summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrej Kacian <ticho@gentoo.org>2007-12-20 00:29:42 +0000
committerAndrej Kacian <ticho@gentoo.org>2007-12-20 00:29:42 +0000
commit7e67e6db815861eaa36c56a477061c4dc8cc6ff7 (patch)
tree8a72c65b013458739dee217f4bacb3bc5bd1b642 /app-antivirus
parentStable on x86 wrt #202087 (diff)
downloadhistorical-7e67e6db815861eaa36c56a477061c4dc8cc6ff7.tar.gz
historical-7e67e6db815861eaa36c56a477061c4dc8cc6ff7.tar.bz2
historical-7e67e6db815861eaa36c56a477061c4dc8cc6ff7.zip
Add patches collected by Robert Buchholz <rbu at gentoo.org> to backport fixes for CVE-2007-5759, CVE-2007-6336 and CVE-2007-6337.
Package-Manager: portage-2.1.4_rc9
Diffstat (limited to 'app-antivirus')
-rw-r--r--app-antivirus/clamav/ChangeLog11
-rw-r--r--app-antivirus/clamav/Manifest33
-rw-r--r--app-antivirus/clamav/clamav-0.91.2-r1.ebuild143
-rw-r--r--app-antivirus/clamav/files/clamav-0.91.2-CVE-2007-5759.patch52
-rw-r--r--app-antivirus/clamav/files/clamav-0.91.2-CVE-2007-6336.patch21
-rw-r--r--app-antivirus/clamav/files/clamav-0.91.2-CVE-2007-6337.patch24
-rw-r--r--app-antivirus/clamav/files/digest-clamav-0.91.2-r13
7 files changed, 279 insertions, 8 deletions
diff --git a/app-antivirus/clamav/ChangeLog b/app-antivirus/clamav/ChangeLog
index 50f3089db2bf..962080090a9a 100644
--- a/app-antivirus/clamav/ChangeLog
+++ b/app-antivirus/clamav/ChangeLog
@@ -1,6 +1,15 @@
# ChangeLog for app-antivirus/clamav
# Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-antivirus/clamav/ChangeLog,v 1.257 2007/12/17 18:38:43 ticho Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-antivirus/clamav/ChangeLog,v 1.258 2007/12/20 00:29:41 ticho Exp $
+
+*clamav-0.91.2-r1 (20 Dec 2007)
+
+ 20 Dec 2007; Andrej Kacian <ticho@gentoo.org>
+ +files/clamav-0.91.2-CVE-2007-5759.patch,
+ +files/clamav-0.91.2-CVE-2007-6336.patch,
+ +files/clamav-0.91.2-CVE-2007-6337.patch, +clamav-0.91.2-r1.ebuild:
+ Add patches collected by Robert Buchholz <rbu at gentoo.org> to backport
+ fixes for CVE-2007-5759, CVE-2007-6336 and CVE-2007-6337.
*clamav-0.92 (17 Dec 2007)
diff --git a/app-antivirus/clamav/Manifest b/app-antivirus/clamav/Manifest
index 2893d1ca328e..6b759eb28dee 100644
--- a/app-antivirus/clamav/Manifest
+++ b/app-antivirus/clamav/Manifest
@@ -9,6 +9,18 @@ AUX clamav-0.90-nls.patch 2531 RMD160 442990f305b47bd0eb4c459e9ed054612259992e S
MD5 dad3ac73c0e86466301c457bfdb97952 files/clamav-0.90-nls.patch 2531
RMD160 442990f305b47bd0eb4c459e9ed054612259992e files/clamav-0.90-nls.patch 2531
SHA256 b160e11ee12df6634cb8d524816f8bba08c7cd5b6154f9bff671423a8e0031a3 files/clamav-0.90-nls.patch 2531
+AUX clamav-0.91.2-CVE-2007-5759.patch 1852 RMD160 13ff700734cca239c7960dbd1a0e7a9c4c6d4b72 SHA1 48707d513348dd87ff74beaff7370a91a097acec SHA256 78ce1337e563b6db5d7604efb14aebf9b9bf02330dd67c4d50a6e231f1921e0d
+MD5 bc26405d5d0c9b530efd3f7f01477edd files/clamav-0.91.2-CVE-2007-5759.patch 1852
+RMD160 13ff700734cca239c7960dbd1a0e7a9c4c6d4b72 files/clamav-0.91.2-CVE-2007-5759.patch 1852
