security/clamav-unofficial-sigs: update to 7.2.5

Changes: 7.2.5 eXtremeSHOK.com Maintenance Added : os.centos7-cpanel.conf Refactor : bsd support for tar, remove gnu-tar requirement Refactor : remove gnu-sed requirement Refactor : bsd support for stat command 7.2.4 eXtremeSHOK.com Maintenance Disabled winnow_malware.yara , duplicated in EMAIL_Cryptowall.yar and no longer maintained Removed gtar requirement (--wildcards is the default) Incremented the config to version 97 7.2.3 eXtremeSHOK.com Maintenance Whitelist support for yararules (whitelist signature tracking is disabled for yararules) Disable JJencode.yar , due to excessive CPU usage Disable scamnailer , discontinued Update pfsense guide for 2.5 Fix working directory variable "urlhausy" to "urlhaus" Fix missing tracker-tmp.txt Thank you @perplexityjeff 7.2.2 eXtremeSHOK.com Maintenance Use POSIX character classes instead of literals Prevent linuxmalwaredetect yara files being extracted when yara is not supported Replace echo with xshok_pretty_echo_and_log to silence database cleanup cron messages 7.2.1 eXtremeSHOK.com Maintenance Change yararule email/Email_generic_phishing.yar to HIGH New config option: force_host, by default dig is used when dig and host is present. Refactor and correct the assigning of binaries/commands Fix broken yara rule database names: Maldoc_hancitor_dropper and Maldoc_APT19_CVE-2017-1099 Ensure only dig or host is used when either dig or host is enabled Enable remove_disabled_databases by default Fix disabled databases removed when "$remove_disabled_databases" is set to "no" Incremented the config to version 95 7.2 eXtremeSHOK.com maintenance Database rating downgrades are now supported, eg, changing from HIGH to LOW will remove the HIGH and MEDIUM rated databases. Disabled databases are automatically removed Disable databases by setting the rating to "DISABLED" eg. securiteinfo_dbs_rating="DISABLED" will disable all securiteinfo databases Added Malware Expert databases (non-free) Added interServer databases (free) Reworked securiteinfo premium databases (non-free) Added malwarepatrol_db to specify the exact database name (default: malwarepatrol.db) Added detection of tar executable (use gtar on mac and bsd) Config os.macosx.conf renamed to os.macos.conf Fix: set ownership of last-version-check.txt More automated linting and testing (markdown and macOS / osx) via travis-ci Updated macOS installation guide for Big Sur (OSX 11) Incremented the config to version 94 Thank you @dandanio @jkellerer @msapiro @shawniverson Enforce HTTPS validation by default Updated sanesecurity publickey.gpg url to use SSL Ignore yara files that include modules Enabled yararulesproject rules by default os.gentoo.conf: disable updates and upgrade checks Fix: URLhaus log message Fix wrong download URL for MalwarePatrol Fix: fallback to host if dig is not used Disable cron MAILTO BSD read config fix Incremented the config to version 92 Thank you @dandanio @jkellerer @m0urs @Mrothyr @msapiro @orlitzky @RobbieTheK @SlothOfAnarchy
