debian/0000755000000000000000000000000013325607764007203 5ustar debian/rules0000755000000000000000000000076513324653656010273 0ustar #!/usr/bin/make -f #export DH_VERBOSE=1 export DEB_BUILD_MAINT_OPTIONS = hardening=+all %: dh $@ override_dh_auto_configure: dh_auto_configure -- $(shell DEB_LDFLAGS_MAINT_APPEND="-Wl,-z,defs" \ DEB_CFLAGS_MAINT_APPEND="-D_FILE_OFFSET_BITS=64" dpkg-buildflags --export=configure) \ --disable-clamav --without-pcre override_dh_auto_build-arch: dh_auto_build -a -- V=1 override_dh_auto_install: dh_auto_install rm debian/libclamunrar7/usr/lib/*/*.la rm debian/libclamunrar7/usr/lib/*/*.so debian/control0000644000000000000000000000262613325607764010614 0ustar Source: libclamunrar Priority: optional Section: non-free/libs Maintainer: Ubuntu Developers XSBC-Original-Maintainer: ClamAV Team Uploaders: Michael Tautschnig , Stephen Gran , Sebastian Andrzej Siewior Build-Depends: debhelper (>= 9), zlib1g-dev, libbz2-dev, libssl-dev, pkg-config Standards-Version: 4.1.4 Vcs-Git: https://salsa.debian.org/clamav-team/libclamunrar.git -b unstable Vcs-Browser: https://salsa.debian.org/clamav-team/libclamunrar Homepage: https://www.clamav.net/ XS-Autobuild: yes Package: libclamunrar7 Architecture: any Depends: libclamav7, ${shlibs:Depends}, ${misc:Depends} Description: anti-virus utility for Unix - unrar support Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon in the clamav-daemon package, a command-line scanner in the clamav package, and a tool for automatic updating via the Internet in the clamav-freshclam package. The programs are based on libclamav7, which can be used by other software. . This package provides support for RAR packaged files or mail attachments. Support will be available once this package is installed and clamd or a local clamscan is restarted. debian/watch0000644000000000000000000000026713324653656010241 0ustar version=3 opts="uversionmangle=s/(\d+)-*(beta|rc)/$1~$2/,dversionmangle=s/\+dfsg//,pgpsigurlmangle=s/$/.sig/" \ https://www.clamav.net/download.html /downloads/.*/clamav-(.*).tar.gz debian/upstream/0000755000000000000000000000000013324653656011043 5ustar debian/upstream/signing-key.asc0000644000000000000000000000265213324653656013764 0ustar -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1 mQGiBFUuscERBAChEuHjPMqJMY6N9OpR1HppjLLLIEyOfCwt7jIysw92K5tfa1P1 sC714WaSPrjzvqSUcUpEAy3IvcWQjMil3zQdcIR/kzdTLN7e6iyqST3uZe2KtjpT cYHIdH31i7wS5BtnE+3kw8KLPhjE6p1lD2V3Pv7nAa5cMkdi9R5HCk1TNwCg5HMj 8Jx13nEcGIDjQP39eHdaYHcD/1tlzPJZ0vj6WrAoZFPvVEl/Mhgn5xfC6kXioSy7 CG3DmXuUszpncFAlA9y2qXRkjBg65Z3c9ed95W2QPQLmY0DgBzcg/7lTxI+8/EJC VMwSebzlEBKxMxuy5LdWvDelIZQuT0EHEQFzR+uTGp7HcYOLTj9ROy9LfT+rw3WV bXfXA/9wOX4WU2mUf62/c4Bz5SiNq8Jtrq1KoPXyLAkRXFIaMP2ay3qZRYPRo2qV wRB35hQlfLbK06yPvRYYUY47lA5pU6hTyrZQc8qGraKndVl07/8sMB2yTb/8IybQ lyCTyzzmXrGzW+j2GbTYTPTf5ectbNR//irDGs8S+zNwsj5RxbQvVGFsb3MgKFRh bG9zIEdQRyBLZXkpIDxyZXNlYXJjaEBzb3VyY2VmaXJlLmNvbT6IZQQTEQIAJgUC VS6xwQIbAwUJA8JnAAYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJELPVNCwmBCmg MU0AnjZF4V3ogtU/xCddQbORpbgEtio9AJjJ3FADpCuNI/CHNmsft5inVZuEiEYE EBECAAYFAlUus34ACgkQQLjqI2QiHVO57ACfW9Sy9zM1FIsfS4lAPrJszhdy0xkA n1KLqgeS/PKkOk/WHozknx92s3N2uQENBFUuscQQBACsbQDPfGgKScmeryK5eHVo UtOF2mmlaD5MgFE+3jPH/b/p4+uIRDc/MRB+VWO/0g6ZzXd+f/h9jpFP4fstMnvX 0/DdqD2cIWNJnl6Mr9/BTiMki91mugdeL3/IAYhS2rAmHgdNnMq4XcMHnU7VBr1O PCOQQ1rGYne1d4HQDMu+xwADBQQAkjf9BV82XQaFdwtpNadLDGFz2WwlG/DViP9G rE5or1C3k1jc7UfgvuSIq1wBG3MW5KZaSs6aJ9mHkC8tj16C/ct1Z4t3CYZLXM83 VwLEqRYvChBWqwT1VXTXFvfZ1VHHUELrYu6zhRXm+NlRkAyQ8JHR+YAmJGKZvufn fiCvKbSITwQYEQIADwUCVS6xxAIbDAUJA8JnAAAKCRCz1TQsJgQpoL3GAKCiF3sE