+SHA256 78ce1337e563b6db5d7604efb14aebf9b9bf02330dd67c4d50a6e231f1921e0d files/clamav-0.91.2-CVE-2007-5759.patch 1852
+AUX clamav-0.91.2-CVE-2007-6336.patch 1002 RMD160 dd72433cba5bea2b163a09d82fc5c45d14a980ae SHA1 482fa318c9d1172c1a2b3a652936e8a417e11817 SHA256 c4a09b072fa4c4f0c3fde0c8a93984e081dd702454fd990abc93a45529b01dca
+MD5 3235d46e00ac5a7464bb0fc1bf393242 files/clamav-0.91.2-CVE-2007-6336.patch 1002
+RMD160 dd72433cba5bea2b163a09d82fc5c45d14a980ae files/clamav-0.91.2-CVE-2007-6336.patch 1002
+SHA256 c4a09b072fa4c4f0c3fde0c8a93984e081dd702454fd990abc93a45529b01dca files/clamav-0.91.2-CVE-2007-6336.patch 1002
+AUX clamav-0.91.2-CVE-2007-6337.patch 891 RMD160 491e27ad67741a04891e522ec2f4f7ba25f91381 SHA1 e02199c35043a1811a077e7fb6a7044dd820d12b SHA256 d6552c8990fc82fd8072b0e331ec7c1bf4ef7f3899d2edf7a2b9991bd6f2337a
+MD5 cc6d0f88f1baea086fb71dd18632441f files/clamav-0.91.2-CVE-2007-6337.patch 891
+RMD160 491e27ad67741a04891e522ec2f4f7ba25f91381 files/clamav-0.91.2-CVE-2007-6337.patch 891
+SHA256 d6552c8990fc82fd8072b0e331ec7c1bf4ef7f3899d2edf7a2b9991bd6f2337a files/clamav-0.91.2-CVE-2007-6337.patch 891
AUX clamav-milter.README.gentoo 1124 RMD160 4fb1e2d9b444874838bcea1071969ca6862fb15b SHA1 0b9b86a0e7732eaaf7f880859265754f7a4efd3a SHA256 5e7b142b68964bc3463b077e5698fa77cace45ea9612258b1e1849cee944dd11
MD5 08f7b320461c04bbb88555e389c2e544 files/clamav-milter.README.gentoo 1124
RMD160 4fb1e2d9b444874838bcea1071969ca6862fb15b files/clamav-milter.README.gentoo 1124
@@ -28,6 +40,10 @@ SHA256 50ca2c25f796bb3554b5aa08f9e1bbe043ced62f58f2295f6cf33403d7c23dd8 files/cl
DIST clamav-0.91.2.tar.gz 13394538 RMD160 9e181a7a4fd08377ff47663aed27f8cc97249a21 SHA1 f18007c3045a1d78967adad805c6934d46ca6419 SHA256 dac9de86dff5ef4c9a6e4962da24988e1aa74948a21b7fb7b7fed17867ddf2a0
DIST clamav-0.92.tar.gz 14300798 RMD160 37f0450b9b3c6fc863f94811ae372ece1677d791 SHA1 b6573acd9a7bb6bf3bd4b39a0102ce0be764c5bc SHA256 d3c8c1e2e0025a354663b330d69c8848c7a5c9d7248204c69362c2924366025e
DIST clamav-0.92rc2.tar.gz 13785280 RMD160 312dd39a1afd73b6f1808fa407a6f882a7059034 SHA1 e22a6ace3b04ec668387253804dd6de97877a677 SHA256 503073f54007757ad37e509b061f902ef2244be02ebacd6671d518abbf443f09
+EBUILD clamav-0.91.2-r1.ebuild 4388 RMD160 c7754a1326855f6a75a299e1f6e1106ad37f4f8b SHA1 59e1342f0512d208ac0938ab32c773320f396184 SHA256 b868b4515f8cd44289f2879c55a904865caf1a21720b558b175590a9c9a09481
+MD5 75e3a55b1e11cd26bb4f21b5e401ba3a clamav-0.91.2-r1.ebuild 4388
+RMD160 c7754a1326855f6a75a299e1f6e1106ad37f4f8b clamav-0.91.2-r1.ebuild 4388
+SHA256 b868b4515f8cd44289f2879c55a904865caf1a21720b558b175590a9c9a09481 clamav-0.91.2-r1.ebuild 4388
EBUILD clamav-0.91.2.ebuild 4236 RMD160 a6ac8480ebb4bf4707a859ef05f405d008ec62d9 SHA1 f2ca9d86c993d5fba4743b71a4364dc9a5907fcb SHA256 80d183b466341739dcec4a8c8ca3f430af6227878c5e9d400c669c6981d27c58
MD5 694e86b291089110e3acedba3e237959 clamav-0.91.2.ebuild 4236
RMD160 a6ac8480ebb4bf4707a859ef05f405d008ec62d9 clamav-0.91.2.ebuild 4236
