc-service.patch
+++ b/clamav-clamonacc-service.patch
@ -1,20 +0,0 @@
 diff -up clamav-0.103.0/clamonacc/clamav-clamonacc.service.in.clamonacc-service clamav-0.103.0/clamonacc/clamav-clamonacc.service.in
 --- clamav-0.103.0/clamonacc/clamav-clamonacc.service.in.clamonacc-service	2020-09-12 18:27:09.000000000 -0600
 +++ clamav-0.103.0/clamonacc/clamav-clamonacc.service.in	2020-09-18 19:49:35.400152760 -0600
@@ -4,14 +4,12 @@
 [Unit]
 Description=ClamAV On-Access Scanner
 Documentation=man:clamonacc(8) man:clamd.conf(5) https://www.clamav.net/documents
 -Requires=clamav-daemon.service
 -After=clamav-daemon.service syslog.target network.target
 +After=clamd@scan.service syslog.target network.target
 [Service]
 Type=simple
 User=root
 -ExecStartPre=/bin/bash -c "while [ ! -S /run/clamav/clamd.ctl ]; do sleep 1; done"
 -ExecStart=@prefix@/sbin/clamonacc -F --config-file=@APP_CONFIG_DIRECTORY@/clamd.conf --log=/var/log/clamav/clamonacc.log --move=/root/quarantine
 +ExecStart=@prefix@/sbin/clamonacc -F --config-file=/etc/clamd.d/scan.conf
 [Install]
 WantedBy=multi-user.target
--- a/clamav.spec
+++ b/clamav.spec
@ -1,7 +1,7 @@
 Name:           clamav
 Summary:        End-user tools for the Clam Antivirus scanner
-Version:        0.103.2
+Version:        0.103.6
-Release:        4
+Release:        1
 License:        GPLv2 and Public Domain and bzip2-1.0.6 and Zlib and Apache-2.0
 URL:            https://www.clamav.net/
@ -24,13 +24,10 @@ Source15:       clamd@.service
 Patch0001:      clamav-stats-deprecation.patch
 Patch0002:      clamav-default_confs.patch
 Patch0003:      clamav-0.99-private.patch
 Patch0004:      clamav-check.patch
 Patch0005:      clamav-clamonacc-service.patch
 Patch0006:      clamav-freshclam.service.patch
 Patch0007:      clamav-type-conversion.patch
 Patch0008:      clamav-return-val-process.patch
 Patch0009:      clamav-clamonacc-version-return.patch
 Patch0010:      CVE-2022-20698.patch
 BuildRequires:  autoconf automake gettext-devel libtool libtool-ltdl-devel
 BuildRequires:  gcc-c++ zlib-devel bzip2-devel gmp-devel curl-devel json-c-devel
@ -415,6 +412,10 @@ test -e %_var/log/clamav-milter.log || {
 %changelog
 * Fri May 13 2022 houyingchao <houyingchao@h-partners.com> - 0.103.6-1
 - Upgrade to 0.103.6
 - Fix CVE-2022-20785 CVE-2022-20771 CVE-2022-20770 CVE-2022-20792
 * Mon Jan 24 2022 wangkai <wangkai385@huawei.com> - 0.103.2-4
 - Fix CVE-2022-20698