Log Message:
Pullup ticket #6195 - requested by taca
security/clamav: security fix

Revisions pulled up:
- security/clamav/Makefile                                      1.64-1.65
- security/clamav/Makefile.common                               1.16
- security/clamav/distinfo                                      1.33

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Wed May  6 14:05:09 UTC 2020

   Modified Files:
   	pkgsrc/security/clamav: Makefile

   Log Message:
   revbump after boost update

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Wed May 13 14:58:58 UTC 2020

   Modified Files:
   	pkgsrc/security/clamav: Makefile Makefile.common distinfo

   Log Message:
   security/clamav: update to 0.102.3

   Update clamav to 0.102.3.

   ## 0.102.3

   ClamAV 0.102.3 is a bug patch release to address the following issues.

   - [CVE-2020-3327](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327):
     Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.2 that
     could cause a Denial-of-Service (DoS) condition. Improper bounds checking of
     an unsigned variable results in an out-of-bounds read which causes a crash.

     Special thanks to Daehui Chang and Fady Othman for helping identify the ARJ
     parsing vulnerability.

   - [CVE-2020-3341](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341):
     Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that
     could cause a Denial-of-Service (DoS) condition. Improper size checking of
     a buffer used to initialize AES decryption routines results in an out-of-
     bounds read which may cause a crash. Bug found by OSS-Fuzz.

   - Fix "Attempt to allocate 0 bytes" error when parsing some PDF \ 
documents.

   - Fix a couple of minor memory leaks.

   - Updated libclamunrar to UnRAR 5.9.2.