@@ -40,10 +56,10 @@ EBUILD clamav-0.92_rc2.ebuild 4308 RMD160 d75dfcd1b59e5059c21a379cc5071ff9e608b0
MD5 f691ad3885dfa5359c72e71e819971e3 clamav-0.92_rc2.ebuild 4308
RMD160 d75dfcd1b59e5059c21a379cc5071ff9e608b0d8 clamav-0.92_rc2.ebuild 4308
SHA256 27b4ed91e24d0bde84f6d10a0c2ae32140d02a1b8066c956f529021da8d4f9ad clamav-0.92_rc2.ebuild 4308
-MISC ChangeLog 39524 RMD160 dd6ea8b5b70bc081a66522b553407ded59a3247a SHA1 7989487b103e8cc99d0074a78feac7892c518183 SHA256 7c54930b4a34eb1449890840844a759cb9072787e99cd2c1a18eb2c9d2828ddd
-MD5 374afc5f5517fe4585b71685756dfad9 ChangeLog 39524
-RMD160 dd6ea8b5b70bc081a66522b553407ded59a3247a ChangeLog 39524
-SHA256 7c54930b4a34eb1449890840844a759cb9072787e99cd2c1a18eb2c9d2828ddd ChangeLog 39524
+MISC ChangeLog 39899 RMD160 947a4d8f0ad492a6750522ac3d305fc175e00097 SHA1 abf1c0e5b1a523aa56fd28fa7f711d6fd5af5765 SHA256 d7f752d2269b49493a250f1336f2dde673d45b53dd5a4fa8978ed05551675890
+MD5 ca0276c2061de69083622da4d4196166 ChangeLog 39899
+RMD160 947a4d8f0ad492a6750522ac3d305fc175e00097 ChangeLog 39899
+SHA256 d7f752d2269b49493a250f1336f2dde673d45b53dd5a4fa8978ed05551675890 ChangeLog 39899
MISC metadata.xml 184 RMD160 c37bff1fc1cd7139c91dae9b0fa5082e1d81f153 SHA1 cc0a188d9ad2411e78747326c62dd046bd5413c8 SHA256 d51011aa837db802ef539a1321a4af0a4a00879d475b92fd58f3c01df7320b58
MD5 7e32edfd72887a57b16ecd73f0f7a1a0 metadata.xml 184
RMD160 c37bff1fc1cd7139c91dae9b0fa5082e1d81f153 metadata.xml 184
@@ -51,6 +67,9 @@ SHA256 d51011aa837db802ef539a1321a4af0a4a00879d475b92fd58f3c01df7320b58 metadata
MD5 00ade3fd37049fda2aee0672a43d7e66 files/digest-clamav-0.91.2 247
RMD160 168d12eabacf3f4fc8158e74d23def1ab63031d7 files/digest-clamav-0.91.2 247
SHA256 af7a808342703688323e4b3cf3d3fbdecd73ec0cfca98e80a50cdcfa259214fb files/digest-clamav-0.91.2 247
+MD5 00ade3fd37049fda2aee0672a43d7e66 files/digest-clamav-0.91.2-r1 247
+RMD160 168d12eabacf3f4fc8158e74d23def1ab63031d7 files/digest-clamav-0.91.2-r1 247
+SHA256 af7a808342703688323e4b3cf3d3fbdecd73ec0cfca98e80a50cdcfa259214fb files/digest-clamav-0.91.2-r1 247
MD5 f5e26e572b810073968192943e5b33ea files/digest-clamav-0.92 241
RMD160 e72c6528731bd12c13211dcc7d1028df8986f385 files/digest-clamav-0.92 241
SHA256 483103d50912e25354ac696926552a16249e5a3ee093751897e05703d583ea19 files/digest-clamav-0.92 241
@@ -60,7 +79,7 @@ SHA256 0b191b6d54c691a09ce0f0dce3b0685fff9f90ee875ac95ed95dd3661a7f6730 files/di
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
-iD8DBQFHZsI7QlM6RnzZP+IRAkQLAKCRVwG+qHqSXGA4u62g/PIsc5g3kgCeMYae
-OOIhRD93fmm3hJiDbM91NhM=
-=WeM6
+iD8DBQFHabd+QlM6RnzZP+IRAhkmAKC3+6xmFJg8pM1QfeeZIa13DGzweQCgwOfD
+P5GLoypgrO4PcRbcq9HNVYA=
+=XGv9
-----END PGP SIGNATURE-----
diff --git a/app-antivirus/clamav/clamav-0.91.2-r1.ebuild b/app-antivirus/clamav/clamav-0.91.2-r1.ebuild
new file mode 100644
index 000000000000..6a9a960b6570
--- /dev/null
+++ b/app-antivirus/clamav/clamav-0.91.2-r1.ebuild
