pool/clamav
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add missing boo#

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=233
This commit is contained in:
Robert Frohl 2022-05-06 09:32:31 +00:00 committed by Git OBS Bridge
parent a2ea93b424
commit 42d69218c0
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
clamav.changes
View File

@ -4,19 +4,19 @@ Thu May 5 15:50:42 UTC 2022 - Arjen de Korte <suse+build@de-korte.org>
- Update to 0.103.6
* CVE-2022-20770: Fixed a possible infinite loop vulnerability in the CHM
file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS
version 0.103.5 and prior versions.
version 0.103.5 and prior versions. (boo#1199242)
* CVE-2022-20796: Fixed a possible NULL-pointer dereference crash in the
scan verdict cache check. Issue affects versions 0.103.4, 0.103.5,
0.104.1, and 0.104.2.
0.104.1, and 0.104.2. (boo#1199246)
* CVE-2022-20771: Fixed a possible infinite loop vulnerability in the
TIFF file parser. Issue affects versions 0.104.0 through 0.104.2 and
LTS version 0.103.5 and prior versions. The issue only occurs if the
"--alert-broken-media" ClamScan option is enabled. For ClamD, the
affected option is "AlertBrokenMedia yes", and for libclamav it is the
"CL_SCAN_HEURISTIC_BROKEN_MEDIA" scan option.
"CL_SCAN_HEURISTIC_BROKEN_MEDIA" scan option. (boo#1199244)
* CVE-2022-20785: Fixed a possible memory leak in the HTML file parser /
Javascript normalizer. Issue affects versions 0.104.0 through 0.104.2
and LTS version 0.103.5 and prior versions.
and LTS version 0.103.5 and prior versions. (boo#1199245)
* CVE-2022-20792: Fixed a possible multi-byte heap buffer overflow write
vulnerability in the signature database load module. The fix was to
update the vendored regex library to the latest version. Issue affects