pool/clamav
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* CVE-2019-1786:

Browse Source 
An out-of-bounds heap read condition may occur when scanning malformed
    PDF documents as a result of improper bounds-checking.
  * CVE-2019-1785:
    A path-traversal write condition may occur as a result of improper
    input validation when scanning RAR archives.
  * CVE-2019-1798:
    A use-after-free condition may occur as a result of improper error
    handling when scanning nested RAR archives.
  * Add missing headers to fix build of packages against libclamav.

OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=184
This commit is contained in:
Reinhard Max 2019-03-29 12:01:14 +00:00 committed by Git OBS Bridge
parent e170693bea
commit b5b97e006a
2 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
clamav.changes
View File

@ -15,6 +15,16 @@ Wed Mar 27 17:30:05 UTC 2019 - Andrey Karepin <egdfree@opensuse.org>
such as Microsoft Office 97-2003 documents. The invalid write happens when
an invalid pointer is mistakenly used to initialize a 32bit integer to
zero. This is likely to crash the application.
* CVE-2019-1786:
An out-of-bounds heap read condition may occur when scanning malformed
PDF documents as a result of improper bounds-checking.
* CVE-2019-1785:
A path-traversal write condition may occur as a result of improper
input validation when scanning RAR archives.
* CVE-2019-1798:
A use-after-free condition may occur as a result of improper error
handling when scanning nested RAR archives.
- added clamav-max_patch.patch to fix build
- dropped clamav-freshclam-exit.patch
@ -22,7 +32,7 @@ Wed Mar 27 17:30:05 UTC 2019 - Andrey Karepin <egdfree@opensuse.org>
Mon Jan 21 17:30:15 UTC 2019 - Reinhard Max <max@suse.com>
- Update to version 0.101.1:
* more details will be added later
* Add missing headers to fix build of packages against libclamav.
- Add missing include for str.h to libclamav/others_common.c
(clamav-str-h.patch)

2
clamav.spec
View File

@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#