@@ -0,0 +1,143 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-antivirus/clamav/clamav-0.91.2-r1.ebuild,v 1.1 2007/12/20 00:29:41 ticho Exp $
+
+inherit autotools eutils flag-o-matic fixheadtails
+
+DESCRIPTION="Clam Anti-Virus Scanner"
+HOMEPAGE="http://www.clamav.net/"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="bzip2 crypt mailwrapper milter nls selinux"
+
+DEPEND="virtual/libc
+ bzip2? ( app-arch/bzip2 )
+ crypt? ( >=dev-libs/gmp-4.1.2 )
+ milter? ( || ( mail-filter/libmilter mail-mta/sendmail ) )
+ nls? ( sys-devel/gettext )
+ dev-libs/gmp
+ >=sys-libs/zlib-1.2.1-r3
+ >=sys-apps/sed-4"
+RDEPEND="${DEPEND}
+ selinux? ( sec-policy/selinux-clamav )
+ sys-apps/grep"
+PROVIDE="virtual/antivirus"
+
+pkg_setup() {
+ if use milter; then
+ if [ ! -e /usr/lib/libmilter.a ] ; then
+ ewarn "In order to enable milter support, clamav needs sendmail with enabled milter"
+ ewarn "USE flag. Either recompile sendmail with milter USE flag enabled, or disable"
+ ewarn "this flag for clamav as well to disable milter support."
+ die "need milter-enabled sendmail"
+ fi
+ fi
+ enewgroup clamav
+ enewuser clamav -1 -1 /dev/null clamav
+}
+
+src_unpack() {
+ unpack "${A}"
+ cd "${S}"
+ epatch "${FILESDIR}"/${PN}-0.90-compat.patch
+ epatch "${FILESDIR}"/${PN}-0.90-nls.patch
+ epatch "${FILESDIR}"/${P}-CVE-2007-5759.patch
+ epatch "${FILESDIR}"/${P}-CVE-2007-6336.patch
+ epatch "${FILESDIR}"/${P}-CVE-2007-6337.patch
+ eautoreconf
+}
+
+src_compile() {
+ has_version =sys-libs/glibc-2.2* && filter-lfs-flags
+
+ local myconf
+
+ # we depend on fixed zlib, so we can disable this check to prevent redundant
+ # warning (bug #61749)
+ myconf="${myconf} --disable-zlib-vcheck"
+ # use id utility instead of /etc/passwd parsing (bug #72540)
+ myconf="${myconf} --enable-id-check"
+ use milter && {
+ myconf="${myconf} --enable-milter"
+ use mailwrapper && \
+ myconf="${myconf} --with-sendmail=/usr/sbin/sendmail.sendmail"
+ }
+
+ ht_fix_file configure
+ econf ${myconf} \
+ $(use_enable bzip2) \
+ $(use_enable nls) \
+ --disable-experimental \
+ --with-dbdir=/var/lib/clamav || die
+ emake || die
+}
+
+src_install() {
+ make DESTDIR="${D}" install || die
+ dodoc AUTHORS BUGS NEWS README ChangeLog FAQ
+ newconfd "${FILESDIR}"/clamd.conf clamd
+ newinitd "${FILESDIR}"/clamd.rc clamd
+ dodoc "${FILESDIR}"/clamav-milter.README.gentoo
+
+ dodir /var/run/clamav
+ keepdir /var/run/clamav
+ fowners clamav:clamav /var/run/clamav
+ dodir /var/log/clamav
+ keepdir /var/log/clamav
+ fowners clamav:clamav /var/log/clamav
+
+ # Change /etc/clamd.conf to be usable out of the box
+ sed -i -e "s:^\(Example\):\# \1:" \
+ -e "s:.*\(PidFile\) .*:\1 /var/run/clamav/clamd.pid:" \
+ -e "s:.*\(LocalSocket\) .*:\1 /var/run/clamav/clamd.sock:" \
+ -e "s:.*\(User\) .*:\1 clamav:" \
+ -e "s:^\#\(LogFile\) .*:\1 /var/log/clamav/clamd.log:" \
+ -e "s:^\#\(LogTime\).*:\1 yes:" \
+ "${D}"/etc/clamd.conf
+
+ # Do the same for /etc/freshclam.conf
+ sed -i -e "s:^\(Example\):\# \1:" \
+ -e "s:.*\(PidFile\) .*:\1 /var/run/clamav/freshclam.pid:" \