GvyBCihREm45qqScpVpMnACfUVexUPkgeMq4ZiEpMQbZfjq08f8= =Ybvy -----END PGP PUBLIC KEY BLOCK----- debian/compat0000644000000000000000000000000213325607755010401 0ustar 9 debian/copyright0000644000000000000000000001404713324653656011144 0ustar This package was debianized by Stephen Gran and Michael Tautschnig on Thu, 02 Apr 2009 11:36:09 +0200 The upstream's source can be downloaded from http://www.clamav.net/ Upstream Authors: Tomasz Kojm , Nigel Horne The full set of contributors can be found in the AUTHORS file Copyright: This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 dated June, 1991. This package is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this package; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. On Debian GNU/Linux systems, the complete text of the GNU General Public License can be found in `/usr/share/common-licenses/GPL-2'. REGARDING OPENSSL In addition, as a special exception, the copyright holders give permission to link the code of portions of this program with the OpenSSL library under certain conditions as described in each individual source file, and distribute linked combinations including the two. You must obey the GNU General Public License in all respects for all of the code used other than OpenSSL. If you modify file(s) with this exception, you may extend this exception to your version of the file(s), but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version. If you delete this exception statement from all source files in the program, then also delete it here. libclamunrar_iface/unrar_iface.c and libclamunrar_iface/unrar_iface.h are Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved. Copyright (C) 2007-2013 Sourcefire, Inc. and are licensed under the terms of the LGPL: This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; version 2.1 of the License. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA On Debian GNU/Linux systems, the complete text of the GNU General Public License can be found in `/usr/share/common-licenses/LGPL-2.1'. libclamunrar/unrarhlp.c and libclamunrar/unrarhlp.h are Copyright (C) 2007 Sourcefire, Inc. All other source files in libclamunrar/ are Copyright (C) 2005,2006 trog@uncon.org and based on the work of Alexander L. Roshal (C) libclamunrar/unrar.c, unrarvm.c, and unrar20.c patches added by Sourcefire, Inc. Copyright (C) 2007-2013 All source files in libclamunrar/ are licences under the terms of the UNRAR license: The UnRAR sources may be used in any software to handle RAR archives without limitations free of charge, but cannot be used to re-create the RAR compression algorithm, which is proprietary. Distribution of modified unRAR sources in separate form or as a part of other software is permitted, provided that it is clearly stated in the documentation and source comments that the code may not be used to develop a RAR (WinRAR) compatible archiver. Original UnRAR licence: ****** ***** ****** UnRAR - free utility for RAR archives ** ** ** ** ** ** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ****** ******* ****** License for use and distribution of ** ** ** ** ** ** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ** ** ** ** ** ** FREE portable version ~~~~~~~~~~~~~~~~~~~~~ The source code of UnRAR utility is freeware. This means: 1. All copyrights to RAR and the utility UnRAR are exclusively owned by the author - Alexander Roshal. 