2025-05-24 23:16:33 -04:00 · 2022-03-08 19:26:50 -06:00 · 2022-03-08 19:26:50 -06:00 · a1caa82956
commit a1caa82956
parent be3225c06a
4 changed files with 48 additions and 99 deletions
--- a/security/clamav-unofficial-sigs/Makefile
+++ b/security/clamav-unofficial-sigs/Makefile
@ -1,7 +1,7 @@
 # Created by: Marko Njezic <sf@maxempire.com>

 PORTNAME=	clamav-unofficial-sigs
-PORTVERSION=	7.0.1
+PORTVERSION=	7.2.5
 CATEGORIES=	security

 MAINTAINER=	freebsd@mnd.sc
@ -14,6 +14,7 @@ COMMON_DEPENDS=	clamscan:security/clamav \
 		rsync:net/rsync \
 		curl:ftp/curl \
 		gpg:security/gnupg \
+		gsed:textproc/gsed \
 		bash:shells/bash
 BUILD_DEPENDS=	${COMMON_DEPENDS}
 RUN_DEPENDS=	${COMMON_DEPENDS}
--- a/security/clamav-unofficial-sigs/distinfo
+++ b/security/clamav-unofficial-sigs/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1581201339
-SHA256 (extremeshok-clamav-unofficial-sigs-7.0.1_GH0.tar.gz) = 20e1bd6da863513ec1dc42c3f498ca1dfe1c1845110442c2e4595df6ab8341ed
-SIZE (extremeshok-clamav-unofficial-sigs-7.0.1_GH0.tar.gz) = 59517
+TIMESTAMP = 1646720893
+SHA256 (extremeshok-clamav-unofficial-sigs-7.2.5_GH0.tar.gz) = f42f9d68e111f892bfd71393e869e53c806f48966c768d219925de6652960c50
+SIZE (extremeshok-clamav-unofficial-sigs-7.2.5_GH0.tar.gz) = 68425
--- a/security/clamav-unofficial-sigs/files/patch-clamav-unofficial-sigs.sh
+++ b/security/clamav-unofficial-sigs/files/patch-clamav-unofficial-sigs.sh
@ -1,6 +1,6 @@
--- clamav-unofficial-sigs.sh.orig	2020-02-08 22:48:12 UTC
+--- clamav-unofficial-sigs.sh.orig	2022-03-08 06:43:27 UTC
 +++ clamav-unofficial-sigs.sh
-@@ -1541,48 +1541,17 @@ force_wget="no"
+@@ -1595,48 +1595,17 @@
 enable_log="no"
 custom_config="no"
 we_have_a_config="0"
@ -21,103 +21,48 @@
 -fi
 # Default config files
 -if [ -r "${config_dir}/master.conf" ] ; then
-	config_files+=( "${config_dir}/master.conf" )
+-    config_files+=( "${config_dir}/master.conf" )
 -else
-	xshok_pretty_echo_and_log "ERROR: ${config_dir}/master.conf is not readable"
-	exit 1
+-    xshok_pretty_echo_and_log "ERROR: ${config_dir}/master.conf is not readable"
+-    exit 1
 -fi
 +config_dir="%%PREFIX%%/etc/clamav-unofficial-sigs"
 +config_files=("${config_dir}/master.conf")
 if [ -r "${config_dir}/os.conf" ] ; then
- 	config_files+=( "${config_dir}/os.conf" )
+     config_files+=( "${config_dir}/os.conf" )
 -else
-	#find the a suitable os.*.conf file
-	os_config_number=$(find "$config_dir" -type f -iname "os.*.conf" | wc -l)
-	if [ "$os_config_number" == "0" ] ; then
-		xshok_pretty_echo_and_log "WARNING: no os.conf or os.*.conf found"
-	elif [ "$os_config_number" == "1" ] ; then
-		config_file="$(find "$config_dir" -type f -iname "os.*.conf" | head -n1)"
-		if [ -r "${config_file}" ]; then
-			config_files+=( "${config_file}" )
-		else
-			xshok_pretty_echo_and_log "WARNING: ${config_file} is not readable"
-		fi
-	else
-		xshok_pretty_echo_and_log "WARNING: Too many os.*.conf configs found"
-	fi
+-    #find the a suitable os.*.conf file