+ -e "s:.*\(DatabaseOwner\) .*:\1 clamav:" \
+ -e "s:^\#\(UpdateLogFile\) .*:\1 /var/log/clamav/freshclam.log:" \
+ -e "s:^\#\(NotifyClamd\).*:\1 /etc/clamd.conf:" \
+ -e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
+ "${D}"/etc/freshclam.conf
+
+ if use milter ; then
+ echo "START_MILTER=no" \
+ >> "${D}"/etc/conf.d/clamd
+ echo "MILTER_SOCKET=\"/var/run/clamav/clmilter.sock\"" \
+ >>"${D}"/etc/conf.d/clamd
+ echo "MILTER_OPTS=\"-m 10 --timeout=0\"" \
+ >>"${D}"/etc/conf.d/clamd
+ fi
+
+ diropts ""
+ dodir /etc/logrotate.d
+ insopts -m0644
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}"/${PN}.logrotate ${PN}
+}
+
+pkg_postinst() {
+ echo
+ if use milter ; then
+ elog "For simple instructions how to setup the clamav-milter"
+ elog "read /usr/share/doc/${PF}/clamav-milter.README.gentoo.gz"
+ echo
+ fi
+ ewarn "Warning: clamd and/or freshclam have not been restarted."
+ ewarn "You should restart them to start using new version: /etc/init.d/clamd restart"
+ echo
+ ewarn "The soname for libclamav has changed after clamav-0.90."
+ ewarn "If you have upgraded from that or earlier version, it is recommended to run:"
+ ewarn
+ ewarn "revdep-rebuild --library libclamav.so.1"
+ ewarn
+ ewarn "This will fix linking errors caused by this change."
+ echo
+}
diff --git a/app-antivirus/clamav/files/clamav-0.91.2-CVE-2007-5759.patch b/app-antivirus/clamav/files/clamav-0.91.2-CVE-2007-5759.patch
new file mode 100644
index 000000000000..d879eb7f65be
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.91.2-CVE-2007-5759.patch
@@ -0,0 +1,52 @@
+Thu Dec 6 15:22:27 CET 2007 (tk)
+---------------------------------
+ * libclamav/pe.c: fix possible integer overflow in MEW related code
+ Reported by iDefense [IDEF2842]
+
+ Backported by <sgran@debian.org>
+
+ SVN r3376
+
+Index: clamav-0.91.2/libclamav/pe.c
+===================================================================
+--- clamav-0.91.2.orig/libclamav/pe.c
++++ clamav-0.91.2/libclamav/pe.c
+@@ -80,6 +80,18 @@
+ #define PEALIGN(o,a) (((a))?(((o)/(a))*(a)):(o))
+ #define PESALIGN(o,a) (((a))?(((o)/(a)+((o)%(a)!=0))*(a)):(o))
+
++#define CLI_UNPSIZELIMITS(NAME,CHK) \
++if(ctx->limits && ctx->limits->maxfilesize && (CHK) > ctx->limits->maxfilesize) { \
++ cli_dbgmsg(NAME": Sizes exceeded (%lu > %lu)\n", (CHK), ctx->limits->maxfilesize); \
++ free(exe_sections); \
++ if(BLOCKMAX) { \
++ *ctx->virname = "PE."NAME".ExceededFileSize"; \
++ return CL_VIRUS; \
++ } else { \
++ return CL_CLEAN; \
++ } \
++}
++
+ extern short cli_leavetemps_flag;
+
+ struct offset_list {
+@@ -1153,16 +1165,9 @@ int cli_scanpe(int desc, cli_ctx *ctx)
+ dsize = exe_sections[i].vsz;
+
+ cli_dbgmsg("MEW: ssize %08x dsize %08x offdiff: %08x\n", ssize, dsize, offdiff);
+- if(ctx->limits && ctx->limits->maxfilesize && (ssize + dsize > ctx->limits->maxfilesize || exe_sections[i + 1].rsz > ctx->limits->maxfilesize)) {
+- cli_dbgmsg("MEW: Sizes exceeded (ssize: %u, dsize: %u, max: %lu)\n", ssize, dsize , ctx->limits->maxfilesize);
