Recommended update for clamav

Announcement ID:	SUSE-RU-2018:1856-1
Rating:	moderate
References:	bsc#1089502 bsc#1093322
Affected Products:	SLES for SAP Applications 11-SP4 SUSE Linux Enterprise Point of Service 11 SP3 SUSE Linux Enterprise Server 11 SP3 LTSS 11-SP3 SUSE Linux Enterprise Server 11 SP4

An update that has two fixes can now be installed.

Description:

This update for clamav fixes the following issues:

Clamav was updated to version 0.100.0 (bsc#1089502):

• Add interfaces to the Prelude SIEM open source package for collecting ClamAV virus events.
• Support libmspack internal code or as a shared object library. The internal library is the default and includes modifications to enable parsing of CAB files that do not entirely adhere to the CAB file format.
• Deprecate of the AllowSupplementaryGroups parameter statement in clamd, clamav-milter, and freshclam. Use of supplementary is now in effect by default.
• Deprecate internal LLVM code support.
• Compute and check PE import table hash (a.k.a. "imphash") signatures.
• Support file property collection and analysis for MHTML files.
• Raw scanning of PostScript files.
• Fix clamsubmit to use the new virus and false positive submission web interface.
• Optionally, flag files with the virus "Heuristic.Limits.Exceeded" when size limitations are exceeded.
• Improved decoders for PDF files.
• Reduced number of compile time warnings.
• Improved support for C++11.
• Improved detection of system installed libraries.
• Fixes to ClamAV's Container system and the introduction of Intermediates for more descriptive signatures.
• Improvements to clamd's On-Access scanning capabilities for Linux.

Re-introduce removed options as deprecated, so that clamd and freshclam don't exit on startup with an old config file

Revert accidental path change in config files from /var/run back to /var/lib (bsc#1093322).

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Point of Service 11 SP3
  zypper in -t patch sleposp3-clamav-13687=1
• SUSE Linux Enterprise Server 11 SP3 LTSS 11-SP3
  zypper in -t patch slessp3-clamav-13687=1
• SUSE Linux Enterprise Server 11 SP4
  zypper in -t patch slessp4-clamav-13687=1
• SLES for SAP Applications 11-SP4
  zypper in -t patch slessp4-clamav-13687=1

Package List:

• SUSE Linux Enterprise Point of Service 11 SP3 (i586)
  • clamav-0.100.0-0.20.12.2
• SUSE Linux Enterprise Server 11 SP3 LTSS 11-SP3 (s390x x86_64 i586)
  • clamav-0.100.0-0.20.12.2
• SUSE Linux Enterprise Server 11 SP4 (s390x x86_64 i586 ppc64 ia64)
  • clamav-0.100.0-0.20.12.2
• SLES for SAP Applications 11-SP4 (ppc64 x86_64)
  • clamav-0.100.0-0.20.12.2

References:

• https://bugzilla.suse.com/show_bug.cgi?id=1089502
• https://bugzilla.suse.com/show_bug.cgi?id=1093322