+-    os_config_number=$(find "$config_dir" -type f -iname "os.*.conf" | wc -l)
+-    if [ "$os_config_number" == "0" ] ; then
+-        xshok_pretty_echo_and_log "WARNING: no os.conf or os.*.conf found"
+-    elif [ "$os_config_number" == "1" ] ; then
+-        config_file="$(find "$config_dir" -type f -iname "os.*.conf" | head -n1)"
+-        if [ -r "${config_file}" ]; then
+-            config_files+=( "${config_file}" )
+-        else
+-            xshok_pretty_echo_and_log "WARNING: ${config_file} is not readable"
+-        fi
+-    else
+-        xshok_pretty_echo_and_log "WARNING: Too many os.*.conf configs found"
+-    fi
 fi
 if [ -r "${config_dir}/user.conf" ] ; then
- 	config_files+=( "${config_dir}/user.conf" )
+     config_files+=( "${config_dir}/user.conf" )
 -else
-	xshok_pretty_echo_and_log "WARNING: ${config_dir}/user.conf is not readable"
+-    xshok_pretty_echo_and_log "WARNING: ${config_dir}/user.conf is not readable"
 fi
 
- # Solaris command -v function returns garbage when the program is not found
-@@ -1718,10 +1687,8 @@ if [ "$custom_config" != "no" ] ; then
- 		else
- 			xshok_pretty_echo_and_log "WARNING: ${config_dir}/master.conf not found"
- 		fi
-		#find the a suitable os.conf or os.*.conf file
-		config_file="$(find "$config_dir" -type f -iname "os.conf" -o -iname "os.*.conf" | tail -n1)"
-		if [ -r "${config_file}" ] ; then
-			config_files+=( "${config_file}" )
-+		if [ -r "${config_dir}/os.conf" ] ; then
-+			config_files+=( "${config_dir}/os.conf" )
- 		else
- 			xshok_pretty_echo_and_log "WARNING: ${config_dir}/os.conf not found"
- 		fi
-@@ -1767,7 +1734,7 @@ for config_file in "${config_files[@]}" ; do
-       # Delete both trailing and leading whitespace
-       # Delete all trailing whitespace
-       # Delete all empty lines
-      clean_config="$(command sed -e '/^#.*/d' -e 's/[[:space:]]#.*//' -e 's/#[[:space:]].*//' -e 's/^[ \t]*//;s/[ \t]*$//' -e '/^\s*$/d' "$config_file")"
-+      clean_config="$(command sed -e '/^#.*/d' -e 's/[[:space:]]#.*//' -e 's/#[[:space:]].*//' -e 's/^[[:blank:]]*//;s/[[:blank:]]*$//' -e '/^[[:space:]]*$/d' "$config_file")"
-     fi
- 
-     #fix eval of |
-@@ -1782,7 +1749,7 @@ for config_file in "${config_files[@]}" ; do
-     fi
- 
-     # Check there is an = for every set of "" optional whitespace \s* between = and "
-    config_check_vars="$(echo "$clean_config" | $grep_bin -c '=\s*\"' )"
-+    config_check_vars="$(echo "$clean_config" | $grep_bin -c '=[[:space:]]*\"' )"
- 
-     if [ $(( ${#config_check} / 2 )) -ne "$config_check_vars" ] ; then
-       xshok_pretty_echo_and_log "ERROR: Your configuration has errors, every = requires a pair of \"\""
-@@ -2504,24 +2471,12 @@ if [ "$sanesecurity_enabled" == "yes" ] ; then
-         echo "$current_time" > "${work_dir_work_configs}/last-ss-update.txt"
-         xshok_pretty_echo_and_log "Sanesecurity Database & GPG Signature File Updates" "="
-         xshok_pretty_echo_and_log "Checking for Sanesecurity updates..."
