clamav-1.5.1-160000.1.1

- Provide a better fix for boo#1249404 by disabling debug mode.

- Build with older rust 1.87 for reproducible builds (boo#1249404)

- Add clamav-workaround.patch to work around symbol removals in
  version 1.5.0 and 1.5.1.

- New version: 1.5.1:
  * Fixed a significant performance issue when scanning some PE
    files.
  * Fixed an issue recording file entries from a ZIP archive
    central directory which resulted in
    "Heuristics.Limits.Exceeded.MaxFiles" alerts when using the
    ClamScan --alert-exceeds-max command line option or ClamD
    AlertExceedsMax config file option.
  * Improved performance when scanning TNEF email attachments.
  * Fixed an issue with recording metadata for OOXML office
    documents.
  * Fixed an issue with signature matches for VBA in OLE2 office
    documents.
  * Loosened overly restrictive rules for embedded file
    identification and increased the limit for finding PE files
    embedded in other PE files.
  * Fixed an issue with extracting some RAR archives embedded in
    other files.
  * Fixed an issue with calculating fuzzy hashes affecting some
    images by updating the version for several Rust library
    dependencies.

- Add json-c-json-c-0.18-20240915.tar.gz and link it statically
  into libclamav on SLE-12, because version 0.12 is too old.

- New version 1.5.0:
  * Added checks to determine if an OLE2-based Microsoft Office
    document is encrypted.
  * Added the ability to record URIs found in HTML if the
    generate-JSON-metadata feature is enabled.
  * Added the ability to record URIs found in PDFs if the
    generate-JSON-metadata feature is enabled.
  * Added regex support for the clamd.conf OnAccessExcludePath
    config option.
  * Added CVD signing/verification with external .sign files.
  * Freshclam, ClamD, ClamScan, and Sigtool: Added an option to
    enable FIPS-like limits disabling MD5 and SHA1 from being used
    for verifying digital signatures or for being used to trust a
    file when checking for false positives
  * ClamD: Added an option to disable select administrative
    commands including SHUTDOWN, RELOAD, STATS and VERSION.
  * libclamav: Added extended hashing functions with a "flags"
    parameter that allows the caller to choose if they want to
    bypass FIPS hash algorithm limits.
  * See the release announcement for the full list of changes:
    https://blog.clamav.net/2025/10/clamav-150-released.html
- Obsoleted patches:
  * clamav-freshclam_test.patch
  * clamav-disable-administrative-commands.patch
  * clamav-fips.patch
- Use macros for library versions
- Remove service symlinks: rcclamd, rcfreshclam, rcclamav-milter,
  and clamonacc.
- Use rust 1.86 for SLE-12 and SLE-15-SP2.

- bsc#1240363, clamav-disable-administrative-commands.patch: clamd:
  Add an option to toggle SHUTDOWN, RELOAD, STATS and VERSION.

- New version 1.4.3:
  ClamAV 1.4.3 is a patch release with the following fixes:
  * CVE-2025-20260, bsc#1245054: Fixed a possible buffer overflow
    write bug in the PDF file parser that could cause a
    denial-of-service (DoS) condition or enable remote code
    execution. This issue only affects configurations where both:
  - The max file-size scan limit is set greater than or equal to 1024MB.
  - The max scan-size scan limit is set greater than or equal to 1025MB.
    The code flaw was present prior to version 1.0.0, but a change in
    version 1.0.0 that enables larger allocations based on untrusted data
    made it possible to trigger this bug.
    This issue affects all currently supported versions.
  * CVE-2025-20234, bsc#1245055: Fixed a possible buffer overflow
    read bug in the UDF file parser that may write to a temp file
    and thus disclose information, or it may crash and cause a
    denial-of-service (DoS) condition.
    This issue was introduced in version 1.2.0.
  * Fixed a possible use-after-free bug in the Xz decompression module in
    the bundled lzma-sdk library.
    This issue was fixed in the lzma-sdk version 18.03. ClamAV bundles a
    copy of the lzma-sdk with some performance changes specific to
    libclamav, plus select bug fixes like this one in lieu of a full
    upgrade to newer lzma-sdk.
    This issue affects all ClamAV versions at least as far back as 0.99.4.
  * Windows: Fixed a build install issue when a DLL dependency such as
    libcrypto has the exact same name as one provided by the Windows
    operating system.
- Renew clamav.keyring

- bsc#1243565: Add clamav-freshclam_test.patch to fix a race
  condition between the mockup servers started by different test
  cases in freshclam_test.py.

- bsc#1239957: Build with PIE.
- Eliminate some UTF-8 NBSP characters from the changes file.