2. The UnRAR sources may be used in any software to handle RAR archives without limitations free of charge, but cannot be used to re-create the RAR compression algorithm, which is proprietary. Distribution of modified UnRAR sources in separate form or as a part of other software is permitted, provided that it is clearly stated in the documentation and source comments that the code may not be used to develop a RAR (WinRAR) compatible archiver. 3. The UnRAR utility may be freely distributed. It is allowed to distribute UnRAR inside of other software packages. 4. THE RAR ARCHIVER AND THE UnRAR UTILITY ARE DISTRIBUTED "AS IS". NO WARRANTY OF ANY KIND IS EXPRESSED OR IMPLIED. YOU USE AT YOUR OWN RISK. THE AUTHOR WILL NOT BE LIABLE FOR DATA LOSS, DAMAGES, LOSS OF PROFITS OR ANY OTHER KIND OF LOSS WHILE USING OR MISUSING THIS SOFTWARE. 5. Installing and using the UnRAR utility signifies acceptance of these terms and conditions of the license. 6. If you don't agree with terms of the license you must remove UnRAR files from your storage devices and cease to use the utility. Thank you for your interest in RAR and UnRAR. Alexander L. Roshal This package can be auto-built in the Debian non-free network because the limitations in paragraphs 2. and 3. do not affect distribution in this way. If such auto-building is not permitted anymore because of license changes, please notify nonfree@release.debian.net immediately. debian/libclamunrar7.symbols0000644000000000000000000000115613324653656013362 0ustar libclamunrar.so.7 libclamunrar7 #MINVER# CLAMAV_PRIVATE_UNRAR@CLAMAV_PRIVATE_UNRAR 0.99 ppm_constructor@CLAMAV_PRIVATE_UNRAR 0.99 ppm_destructor@CLAMAV_PRIVATE_UNRAR 0.99 rar_init_filters@CLAMAV_PRIVATE_UNRAR 0.99 rar_unpack@CLAMAV_PRIVATE_UNRAR 0.99 rarvm_free@CLAMAV_PRIVATE_UNRAR 0.99 libclamunrar_iface.so.7 libclamunrar7 #MINVER# CLAMAV_PRIVATE@CLAMAV_PRIVATE 0.99 libclamunrar_iface_LTX_unrar_close@CLAMAV_PRIVATE 0.99 libclamunrar_iface_LTX_unrar_extract_next@CLAMAV_PRIVATE 0.99 libclamunrar_iface_LTX_unrar_extract_next_prepare@CLAMAV_PRIVATE 0.99 libclamunrar_iface_LTX_unrar_open@CLAMAV_PRIVATE 0.99 debian/source/0000755000000000000000000000000013324653656010503 5ustar debian/source/format0000644000000000000000000000001413324653656011711 0ustar 3.0 (quilt) debian/libclamunrar7.links0000644000000000000000000000025613324653656013012 0ustar /usr/share/doc/libclamav7/README.Debian.gz /usr/share/doc/libclamunrar7/README.Debian.gz /usr/share/doc/libclamav7/NEWS.Debian.gz /usr/share/doc/libclamunrar7/NEWS.Debian.gz debian/.git-dpm0000644000000000000000000000043313324653656010545 0ustar # see git-dpm(1) from git-dpm package f4b8c31ec6251237f53a36d83c6b34394b8fd24b f4b8c31ec6251237f53a36d83c6b34394b8fd24b f4b8c31ec6251237f53a36d83c6b34394b8fd24b f4b8c31ec6251237f53a36d83c6b34394b8fd24b libclamunrar_0.100.1.orig.tar.xz 9806b0872b1d0d7491c8ba83c7997f69ce60bdb6 330052 debian/changelog0000644000000000000000000001164513325607747011065 0ustar libclamunrar (0.100.1-1~ubuntu0.14.04.1) trusty-security; urgency=medium * Updated to new version to fix compatibility with clamav security update. - debian/{control,compat}: revert to debhelper 9. -- Marc Deslauriers Tue, 24 Jul 2018 07:24:06 -0400 libclamunrar (0.100.1-1) unstable; urgency=medium [ Scott Kitterman ] * Delete symlinks to files no longer shipped in libclamav7 (Closes: #903792) [ Sebastian Andrzej Siewior ] * Update to upstream version. - Buffer over-read in unRAR code due to missing max value checks in table initialization. Reported by Rui Reis. -- Sebastian Andrzej Siewior Sat, 21 Jul 2018 17:58:50 +0200 libclamunrar (0.100.0-1) unstable; urgency=medium * Update to new upstream version (Closes: #873027). * Update compat level to 11. * Drop autoreconf related build-depends. * Point Vcs* to salsa. * Bumped standards