bugzilla refs

OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=170

clamav.changes

@@ -7,24 +7,17 @@ Tue Jul 17 14:21:35 UTC 2018 - security@suse.com
 Tue Jul 10 08:06:33 UTC 2018 - egdfree@opensuse.org
 
 - Update to version 0.100.1
-  * CVE-2017-16932: Vulnerability in libxml2 dependency (affects
-    ClamAV on Windows only).
   * CVE-2018-0360: HWP integer overflow, infinite loop
-    vulnerability. Reported by Secunia Research at Flexera.
+    vulnerability (bsc#1101410)
-  * CVE-2018-0361: ClamAV PDF object length check, unreasonably
+  * CVE-2018-0361: PDF object length check, unreasonably long time
-    long time to parse relatively small file. Reported by aCaB.
+    to parse relatively small file (bsc#1101412) 
   * Buffer over-read in unRAR code due to missing max value checks
-    in table initialization. Reported by Rui Reis.
+    in table initialization
-  * Libmspack heap buffer over-read in CHM parser. Reported by
+  * Libmspack heap buffer over-read in CHM parser
-    Hanno Böck.
+  * PDF parser bugs
-  * Buffer length checks when reading integers from non-NULL
+  * Add HTTPS support for clamsubmit
-    terminated strings.
-  * Buffer length tracking when reading strings from dictionary
-    objects.
-  * HTTPS support for clamsubmit.
   * Fix for DNS resolution for users on IPv4-only machines where
-    IPv6 is not available or is link-local only. Patch provided by
+    IPv6 is not available or is link-local only
-    Guilherme Benkenstein.
 
 -------------------------------------------------------------------
 Thu Apr 26 15:35:15 UTC 2018 - max@suse.com