Overview Repositories Revisions Requests Users Attributes Meta

Revisions of squidclamav

Martin Pluskal's avatar Martin Pluskal (pluskalm) accepted request 991867 from Mathias Homann's avatar Mathias Homann (lemmy04) (revision 15) 
This time without explicit debug package
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 14) 
- added BuildRequires for libarchive-devel, libbz2-devel, libopenssl-devel, 
  zlib-devel
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 13) 
zlib-devel
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 12) 
- update to 7.1
  Generic:
  * New scan mode. By default squidclamav scan everything excepted the
    exclusions defined in 'abort', 'abortcontent', 'whitelist', 'trustuser'
    and 'trustclient' configuration directives. There is now a mode where
    squidclamav will scan nothing excepted the inclusions defined with
    directives 'scan', 'scancontent', 'blacklist', 'untrustuser' and
    'untrustclient'. The scan mode is controlled by a new configuration
    directive 'scan_mode'. Possible values are 'ScanAllExcept' (the default)
    and 'ScanNothingExcept'.
  * Add support to libarchive to be able to ban archive with some suspect
    files inside that are not detected by ClamAv. This feature is disabled
    by default and can be enable using 'enable_libarchive'. The ban archive
    can be stored to be recovered by the user through the redirect CGI script
    if directive 'recoverpath' is set.
  * An archive banned by libarchive can be recovered through the redirect
    CGI. See cgi-bin/clwarn.cgi and the redirect configuration directive.
    recoverpath must be set to use this feature.
  * Add --with-libarchive configure option to specify where to find
    archive.h. It is searched in /usr/include and /usr/local/include
    by default, if the header file is not in these directory you must
    use this option. Example: ./configure --with-libarchive=/opt/csw.
  Fixes:
  + Fix some compilation warnings.
  + Fix typos/translation error. Thanks to Yuri Voinov for the patch.
  + Allow base dir to --with-libarchive option, /opt/csw/ instead of
    /opt/csw/include. Thanks to Yuri Voinov for the report.
  + Fix formatting of configure usage output. Thanks to Yuri Voinov
    for the report.
  + Defined max() macro even if libarchive is not used. Thanks to Yuri
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 11) 
trigger service run
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 10) 
Modified via webui
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 9) 
- use libdir macro now for c_icap library (modules) path
- refresh squidclamav.conf.patch
- update to 6.16:
  This release fixes a major bug with debugs macro that can have bad side
  effects like printing an error after configuration reload an possibly some
  other wrong behaviors.
  - Change log level of configuration reloading message.
  - Show line in configuration file that can not be parsed
    by add_pattern().
  - Enclose debugs macro to avoid misusage. Thanks to Denis Volpato
    Martins for the patch.
  - Fix Apache complain "AH01215: CGI::param called in list context
    from package main line 14, this can lead to vulnerabilities."
    Thanks to thctlo for the report.
* SquidClamav 6.15, Monday January 18 2016
  This release fix a major bug of a buffer overflow in squidclamav_safebrowsing()
  and change the http response code in squidclamav redirection when a virus is
  found.
  - Fix buffer overflow in squidclamav_safebrowsing(). Thanks to Stuart
    Henderson for the patch.
  - Change http response code 301 (move permanently) to 307 (temporary
    redirect) in squidclamav redirection when a virus is found. Thanks to
    Alexander Koch for the report.
  - Fix null url, client ip and username in safebrowsing report. Thanks to
    Claus Regelmann for the patch.
* SquidClamav 6.14, Sunday October 17 2015
  This release fix a compilation issue with c-icap 0.4.x and exclude the HTTP
  method OPTIONS from being virus scanned.
  - Excluded OPTIONS http method from being scanned. Thanks to Yuri Voinov
    for the report.
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 8) 
- create a symlink /etc/squidclamav.conf pointing to the config in
  /etc/c-icap/squidclamav.conf as the code seems to have the path
  still hardcoded in some places
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 7) 
- place the squidclamav.conf in the /etc/c-icap directory where 
  it makes more sense
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 6) 
- update to 6.11:
  + This release adds support to icap template allowing to display a templated
    response on block instead of redirecting to an external URL. Add new lines into
    HTTP and ICAP response header to set X-Infection-Found and X-Virus-ID when a
    virus is found. With the possiblity to scan data sent without preview this
    allow some commercial product like MoveIt DMZ to work with c-icap and
    squidclamav service. Lot of code clean up and bug fixes.
  + Replace clamd STREAM by zINSTREAM protocol as clamav have removed
    the obsolete STREAM protocol in release 0.97.4. Thanks to Vasan and
    Raja Lakshmi for the report.
- use /var/run/clamav/clamd-socket as clamav socket per default
- move squidclamav libs to the c_icap libdir under /usr/lib/
- add MALWARE_FOUND template for c_icap
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 5) 
- place libraries in %{_prefix}/lib/c_icap/ as all the other 
  c-icap modules
- use README.SUSE
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 4) 
ran spec-cleaner
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 3) 
- update to 6.10:
  + Replaced clamd STREAM by zINSTREAM protocol as clamav have 
    removed the obsolete STREAM protocol in release 0.97.4.
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 2) 
- update to 6.9:
  + Add 'safebrowsing' configuration directive to enable/disable
    Safe Browsing detection
  + Fix support to Clamav Google Safe Browsing that need a second
    query to clamd because the url need to be embeded in an email
    like content. Thanks to frOgz for the report
  + All redirect CGI scripts have been rewritten with some CSS and
    to better handle virus vs malware.
  + Compatibility fix with new c-icap 0.2.1 release that prevent
    squidclamav service to be initialized.
  + Add a workaround for a squidGuard bug that unescape the URL and
    send it back unescaped. This result in garbage staying into pipe
    of the system command call and could crash squidclamav on next
    read or return false information. This is specially true with URL
    containing the %0D or %0A character.
  + Update documentation about the recommanded way to call squidGuard
    through the use of url_rewrite_program in squid.conf. You may not
    use the squidguard configuration directive into squidclamav.conf
  + Rewrite entirely the squidclamav behavior with the maxsize directive.
    The previous fix was only a workaround.
  + Fix a bug on 'trustclient' check part that was never executed if
    dnslookup was disabled. Thanks to Tinu for the report.
- removed upstreamed squidclamav-fix_html.patch
Christian Wittmer's avatar Christian Wittmer (computersalat) accepted request 113408 from Lars Vogdt's avatar Lars Vogdt (lrupp) (revision 1) 
squidclamav is an add-on to squid3 like squidGuard and allows to 
filter requested webcontent via clamav. 
The required package c-icap will follow with an additional sr to 
this devel project.
Displaying all 15 revisions
openSUSE Build Service is sponsored by
Places