@@ -1,3 +1,7 @@

+Sun Feb 15 14:10:19 CET 2004 (tk)

+---------------------------------

+  V 0.67 (released with OLE2 and Dazuko support disabled)

+

 Sun Feb 15 12:06:12 GMT 2004 (trog)

 -----------------------------------

  * libclamav/vba_extract.c: Fix memory leak

@@ -2,6 +2,141 @@ Note: This README/NEWS file refers to the source tarball. Some things described

 here may not be available in binary packages.

 --

+0.67

+----

+This release fixes a memory management problem (platform dependent; can lead

+to a DoS attack) with messages that only have attachments (reported by Oliver

+Brandmueller). It also contains patches for a few problems found in 0.66 and

+has better Cygwin support.

+

+0.66

+----

+This version is a response to the "clamav 0.65 remote DOS exploit" information

+published on popular security-related mailing lists. Unfortunately we had

+not been contacted by the author before he published that and had to release

+this (unplanned) package very quickly (it should be mentioned that CVS version

+was not vulnerable to the exploit). Untested code has been disabled also

+the Dazuko support is temporarily not available (if you really need it please

+use a CVS version or wait for a next stable release). Other noteworthy changes:

+

+-) clamd:

+    + fixed database timestamp handling (and a double reload problem reported

+      by Alex Pleiner and Ole Stanstrup)

+    + new directive: ArchiveMaxCompressionRatio

+    + new command: SESSION (starts a clamd session and allows to do multiple

+      commands per TCP session)

+    + new directives: TemporaryDirectory, LogClean (Andrey V. Malyshev)

+

+-) clamav-milter: (Nigel Horne)

+    + added support for AllowSupplementaryGroups and ThreadTimeout

+    + added --quarantine-dir (thanks to Michael Dankov)

+    + added --noreject (thanks to Vijay Sarvepalli)

+    + added --headers (thanks Leonid Zeitlin)

+    + added --sign option

+

+-) libclamav:

+    + detect Worm.SCO.A bounces (Nigel)

+    + prevent buffer overflow in broken uuencoded files (Nigel)

+    + scan multipart alternatives that have no boundaries (Nigel)

+    + better handling of encapsulated messages (Nigel)

+    + locate uuencoded viruses hidden in text portions of multipart/mixed

+      mime messages (Nigel)

+    + initial support for BinHex (Nigel)

+    + fixed a mail recursion loop (problem reported by Alex Kah and Kristof

+      Petr)

+    + fixed bzip2 memory limit (improper call suggested by the buggy libbz2

+      documentation, problem reported by Tomasz Klim)

+    + fixed on error descriptor leak in CVD unpacker (Thomas Lamy)

+    + fixed memory leak in digital signature verification code (Thomas Lamy)

+    + added maximal compression ratio limit (cl_limits->maxratio)

+

+-) clamscan:

+    + support for multiple arguments on command line (Thomas Lamy)

+    + fixed buffer overflow in --move (Denis De Messemacker)

+    + removed support for sendfile() under Linux

+

+-) freshclam:

+    + support for freshclam.conf (that may be optionally merged with

+      clamav.conf, command line options overwrite config settings)

+    + work-around for potential database downgrade (subtle problem

+      in r-r dns handling) - reported by Daniel Mario Vega and patched

+      by Luca Gibelli

+

+-) sigtool:

+    + list virus names with --list-sigs (-l)

+

+-) contrib:

+    + clamdwatch (by Mike Cathey)

+    + windows clamd client with drag&drop support (Nigel Horne)

+

+-) documentation:

+    + complete clamdoc.pdf French translation by Stephane Jeannenot

+    + Polish how-to on ClamAV and Sendmail integration (with clamav-milter)

+      by Przemyslaw Holowczyc

+

+

+News:

+

+ClamAV was the first anti-virus protecting against Worm.SCO.A (aka MyDoom.A) !

+The signature was published by Diego d'Ambra in the daily update 105,

+26-Jan-2004 20:23 GMT and we were at least two hours faster than "big" AV

+vendors:

+http://sourceforge.net/mailarchive/forum.php?thread_id=3764826&forum_id=34654

+http://www.pcwelt.de/news/viren_bugs/37278/4.html

+

+

+clamav-devel is finally able to decode OLE2 (Microsoft Office) files and

+decompress VBA streams ! The code is developed by Trog, official ClamAV

+developer. Also we're testing new clamd implementation that will solve

+several important problems (especially that "Time out" related). Please

+help us and test the latest CVS version.

