mirrors/meta-security
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-security synced 2026-01-11 15:00:34 +00:00
Code Issues Projects Releases Wiki Activity

clamav: Add recipe for version 1.4.3

Browse Source 
Add modern ClamAV 1.4.3 recipe with comprehensive improvements over
the legacy 0.104.4 version. Remove the end-of-life 0.104.4 recipe and
associated patches as they are superseded by this version.

Major changes in 1.4.3:
- Upgraded core engine with improved threat detection capabilities
- Added Rust components requiring cross-compilation support
- Updated CMake build system replacing legacy autotools
- Modernized library dependencies (LLVM, JSON-C, PCre2)
- Added comprehensive license compliance for multi-component package
- Enhanced cross-compilation support for all target architectures

The recipe includes dynamic Cargo configuration using Yocto variables
to support cross-compilation to any target architecture supported by
the build system.

Runtime configuration improvements:
- Set APP_CONFIG_DIRECTORY to ${sysconfdir}/clamav for proper config paths
- Added volatiles/tmpfiles support for /var/lib/clamav and /var/log/clamav
- Added pkg_postinst scripts to ensure correct directory ownership
- Implemented CMake cache variables for cross-compilation
- Updated all license checksums for compliance
- Added Rust toolchain integration with automatic environment setup
- Use Cargo vendoring with cargo + cargo-update-recipe-crates classes

Security rationale:
- ClamAV 0.104.4 reached end-of-life and is no longer maintained
- Upstream strongly recommends migration to 1.4.x for security updates

Signed-off-by: Hemant Jadhav <hemant.jadhav@emerson.com>
(regenerated diff, fixed building with systemd,
 fixed target Rust configuration, disabled for 32-bit targets)
Signed-off-by: Scott Murray <scott.murray@konsulko.com>
This commit is contained in:
Hemant Jadhav
2025-11-28 21:51:49 +02:00
committed by Scott Murray
parent 1a0643fa36
commit dd147f6792
9 changed files with 537 additions and 255 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
recipes-core/packagegroup/packagegroup-core-security.bb
View File

@@ -57,11 +57,13 @@ RDEPENDS:packagegroup-security-utils:remove:libc-musl = "krill firejail"
ARPWATCH = "arpwatch"
ARPWATCH:riscv32 = ""
ARPWATCH:riscv64 = ""
ARPWATCH:qemuriscv64 = ""
CLAMAV = "clamav clamav-daemon clamav-freshclam"
CLAMAV:arm = ""
CLAMAV:mips = ""
CLAMAV:powerpc = ""
CLAMAV:riscv32 = ""
CLAMAV:riscv64 = ""
CLAMAV:qemuriscv64 = ""
CLAMAV:x86 = ""
SUMMARY:packagegroup-security-scanners = "Security scanners"
RDEPENDS:packagegroup-security-scanners = "\