version to 4.1.4. - Use priority optional. * Use https in the watchfile. * Use `hardening=+all'. -- Sebastian Andrzej Siewior Thu, 21 Jun 2018 21:28:32 +0200 libclamunrar (0.99-4) unstable; urgency=medium * Cherry pick fix for arbitrary memory write. CVE-2012-6706 (Closes: #867223). -- Sebastian Andrzej Siewior Wed, 05 Jul 2017 00:12:51 +0200 libclamunrar (0.99-3) unstable; urgency=medium * Add a fixup for bb11601. * Update VCS links. * Bumped standards version to 3.9.8 (no changes required). * Update compat level to 10. * Drop autoreconv - it is default now -- Sebastian Andrzej Siewior Sat, 17 Dec 2016 22:00:03 +0100 libclamunrar (0.99-2) unstable; urgency=medium * Add patches from upstream bugzilla bb11600 and bb11601 to fix out of band access * drop openssl check (Closes: #828383). -- Sebastian Andrzej Siewior Thu, 03 Nov 2016 21:39:40 +0100 libclamunrar (0.99-1) unstable; urgency=medium [ Scott Kitterman ] * Correct debian/copyright to add missing copyright declarations/dates [ Sebastian Andrzej Siewior ] * Bumped standards version to 3.9.6 (no changes required). * Import new upstream. This is required because clamav's major .so version changed. * switch from libclamunrar6 to libclamunrar7 * copy clamav's watch file * add pkg-config to dependencies so autoreconf does not break * don't link against libpcre if available. -- Sebastian Andrzej Siewior Fri, 04 Dec 2015 21:29:11 +0100 libclamunrar (0.98.5-1) unstable; urgency=medium [ Sebastian Andrzej Siewior ] * Update to new upstream version. - Finaly address "double-free error exists within the unrar_extract_next_prepare()" (Closes: #770647) * Drop automake workaround, the bug was fixed. * Fix LFS support using the same approach as clamav for compatibility and correctness [ Scott Kitterman ] * Add build-dep on libssl-dev, needed for configure even if not used in libclamunrar * Update debian/copyright to add openssl exception per COPYING -- Sebastian Andrzej Siewior Sat, 22 Nov 2014 22:25:35 +0100 libclamunrar (0.98.1-1) unstable; urgency=low * New upstream version * redo rules files to something smaller like we do have in the clamav package. * Do autoreconf before configure (closes: #727917). * Enable hardened build flags (closes: #741080). * Remove all .la files (clamd works without them). * Add VCS-* tags. * Add myself as uploader. * Remove *.so files (lintian warning). * Add a symbol file. * Bumb standards version to 3.9.1 after made the required changes. -- Sebastian Andrzej Siewior Sat, 03 May 2014 20:24:05 +0200 libclamunrar (0.96.4-1) unstable; urgency=low * New upstream version * Bumped standards version to 3.9.1 (no changes). -- Michael Tautschnig Tue, 26 Oct 2010 00:16:24 +0200 libclamunrar (0.96-2) unstable; urgency=low * Make configure executable (caused by buggy packaging) -- Michael Tautschnig Fri, 16 Apr 2010 21:12:18 +0200 libclamunrar (0.96-1) unstable; urgency=low * New upstream version * Bumped standards version to 3.8.4 (no changes). -- Michael Tautschnig Tue, 13 Apr 2010 18:26:13 +0200 libclamunrar (0.95.3-1) unstable; urgency=low * Added XS-Autobuild flag and requested stanza to debian/copyright to allow auto-building in non-free network (closes: #548667). * Build-dep on zlib1g-dev (closes: #551805), also build-deb libbz2-dev. * Bumped standards version to 3.8.3 (no changes). -- Michael Tautschnig Sun, 01 Nov 2009 13:20:05 +0100 libclamunrar (0.95.2-1) unstable; urgency=low * New upstream version -- Stephen Gran Mon, 15 Jun 2009 23:25:52 +0100 libclamunrar (0.95.1-1) unstable; urgency=low * Initial release -- Michael Tautschnig Sun, 12 Apr 2009 18:01:51 +0200