+

+

+The virus database now contains more than 20.000 signatures ! On January 8,

+Denis De Messemacker (who joined our team 3 months ago) added signatures for

+about 7700 new viruses. Also special thanks go to Tomasz Papszun for his

+hard work on daily submissions and forcing us to keep ClamAV quality on

+the highest possible level.

+

+

+New mirroring mechanisms. Luca Gibelli (ClamAV) and mirror administrators

+(22 sites, http://www.clamav.net/mirrors.html, please see clamdoc.pdf for

+a complete mirror information) are converting mirrors to new "push mirroring"

+method. It uses advanced techniques to ensure all the mirrors are up to date.

+More info: http://www.clamav.net/docs/mirrors

+

+

+"Newsworthy Hack of Kindness" - Affero.net is featuring ClamAV in its latest

+newsletter (Volume #9, January 2004: http://www.affero.net/nl/dec03.html).

+Affero is a great rate-donate system and its mission is to bring a culture

+of patronage to the Internet. Currently we only accept donations via Affero.

+You can also help us and promote our project by adding the ClamAV logo to

+your home page. Look at http://www.clamav.net/donate.html for more information.

+

+

+We would like to thank our donors:

+

+    * Jeremy Garcia (http://www.linuxquestions.org)

+    * Andries Filmer (http://www.netexpo.nl)

+    * David Eriksson (http://www.2good.nu)

+    * Dynamic Network Services, Inc (http://www.dyndns.org)

+    * epublica

+    * Invisik Corporation (http://www.invisik.com)

+    * Keith (http://www.textpad.com)

+    * Explido Software USA Inc. (http://www.explido.us)

+    * cheahch from Singapore

+    * Electric Embers

+    * Stephane Rault

+    * Brad Koehn

+    * David Farrick

+    * ActiveIntra.net Inc. (http://www.activeintra.net)

+    * An anonymous donor from Colorado, US

+

+--

+Tomasz Kojm <tkojm*clamav.net>

+February 10, 2004

+

+

 0.65

 ----

 IMPORTANT NOTE: The project has been moved into SourceForge. The only official

@@ -2,6 +2,13 @@ Note: This README/NEWS file refers to the source tarball. Some things described

 here may not be available in binary packages.

 --

+0.67

+----

+This release fixes a memory management problem (platform dependent; can lead

+to a DoS attack) with messages that only have attachments (reported by Oliver

+Brandmueller). It also contains patches for a few problems found in 0.66 and

+has better Cygwin support.

+

 0.66

 ----

 This version is a response to the "clamav 0.65 remote DOS exploit" information

@@ -26,6 +26,7 @@ install:

 	$(mkinstalldirs) $(DESTDIR)$(DBINST)

 	@test -f $(DESTDIR)$(DBINST)/main.cvd || $(INSTALL_DATA) main.cvd $(DESTDIR)$(DBINST)

 	@test -f $(DESTDIR)$(DBINST)/daily.cvd || $(INSTALL_DATA) daily.cvd $(DESTDIR)$(DBINST)

+	@test -f $(DESTDIR)$(DBINST)/mirrors.txt && rm -f $(DESTDIR)$(DBINST)/mirrors.txt || true

 	@test -f $(DESTDIR)$(DBINST)/viruses.db && rm -f $(DESTDIR)$(DBINST)/viruses.db || true

 	@test -f $(DESTDIR)$(DBINST)/viruses.db2 && rm -f $(DESTDIR)$(DBINST)/viruses.db2 || true

 	@if test `id|sed -e 's/^.[^(]*(\([^)]*\)).*/\1/'` = "root" && test -n "${CLAMAVUSER}" && test -n "${CLAMAVGROUP}"; then \

@@ -250,6 +250,7 @@ install:

 	$(mkinstalldirs) $(DESTDIR)$(DBINST)

 	@test -f $(DESTDIR)$(DBINST)/main.cvd || $(INSTALL_DATA) main.cvd $(DESTDIR)$(DBINST)

 	@test -f $(DESTDIR)$(DBINST)/daily.cvd || $(INSTALL_DATA) daily.cvd $(DESTDIR)$(DBINST)

+	@test -f $(DESTDIR)$(DBINST)/mirrors.txt && rm -f $(DESTDIR)$(DBINST)/mirrors.txt || true