+- free(exe_sections);
+- if(BLOCKMAX) {
+- *ctx->virname = "PE.MEW.ExceededFileSize";
+- return CL_VIRUS;
+- } else {
+- return CL_CLEAN;
+- }
+- }
++
++ CLI_UNPSIZELIMITS("MEW", MAX(ssize, dsize));
++ CLI_UNPSIZELIMITS("MEW", MAX(ssize + dsize, exe_sections[i + 1].rsz));
+
+ /* allocate needed buffer */
+ if (!(src = cli_calloc (ssize + dsize, sizeof(char)))) {
diff --git a/app-antivirus/clamav/files/clamav-0.91.2-CVE-2007-6336.patch b/app-antivirus/clamav/files/clamav-0.91.2-CVE-2007-6336.patch
new file mode 100644
index 000000000000..41cc474888c2
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.91.2-CVE-2007-6336.patch
@@ -0,0 +1,21 @@
+Thu Dec 6 15:15:45 CET 2007 (tk)
+---------------------------------
+ * libclamav/mspack.c: fix off-by-one error in LZX_READ_HUFFSYM() (bb#663)
+
+ https://wwws.clamav.net/bugzilla/show_bug.cgi?id=663
+
+ SVN r3374
+
+Index: clamav-0.91.2/libclamav/mspack.c
+===================================================================
+--- clamav-0.91.2.orig/libclamav/mspack.c
++++ clamav-0.91.2/libclamav/mspack.c
+@@ -734,7 +734,7 @@ void mszip_free(struct mszip_stream *zip
+
+ #define LZX_ENSURE_BITS(nbits) \
+ while (bits_left < (nbits)) { \
+- if (i_ptr >= i_end) { \
++ if (i_ptr + 1 >= i_end) { \
+ if (lzx_read_input(lzx)) return lzx->error; \
+ i_ptr = lzx->i_ptr; \
+ i_end = lzx->i_end; \
diff --git a/app-antivirus/clamav/files/clamav-0.91.2-CVE-2007-6337.patch b/app-antivirus/clamav/files/clamav-0.91.2-CVE-2007-6337.patch
new file mode 100644
index 000000000000..71edc47c61c3
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-0.91.2-CVE-2007-6337.patch
@@ -0,0 +1,24 @@
+Mon Dec 10 15:54:20 CET 2007 (tk)
+---------------------------------
+ * libclamav/nsis/bzlib_private.h: fix bzlib bug (aCaB)
+
+ SVN r3387
+
+Index: clamav-0.91.2/libclamav/nsis/bzlib_private.h
+===================================================================
+--- clamav-0.91.2.orig/libclamav/nsis/bzlib_private.h
++++ clamav-0.91.2/libclamav/nsis/bzlib_private.h
+@@ -422,11 +422,13 @@ typedef
+ /*-- Macros for decompression. --*/
+
+ #define BZ_GET_FAST(cccc) \
++ if (s->tPos >= s->blockSize100k * 100000) return True; \
+ s->tPos = s->tt[s->tPos]; \
+ cccc = (UChar)(s->tPos & 0xff); \
+ s->tPos >>= 8;
+
+ #define BZ_GET_FAST_C(cccc) \
++ if (c_tPos >= s->blockSize100k * 100000) return True; \
+ c_tPos = c_tt[c_tPos]; \
+ cccc = (UChar)(c_tPos & 0xff); \
+ c_tPos >>= 8;
diff --git a/app-antivirus/clamav/files/digest-clamav-0.91.2-r1 b/app-antivirus/clamav/files/digest-clamav-0.91.2-r1
new file mode 100644
index 000000000000..dff507b523df
--- /dev/null
+++ b/app-antivirus/clamav/files/digest-clamav-0.91.2-r1
@@ -0,0 +1,3 @@
+MD5 2a7265d17cfa80c32858978f16a3f47b clamav-0.91.2.tar.gz 13394538
+RMD160 9e181a7a4fd08377ff47663aed27f8cc97249a21 clamav-0.91.2.tar.gz 13394538
+SHA256 dac9de86dff5ef4c9a6e4962da24988e1aa74948a21b7fb7b7fed17867ddf2a0 clamav-0.91.2.tar.gz 13394538