aboutsummaryrefslogtreecommitdiff
path: root/app/antivirus/clamav/clamav.SlackBuild
diff options
context:
space:
mode:
authorrhatto <rhatto@370017ae-e619-0410-ac65-c121f96126d4>2009-04-25 18:40:04 +0000
committerrhatto <rhatto@370017ae-e619-0410-ac65-c121f96126d4>2009-04-25 18:40:04 +0000
commit214e7e7ceeafab1a5a6e5c916f5e1610feeb569f (patch)
treef4484564c1452eacb4b35fc7c65bd6cd85f0667a /app/antivirus/clamav/clamav.SlackBuild
parentd31e9dd698f3287d6b972113047781339921851e (diff)
downloadslackbuilds-214e7e7ceeafab1a5a6e5c916f5e1610feeb569f.tar.gz
slackbuilds-214e7e7ceeafab1a5a6e5c916f5e1610feeb569f.tar.bz2
clamav: updating to fix CVE-2008-5050 and CVE-2008-5314
git-svn-id: svn+slack://slack.fluxo.info/var/svn/slackbuilds@2158 370017ae-e619-0410-ac65-c121f96126d4
Diffstat (limited to 'app/antivirus/clamav/clamav.SlackBuild')
-rwxr-xr-xapp/antivirus/clamav/clamav.SlackBuild85
1 files changed, 78 insertions, 7 deletions
diff --git a/app/antivirus/clamav/clamav.SlackBuild b/app/antivirus/clamav/clamav.SlackBuild
index 9f948cbd..6133c9ab 100755
--- a/app/antivirus/clamav/clamav.SlackBuild
+++ b/app/antivirus/clamav/clamav.SlackBuild
@@ -16,7 +16,8 @@
#
# slackbuild for clamav, by Sivio Rhatto
# requires:
-# tested: clamav-0.94
+# tested: clamav-0.95.1
+# model: generic.mkSlackBuild $Rev: 805 $
#
# Look for slackbuildrc
@@ -31,13 +32,14 @@ CWD="$(pwd)"
SRC_NAME="clamav"
PKG_NAME="clamav"
ARCH=${ARCH:=i486}
-SRC_VERSION=${VERSION:=0.94}
+SRC_VERSION=${VERSION:=0.95.1}
PKG_VERSION="$(echo "$SRC_VERSION" | tr '[[:blank:]-]' '_')"
BUILD=${BUILD:=1rha}
SRC_DIR=${SRC_DIR:=$CWD}/$PKG_NAME
TMP=${TMP:=/tmp}
PKG=${PKG:=$TMP/package-$PKG_NAME}
REPOS=${REPOS:=$TMP}
+SLACKBUILD_PATH=${SLACKBUILD_PATH:="app/antivirus/clamav"}
PREFIX=${PREFIX:=/usr}
PKG_WORK="$TMP/$SRC_NAME"
CONF_OPTIONS=${CONF_OPTIONS:="--sysconfdir=/etc"}
@@ -47,9 +49,9 @@ NUMJOBS=${NUMJOBS:=""}
LIBDIR="$PREFIX/lib"
if [ "$ARCH" = "i386" ]; then
- SLKCFLAGS="-O2 -march=i386 -mcpu=i686"
+ SLKCFLAGS="-O2 -march=i386 -mtune=i686"
elif [ "$ARCH" = "i486" ]; then
- SLKCFLAGS="-O2 -march=i486 -mcpu=i686"
+ SLKCFLAGS="-O2 -march=i486 -mtune=i686"
elif [ "$ARCH" = "i686" ]; then
SLKCFLAGS="-O2 -march=i686"
elif [ "$ARCH" = "s390" ]; then
@@ -65,6 +67,7 @@ ERROR_WGET=31; ERROR_MAKE=32; ERROR_INSTALL=33
ERROR_MD5=34; ERROR_CONF=35; ERROR_HELP=36
ERROR_TAR=37; ERROR_MKPKG=38; ERROR_GPG=39
ERROR_PATCH=40; ERROR_VCS=41; ERROR_MKDIR=42
+ERROR_MANIFEST=43;
# Clean up any leftovers of previous builds
rm -rf "$PKG_WORK" 2> /dev/null
@@ -86,7 +89,7 @@ fi
# Dowload source if necessary
SRC="$SRC_NAME-$VERSION.tar.gz"
-URL="http://ufpr.dl.sourceforge.net/sourceforge/clamav/$SRC"
+URL="http://downloads.sourceforge.net/clamav/$SRC"
if [ ! -s "$SRC_DIR/$SRC" ] || ! gunzip -t "$SRC_DIR/$SRC" 2> /dev/null; then
wget "$URL" -O "$SRC_DIR/$SRC" || exit $ERROR_WGET
@@ -136,6 +139,72 @@ echo Checking $SRC_DIR/$SRC with gpg using $SRC_DIR/$SIGNATURE...
gpg --verify "$SRC_DIR/$SIGNATURE" "$SRC_DIR/$SRC" || exit $ERROR_GPG
echo Success.