 	@test -f $(DESTDIR)$(DBINST)/viruses.db && rm -f $(DESTDIR)$(DBINST)/viruses.db || true

 	@test -f $(DESTDIR)$(DBINST)/viruses.db2 && rm -f $(DESTDIR)$(DBINST)/viruses.db2 || true

 	@if test `id|sed -e 's/^.[^(]*(\([^)]*\)).*/\1/'` = "root" && test -n "${CLAMAVUSER}" && test -n "${CLAMAVGROUP}"; then \

Binary files a/clamav-devel/docs/clamdoc.pdf and b/clamav-devel/docs/clamdoc.pdf differ

@@ -24,7 +24,7 @@ original version by:  Nikos Drakos, CBLU, University of Leeds

 <BODY >

 <!--Navigation Panel-->

-<A NAME="tex2html73"

+<A NAME="tex2html74"

   HREF="node1.html">

 <IMG WIDTH="37" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="next"

  SRC="/usr/share/latex2html/icons/next.png"></A> 

@@ -32,14 +32,14 @@ original version by:  Nikos Drakos, CBLU, University of Leeds

  SRC="/usr/share/latex2html/icons/up_g.png"> 

 <IMG WIDTH="63" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="previous"

  SRC="/usr/share/latex2html/icons/prev_g.png"> 

-<A NAME="tex2html71"

+<A NAME="tex2html72"

   HREF="node1.html">

 <IMG WIDTH="65" HEIGHT="24" ALIGN="BOTTOM" BORDER="0" ALT="contents"

  SRC="/usr/share/latex2html/icons/contents.png"></A>  

 <BR>

-<B> Next:</B> <A NAME="tex2html74"

+<B> Next:</B> <A NAME="tex2html75"

   HREF="node1.html">Contents</A>

- &nbsp <B>  <A NAME="tex2html72"

+ &nbsp <B>  <A NAME="tex2html73"

   HREF="node1.html">Contents</A></B> 

 <BR>

 <BR>

@@ -60,7 +60,7 @@ original version by:  Nikos Drakos, CBLU, University of Leeds

 <BR>

 <BR>

     <DIV ALIGN="RIGHT">

-<BR>	<FONT SIZE="+3">Clam AntiVirus 0.66

+<BR>	<FONT SIZE="+3">Clam AntiVirus 0.67

 <BR>	<FONT SIZE="+3">User Manual

 <BR>	<BR>

 	<FONT SIZE="+2"><I>by Tomasz Kojm</I>

@@ -74,152 +74,152 @@ original version by:  Nikos Drakos, CBLU, University of Leeds

 <A NAME="CHILD_LINKS"></A>

 <UL>

-<LI><A NAME="tex2html75"

-  HREF="node1.html">Contents</A>

 <LI><A NAME="tex2html76"

+  HREF="node1.html">Contents</A>

+<LI><A NAME="tex2html77"

   HREF="node2.html">Introduction</A>

 <UL>

-<LI><A NAME="tex2html77"

-  HREF="node3.html">Features</A>

 <LI><A NAME="tex2html78"

-  HREF="node4.html">Mailing lists</A>

+  HREF="node3.html">Features</A>

 <LI><A NAME="tex2html79"

+  HREF="node4.html">Mailing lists</A>

+<LI><A NAME="tex2html80"

   HREF="node5.html">Virus submitting</A>

 </UL>

 <BR>

-<LI><A NAME="tex2html80"

+<LI><A NAME="tex2html81"

   HREF="node6.html">Installation</A>

 <UL>

-<LI><A NAME="tex2html81"

-  HREF="node7.html">Requirements</A>

 <LI><A NAME="tex2html82"

-  HREF="node8.html">Supported platforms</A>

+  HREF="node7.html">Requirements</A>

 <LI><A NAME="tex2html83"

-  HREF="node9.html">Binary packages</A>

+  HREF="node8.html">Supported platforms</A>

 <LI><A NAME="tex2html84"

-  HREF="node10.html">Installation</A>

+  HREF="node9.html">Binary packages</A>

 <LI><A NAME="tex2html85"

-  HREF="node11.html">Configuration</A>

+  HREF="node10.html">Installation</A>

 <LI><A NAME="tex2html86"

-  HREF="node12.html">Testing</A>

+  HREF="node11.html">Configuration</A>

 <LI><A NAME="tex2html87"