-				# shellcheck disable=SC2086
-        sanesecurity_mirror_ips="$(dig $dig_proxy +ignore +short "$sanesecurity_url")"
-        # Add fallback to host if dig returns no records
-        if [ ${#sanesecurity_mirror_ips} -lt 1 ] ; then
-					# shellcheck disable=SC2086
-          sanesecurity_mirror_ips="$(host $host_proxy -t A "$sanesecurity_url" | sed -n '/has address/{s/.*address \([^ ]*\).*/\1/;p;}')"
-        fi
- 
-+        sanesecurity_mirror_ips=$(host "$sanesecurity_url" | sed 's/.*[[:space:]]//')
-+
-         if [ ${#sanesecurity_mirror_ips} -ge 1 ] ; then
-           for sanesecurity_mirror_ip in $sanesecurity_mirror_ips ; do
-            sanesecurity_mirror_name=""
-						# shellcheck disable=SC2086
-            sanesecurity_mirror_name="$(dig $dig_proxy +short -x "$sanesecurity_mirror_ip" | command sed 's/\.$//')"
-            # Add fallback to host if dig returns no records
-            if [ -z "$sanesecurity_mirror_name" ] ; then
-							# shellcheck disable=SC2086
-              sanesecurity_mirror_name="$(host $host_proxy "$sanesecurity_mirror_ip" | sed -n '/name pointer/{s/.*pointer \([^ ]*\).*\.$/\1/;p;}')"
-            fi
-+            sanesecurity_mirror_name=$(host "$sanesecurity_mirror_ip" | sed 's/.*[[:space:]]//' | sed 's/\.$//')
-             sanesecurity_mirror_site_info="$sanesecurity_mirror_name $sanesecurity_mirror_ip"
-             xshok_pretty_echo_and_log "Sanesecurity mirror site used: ${sanesecurity_mirror_site_info}"
-             # shellcheck disable=SC2086
-@@ -2834,7 +2789,7 @@ if [ "$linuxmalwaredetect_enabled" == "yes" ] ; then
-           ret="$?"
-           if [ "$ret" -eq 0 ] ; then
- 						# shellcheck disable=SC2035
-            $tar_bin --strip-components=1 --wildcards --overwrite -xzf "${work_dir_linuxmalwaredetect}/sigpack.tgz" --directory "${work_dir_linuxmalwaredetect}" */rfxn.*
-+            $tar_bin --strip-components=1 -xzf "${work_dir_linuxmalwaredetect}/sigpack.tgz" --directory "${work_dir_linuxmalwaredetect}" "*/rfxn.*"
-             for db_file in "${linuxmalwaredetect_dbs[@]}" ; do
-               if [ "$loop" == "1" ] ; then
-                 xshok_pretty_echo_and_log "---"
+ # Solaris command -v function returns garbage when the program is not found k
+@@ -1762,10 +1731,8 @@
+         else
+             xshok_pretty_echo_and_log "WARNING: ${config_dir}/master.conf not found"
+         fi
+-        #find the a suitable os.conf or os.*.conf file
+-        config_file="$(find "$config_dir" -type f -iname "os.conf" -o -iname "os.*.conf" | tail -n1)"
+-        if [ -r "${config_file}" ] ; then
+-            config_files+=( "${config_file}" )
+        if [ -r "${config_dir}/os.conf" ] ; then
+            config_files+=( "${config_dir}/os.conf" )
+         else
+             xshok_pretty_echo_and_log "WARNING: ${config_dir}/os.conf not found"
+         fi
--- a/security/clamav-unofficial-sigs/files/patch-config_user.conf
+++ b/security/clamav-unofficial-sigs/files/patch-config_user.conf
@ -1,17 +1,20 @@
--- config/user.conf.orig	2020-01-25 12:02:06 UTC
+--- config/user.conf.orig	2021-03-20 02:49:21 UTC
 +++ config/user.conf
-@@ -54,13 +54,11 @@
+@@ -64,7 +64,7 @@
 #) #END ADDITIONAL DATABASES
 
 # Uncomment the following line to enable the script
 -user_configuration_complete="yes"
 +#user_configuration_complete="yes"
 
+ # HTTPS validation
+ # Uncomment to allow and ignore SSL errors leading to insecure transfers
+@@ -73,8 +73,6 @@
 # Proxy Support
 # If necessary to proxy database downloads, define the rsync, curl, wget, dig, hosr proxy settings here.
 #curl_proxy="--proxy http://username:password@proxy_host:proxy_port"
 -#dig_proxy="@proxy_host -p proxy_host:proxy_port"
 -#host_proxy="@proxy_host" #does not support port
 #rsync_proxy="username:password@proxy_host:proxy_port"
- #wget_proxy="-e http_proxy=http://username:password@proxy_host:proxy_port -e https_proxy=https://username:password@proxy_host:proxy_port"
- 
+ # Define rsync to use netcat for socks tunnel
+ #rsync_connect_prog="nc -X 5 -x socksproxy_host:socksproxy_port %H 873"