me/guix
Archived
1
0
Fork 0
Code Activity
This repository has been archived on 2024-08-07. You can view files and clone it, but cannot push or open issues or pull requests.
guix/gnu/packages/antivirus.scm
kiasoc5 226103fdd1
gnu: clamav: Update to 0.103.8 [security fixes]. 
Fixes CVE-2023-20032 and CVE-2023-20052.

* gnu/packages/antivirus.scm (clamav): Update to 0.103.8.

Signed-off-by: Leo Famulari <leo@famulari.name>
2023-02-26 12:44:04 -05:00

158 lines
7.1 KiB
Scheme
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2016, 2017, 2018, 2019, 2020 Eric Bavier <bavier@posteo.net>
;;; Copyright © 2018 Christopher Baines <mail@cbaines.net>
;;; Copyright © 20192021 Tobias Geerinckx-Rice <me@tobias.gr>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages antivirus)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix build-system gnu)
#:use-module (guix gexp)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix utils)
#:use-module (gnu packages)
#:use-module (gnu packages autotools)
#:use-module (gnu packages bison)
#:use-module (gnu packages check)
#:use-module (gnu packages compression)
#:use-module (gnu packages curl)
#:use-module (gnu packages cyrus-sasl)
#:use-module (gnu packages flex)
#:use-module (gnu packages llvm)
#:use-module (gnu packages multiprecision)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages pcre)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages tls)
#:use-module (gnu packages web)
#:use-module (gnu packages xml))
(define-public clamav
(package
(name "clamav")
(version "0.103.8")
(source (origin
(method url-fetch)
(uri (string-append "https://www.clamav.net/downloads/production/"
"clamav-" version ".tar.gz"))
(sha256
(base32
"0gwcikzfdswrdh5vhh3x4lx8w92476fmb7im7phnv4r7x5pdljbg"))
(modules '((guix build utils)))
(snippet
'(begin
(for-each delete-file-recursively
'("win32" ; unnecessary
"libclamav/c++/llvm" ; use system llvm
"libclamav/tomsfastmath" ; use system tomsfastmath
"libclamunrar")))) ; non-free license
(patches
(search-patches "clamav-system-tomsfastmath.patch"
"clamav-config-llvm-libs.patch"))))
(build-system gnu-build-system)
(native-inputs
(list autoconf
automake
check ; for tests
libtool
pkg-config))
(inputs
(list bzip2
curl
json-c
libltdl
libmspack
llvm-3.6 ; requires <3.7, for JIT/verifier
ncurses
libressl
pcre2
cyrus-sasl ; for linking curl with libtool
tomsfastmath
libxml2
zlib))
(arguments
(list #:configure-flags
#~(let-syntax ((with (syntax-rules ()
((_ name use)
(string-append "--with-" name "="
(assoc-ref %build-inputs use))))))
(list "--disable-unrar"
"--enable-llvm"
"--with-system-llvm"
"--with-system-libmspack"
"--without-included-ltdl"
(with "xml" "libxml2")
(with "openssl" "libressl")
(with "libjson" "json-c")
(with "pcre2" "pcre2")
(with "zlib" "zlib")
(with "libcurl" "curl")
;; For sanity, specifying --enable-* flags turns
;; "support unavailable" warnings into errors.
"--enable-bzip2"
"--enable-check"
"--sysconfdir=/etc/clamav"
;; Default database directory needs to be writeable
"--with-dbdir=/var/db/clamav"))
;; install sample .conf files to %output/etc rather than /etc/clamav
#:make-flags
#~(list (string-append "sysconfdir=" %output "/etc"))
#:phases
#~(modify-phases %standard-phases
;; Regenerate configure script. Without this we don't get
;; the correct value for LLVM linker variables.
(add-after 'unpack 'reconf
(lambda _ (invoke "autoreconf" "-vfi")))
(add-before 'configure 'patch-llvm-config
(lambda _
(substitute* '("libclamav/c++/detect.cpp"
"libclamav/c++/ClamBCRTChecks.cpp"
"libclamav/c++/bytecode2llvm.cpp")
(("llvm/Config/config.h") "llvm/Config/llvm-config.h"))
;; `llvm-config --libfiles` inappropriately lists lib*.a
;; libraries, rather than the lib*.so's that our llvm
;; contains. They're used only for listing extra build
;; dependencies, so ignore them until that's fixed.
(substitute* "libclamav/c++/Makefile.in"
(("@LLVMCONFIG_LIBFILES@") ""))))
(add-before 'check 'skip-clamd-tests
;; XXX: The check?_clamd tests fail inside the build
;; chroot, but pass outside.
(lambda _
(substitute* "unit_tests/Makefile"
(("check2_clamd.sh.*check4_clamd.sh") "")))))))
(home-page "https://www.clamav.net")
(synopsis "Antivirus engine")
(description
"Clam AntiVirus is an anti-virus toolkit, designed especially for e-mail
scanning on mail gateways. It provides a number of utilities including a
flexible and scalable multi-threaded daemon, a command line scanner, and
advanced tool for automatic database updates. The core of the package is an
anti-virus engine available in the form of a shared library.")
(license (list license:gpl2+ ;ClamAV itself
license:lgpl2.1 ;libclamav/mspack.[ch]
license:public-domain ;libclamav/7z/*, libclamav/rijndael.[ch], etc...
(package-license bzip2) ;modified bzip2 source in libclamav/nsis
license:bsd-2 ;several files in libclamav
license:bsd-3 ;libclamav/{regex,qsort.c,swf.[ch]
license:ncsa ;libclamav/c++/PointerTracking.cpp
license:zlib ;libclamav/inf*.h
license:x11 ;libclamav/lzw
(license:non-copyleft "libclamav/strlcat.c") ;"OpenBSD" license
license:asl2.0 ;libclamav/yara*
license:expat)))) ;shared/getopt.[ch]
View git blame Copy permalink