-  HREF="node13.html">freshclam: Setting up auto-updating</A>

+  HREF="node12.html">Testing</A>

 <LI><A NAME="tex2html88"

+  HREF="node13.html">freshclam: Setting up auto-updating</A>

+<LI><A NAME="tex2html89"

   HREF="node14.html">Database mirrors</A>

 </UL>

 <BR>

-<LI><A NAME="tex2html89"

+<LI><A NAME="tex2html90"

   HREF="node15.html">Usage</A>

 <UL>

-<LI><A NAME="tex2html90"

-  HREF="node16.html">Clam daemon</A>

 <LI><A NAME="tex2html91"

-  HREF="node17.html">Clamuko</A>

+  HREF="node16.html">Clam daemon</A>

 <LI><A NAME="tex2html92"

-  HREF="node18.html">Archives and compressed files</A>

+  HREF="node17.html">Clamuko</A>

 <LI><A NAME="tex2html93"

-  HREF="node19.html">Output format</A>

+  HREF="node18.html">Archives and compressed files</A>

 <LI><A NAME="tex2html94"

+  HREF="node19.html">Output format</A>

+<LI><A NAME="tex2html95"

   HREF="node20.html">Signature Tool</A>

 </UL>

 <BR>

-<LI><A NAME="tex2html95"

+<LI><A NAME="tex2html96"

   HREF="node21.html">Problem solving</A>

 <UL>

-<LI><A NAME="tex2html96"

+<LI><A NAME="tex2html97"

   HREF="node22.html">Return codes</A>

 </UL>

 <BR>

-<LI><A NAME="tex2html97"

+<LI><A NAME="tex2html98"

   HREF="node23.html">Certified software</A>

 <UL>

-<LI><A NAME="tex2html98"

-  HREF="node24.html">clamav-milter</A>

 <LI><A NAME="tex2html99"

-  HREF="node25.html">IVS Milter</A>

+  HREF="node24.html">clamav-milter</A>

 <LI><A NAME="tex2html100"

-  HREF="node26.html">smtp-vilter</A>

+  HREF="node25.html">IVS Milter</A>

 <LI><A NAME="tex2html101"

-  HREF="node27.html">mod_clamav</A>

+  HREF="node26.html">smtp-vilter</A>

 <LI><A NAME="tex2html102"

-  HREF="node28.html">TrashScan</A>

+  HREF="node27.html">mod_clamav</A>

 <LI><A NAME="tex2html103"

-  HREF="node29.html">AMaViS - "Next Generation"</A>

+  HREF="node28.html">TrashScan</A>

 <LI><A NAME="tex2html104"

-  HREF="node30.html">amavisd-new</A>

+  HREF="node29.html">AMaViS - "Next Generation"</A>

 <LI><A NAME="tex2html105"

-  HREF="node31.html">Qmail-Scanner</A>

+  HREF="node30.html">amavisd-new</A>

 <LI><A NAME="tex2html106"

-  HREF="node32.html">Sagator</A>

+  HREF="node31.html">Qmail-Scanner</A>

 <LI><A NAME="tex2html107"

-  HREF="node33.html">ClamdMail</A>

+  HREF="node32.html">Sagator</A>

 <LI><A NAME="tex2html108"

-  HREF="node34.html">BlackHole</A>

+  HREF="node33.html">ClamdMail</A>

 <LI><A NAME="tex2html109"

-  HREF="node35.html">MailScanner</A>

+  HREF="node34.html">BlackHole</A>

 <LI><A NAME="tex2html110"

-  HREF="node36.html">MIMEDefang</A>

+  HREF="node35.html">MailScanner</A>

 <LI><A NAME="tex2html111"

-  HREF="node37.html">exiscan</A>

+  HREF="node36.html">MIMEDefang</A>

 <LI><A NAME="tex2html112"

-  HREF="node38.html">scanexi</A>

+  HREF="node37.html">exiscan</A>

 <LI><A NAME="tex2html113"

-  HREF="node39.html">Mail::ClamAV</A>

+  HREF="node38.html">scanexi</A>

 <LI><A NAME="tex2html114"

-  HREF="node40.html">OpenAntiVirus samba-vscan</A>

+  HREF="node39.html">Mail::ClamAV</A>

 <LI><A NAME="tex2html115"

-  HREF="node41.html">Sylpheed Claws</A>

+  HREF="node40.html">OpenAntiVirus samba-vscan</A>

 <LI><A NAME="tex2html116"