+# Check Manifest file
+if [ -e "$CWD/Manifest" ]; then
+
+ # Manifest signature checking
+ if grep -q -- "-----BEGIN PGP SIGNED MESSAGE-----" $CWD/Manifest; then
+ echo "Checking Manifest signature..."
+ gpg --verify $CWD/Manifest
+ if [ "$?" != "0" ]; then
+ exit $ERROR_MANIFEST
+ fi
+ fi
+
+ MANIFEST_LINES="`grep -E -v "^(MKBUILD|SLACKBUILD)" $CWD/Manifest | wc -l`"
+
+ for ((MANIFEST_COUNT=1; MANIFEST_COUNT <= $MANIFEST_LINES; MANIFEST_COUNT++)); do
+
+ MANIFEST_LINE="`grep -E -v "^(MKBUILD|SLACKBUILD)" $CWD/Manifest | head -n $MANIFEST_COUNT | tail -n 1`"
+ MANIFEST_FILE="`echo $MANIFEST_LINE | awk '{ print $2 }'`"
+ MANIFEST_FILE_TYPE="`echo $MANIFEST_LINE | awk '{ print $1 }'`"
+
+ if [ -e "$SRC_DIR/$MANIFEST_FILE" ]; then
+ MANIFEST_FILE="$SRC_DIR/$MANIFEST_FILE"
+ else
+ MANIFEST_FILE="`find $CWD -name $MANIFEST_FILE`"
+ fi
+
+ if [ ! -e "$MANIFEST_FILE" ] || [ -d "$MANIFEST_FILE" ]; then
+ continue
+ fi
+
+ echo "Checking Manifest for $MANIFEST_FILE_TYPE $MANIFEST_FILE integrity..."
+
+ SIZE_SRC="`wc -c $MANIFEST_FILE | awk '{ print $1 }'`"
+ SIZE_MANIFEST="`echo $MANIFEST_LINE | awk '{ print $3 }'`"
+
+ # Check source code size
+ if [ "$SIZE_SRC" != "$SIZE_MANIFEST" ]; then
+ echo "SIZE Manifest: $SIZE_MANIFEST; SIZE $SRC: $SIZE_SRC"
+ exit $ERROR_MANIFEST
+ else
+ echo "Size match."
+ fi
+
+ # Check source code integrity
+ for ALGO in md5 rmd160 sha1 sha256 sha512; do
+ if [ $ALGO = "rmd160" ]; then
+ ALGO_SRC="`openssl rmd160 $MANIFEST_FILE | awk '{ print $2 }'`"
+ else
+ ALGO_SRC="`"$ALGO"sum $MANIFEST_FILE | awk '{ print $1 }'`"
+ fi
+ ALGO="`echo $ALGO | tr '[:lower:]' '[:upper:]'`"
+ ALGO_MANIFEST=$(echo $MANIFEST_LINE | sed "s/.* $ALGO //" | awk '{ print $1 }')
+ if [ "$ALGO_SRC" != "$ALGO_MANIFEST" ]; then
+ echo "$ALGO Manifest: $ALGO_MANIFEST; $ALGO $SRC: $ALGO_SRC"
+ exit $ERROR_MANIFEST
+ else
+ echo "$ALGO match."
+ fi
+ done
+
+ done
+
+else
+ exit $ERROR_MANIFEST
+fi
+
# Untar
cd "$PKG_WORK"
tar --no-same-owner --no-same-permissions -xvf "$SRC_DIR/$SRC" || exit $ERROR_TAR
@@ -201,6 +270,7 @@ for config_file in etc/clamd.conf etc/freshclam.conf; do
done
# Add a post-installation script (doinst.sh)
+mkdir -p "$PKG/install" || exit $ERROR_MKDIR
cat << EOSCRIPT > "$PKG/install/doinst.sh"
config() {
NEW="\$1"
@@ -244,9 +314,10 @@ EOSCRIPT
# Build the package
cd "$PKG"
-makepkg -l y -c n "$REPOS/$PKG_NAME-$PKG_VERSION-$ARCH-$BUILD.tgz" || exit $ERROR_MKPKG
+mkdir -p $REPOS/$SLACKBUILD_PATH
+makepkg -l y -c n "$REPOS/$SLACKBUILD_PATH/$PKG_NAME-$PKG_VERSION-$ARCH-$BUILD.tgz" || exit $ERROR_MKPKG
# Delete source and build directories if requested
-if [ "$CLEANUP" == "yes" ]; then
+if [ "$CLEANUP" == "yes" ] || [ "$1" = "--cleanup" ]; then
rm -rf "$PKG_WORK" "$PKG"
fi