[AUTOPATCHER-CORE] Upgrade clamav to 0.105.2 CVE-2023-20032 CVE-2023-20052 - (#4881)

* Upgrade clamav to 0.105.2 CVE-2023-20032

* Update sig for clamav's cargo tar.gz dependency

---------

Co-authored-by: corvus-callidus <108946721+corvus-callidus@users.noreply.github.com>

SPECS/clamav/clamav.signatures.json

@@ -1,6 +1,6 @@
 {
- "Signatures": {
-  "clamav-0.105.0.tar.gz": "dd84a07d411024bb08c2d90855921f955883e54619923ebe73abd57f8ca2614f",
-  "clamav-clamav-0.105.0-cargo.tar.gz": "108b1f863786798c6c04e40eb0e4b24561958548686a032c8c707d48b43436b6"
- }
-}
+  "Signatures": {
+    "clamav-0.105.2.tar.gz": "3827f6f22c08a83c52cd29f3562d780af6db65e825b0e0969608061209a90aa5",
+    "clamav-clamav-0.105.2-cargo.tar.gz": "a366df3c8525a68210baaa7bdcd2a2fd7684a7d8d4429214d1d787703e2880fd"
+  }
+}

SPECS/clamav/clamav.spec

@@ -1,7 +1,7 @@
 Summary:        Open source antivirus engine
 Name:           clamav
-Version:        0.105.0
-Release:        3%{?dist}
+Version:        0.105.2
+Release:        1%{?dist}
 License:        ASL 2.0 AND BSD AND bzip2-1.0.4 AND GPLv2 AND LGPLv2+ AND MIT AND Public Domain AND UnRar
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@@ -128,6 +128,9 @@ fi
 %dir %attr(-,clamav,clamav) %{_sharedstatedir}/clamav
 
 %changelog
+* Fri Feb 17 2023 corvus-callidus <108946721+corvus-callidus@users.noreply.github.com> - 0.105.2-1
+- Upgrade to 0.105.2 to fix CVE-2023-20032 and CVE-2023-20052
+
 * Wed Sep 07 2022 Olivia Crain <oliviacrain@microsoft.com> - 0.105.0-3
 - Add pre/postun requirements on shadow-utils
 

cgmanifest.json

@@ -1697,8 +1697,8 @@
         "type": "other",
         "other": {
           "name": "clamav",
-          "version": "0.105.0",
-          "downloadUrl": "https://github.com/Cisco-Talos/clamav/archive/refs/tags/clamav-0.105.0.tar.gz"
+          "version": "0.105.2",
+          "downloadUrl": "https://github.com/Cisco-Talos/clamav/archive/refs/tags/clamav-0.105.2.tar.gz"
         }
       }
     },
@@ -29447,4 +29447,4 @@
     }
   ],
   "Version": 1
-}
+}