-  HREF="node42.html">nclamd</A>

+  HREF="node41.html">Sylpheed Claws</A>

 <LI><A NAME="tex2html117"

+  HREF="node42.html">nclamd</A>

+<LI><A NAME="tex2html118"

   HREF="node43.html">cgpav</A>

 </UL>

 <BR>

-<LI><A NAME="tex2html118"

+<LI><A NAME="tex2html119"

   HREF="node44.html">LibClamAV</A>

 <UL>

-<LI><A NAME="tex2html119"

-  HREF="node45.html">General API</A>

 <LI><A NAME="tex2html120"

-  HREF="node46.html">Database reloading</A>

+  HREF="node45.html">General API</A>

 <LI><A NAME="tex2html121"

-  HREF="node47.html">Scan engine</A>

+  HREF="node46.html">Database reloading</A>

 <LI><A NAME="tex2html122"

+  HREF="node47.html">Scan engine</A>

+<LI><A NAME="tex2html123"

   HREF="node48.html">CVD format</A>

 </UL>

 <BR>

-<LI><A NAME="tex2html123"

+<LI><A NAME="tex2html124"

   HREF="node49.html">Credits</A>

 <UL>

-<LI><A NAME="tex2html124"

-  HREF="node50.html">Contributors</A>

 <LI><A NAME="tex2html125"

+  HREF="node50.html">Contributors</A>

+<LI><A NAME="tex2html126"

   HREF="node51.html">Donors</A>

 </UL>

 <BR>

-<LI><A NAME="tex2html126"

+<LI><A NAME="tex2html127"

   HREF="node52.html">Authors</A>

 <UL>

-<LI><A NAME="tex2html127"

-  HREF="node53.html">Virus Database Developers</A>

 <LI><A NAME="tex2html128"

-  HREF="node54.html">Network management</A>

+  HREF="node53.html">Virus Database Developers</A>

 <LI><A NAME="tex2html129"

-  HREF="node55.html">Graphics</A>

+  HREF="node54.html">Network management</A>

 <LI><A NAME="tex2html130"

+  HREF="node55.html">Graphics</A>

+<LI><A NAME="tex2html131"

   HREF="node56.html">Core developers</A>

 </UL>

 <BR>

-<LI><A NAME="tex2html131"

-  HREF="node57.html">Bibliography</A>

 <LI><A NAME="tex2html132"

+  HREF="node57.html">Bibliography</A>

+<LI><A NAME="tex2html133"

   HREF="node58.html">About this document ...</A>

 </UL>

 <!--End of Table of Child-Links-->

 <BR><HR>

 <ADDRESS>

 Tomasz Kojm

-2004-02-11

+2004-02-15

 </ADDRESS>

 </BODY>

 </HTML>

@@ -130,7 +130,7 @@ int downloaddb(const char *localname, const char *remotename, const char *hostna

 	if((cpt = cfgopt(copt, "HTTPProxyPassword"))) {

 	    pass = cpt->strarg;

 	} else {

-	    mprintf("HTTPProxyUsername required HTTPProxyPassword\n");

+	    mprintf("HTTPProxyUsername requires HTTPProxyPassword\n");

 	    return 57;

 	}

     }

@@ -359,7 +359,7 @@ struct cl_cvd *remote_cvdhead(const char *file, int socketfd, const char *hostna

         if(user) {

             int len;

-	    char* buf = mmalloc((strlen(pass) + strlen(user)) * 2 + 4);

+	    char *buf = mmalloc((strlen(pass) + strlen(user)) * 2 + 4);

 	    char *userpass = mmalloc(strlen(user) + strlen(pass) + 2);

 	    sprintf(userpass, "%s:%s", user, pass);

             len=fmt_base64(buf,userpass,strlen(userpass));

@@ -457,7 +457,7 @@ int get_database(const char *dbfile, int socketfd, const char *file, const char

         if(user) {

             int len;

-	    char* buf = mmalloc((strlen(pass) + strlen(user)) * 2 + 4);

+	    char *buf = mmalloc((strlen(pass) + strlen(user)) * 2 + 4);

 	    char *userpass = mmalloc(strlen(user) + strlen(pass) + 2);

 	    sprintf(userpass, "%s:%s", user, pass);

             len=fmt_base64(buf,userpass,strlen(userpass));