- Update to security release 0.99.3 (bsc#1077732)
* CVE-2017-12376 (ClamAV Buffer Overflow in handle_pdfname Vulnerability)
* CVE-2017-12377 (ClamAV Mew Packet Heap Overflow Vulnerability)
* CVE-2017-12379 (ClamAV Buffer Overflow in messageAddArgument Vulnerability)
- these vulnerabilities could have allowed an unauthenticated,
remote attacker to cause a denial of service (DoS) condition
or potentially execute arbitrary code on an affected device.
* CVE-2017-12374 (ClamAV use-after-free Vulnerabilities)
* CVE-2017-12375 (ClamAV Buffer Overflow Vulnerability)
* CVE-2017-12378 (ClamAV Buffer Over Read Vulnerability)
* CVE-2017-12380 (ClamAV Null Dereference Vulnerability)
- these vulnerabilities could have allowed an unauthenticated,
remote attacker to cause a denial of service (DoS) condition on an affected device.
* CVE-2017-6420 (bsc#1052448)
- this vulnerability allowed remote attackers to cause a denial of service
(use-after-free) via a crafted PE file with WWPack compression.
* CVE-2017-6419 (bsc#1052449)
- ClamAV allowed remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly
have unspecified other impact via a crafted CHM file.
* CVE-2017-11423 (bsc#1049423)
- The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha
allowed remote attackers to cause a denial of service
(stack-based buffer over-read and application crash) via a crafted CAB file.
* CVE-2017-6418 (bsc#1052466)
- ClamAV 0.99.2 allowed remote attackers to cause a denial
of service (out-of-bounds read) via a crafted e-mail message.
- drop clamav-0.99.2-openssl-1.1.patch (upstream)
OBS-URL: https://build.opensuse.org/request/show/569976
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=151
other bug fixes/improvements:
* Fix crash in upx decoder with crafted file. Discovered and
patch supplied by Sebastian Andrzej Siewior. CVE-2015-2170.
* Fix infinite loop condition on crafted y0da cryptor
file. Identified and patch suggested by Sebastian Andrzej
Siewior. CVE-2015-2221.
* Fix crash on crafted petite packed file. Reported and patch
supplied by Sebastian Andrzej Siewior. CVE-2015-2222.
* Fix an infinite loop condition on a crafted "xz" archive file.
This was reported by Dimitri Kirchner and Goulven Guiheux.
CVE-2015-2668.
* Apply upstream patch for possible heap overflow in Henry
Spencer's regex library. CVE-2015-2305.
* Fix false negatives on files within iso9660 containers. This
issue was reported by Minzhuan Gong.
* Fix a couple crashes on crafted upack packed file. Identified
and patches supplied by Sebastian Andrzej Siewior.
* Fix a crash during algorithmic detection on crafted PE file.
Identified and patch supplied by Sebastian Andrzej Siewior.
* Fix compilation error after ./configure --disable-pthreads.
Reported and fix suggested by John E. Krokes.
* Fix segfault scanning certain HTML files. Reported with sample
by Kai Risku.
* Improve detections within xar/pkg files.
* Improvements to PDF processing: decryption, escape sequence
handling, and file property collection.
* Scanning/analysis of additional Microsoft Office 2003 XML
format.
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=117
* bsc#916217, CVE-2015-1461: Remote attackers can have
unspecified impact via Yoda's crypter or mew packer files.
* bsc#916214, CVE-2015-1462: Unspecified impact via acrafted upx
packer file.
* bsc#916215, CVE-2015-1463: Remote attackers can cause a denial
of service via a crafted petite packer file.
* bsc#915512, CVE-2014-9328: heap out of bounds condition with
crafted upack packer files.
- Obsoletes clamav-soname.patch
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=115
* remove copy of wxWidgets (halves the size of the tarball).
* Decompression and scanning of files in "Xz" compression
format.
* Extraction, decompression, and scanning of files within Apple
Disk Image (DMG) format.
* Extraction, decompression, and scanning of files within
Extensible Archive (XAR) format. XAR format is commonly used
for software packaging, such as PKG and RPM, as well as
general archival.
* Improvements and fixes to extraction and scanning of ole
formats.
* Option to force all scanned data to disk.
* Various improvements to ClamAV configuration, support of third
party libraries, and unit tests.
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=87
- update to 0.95.5 [bnc#767574]
- addresses possible evasion cases in some archive formats
- CVE-2012-1457: allows to bypass malware detection via a TAR archive
entry with a length field that exceeds the total TAR file size
- CVE-2012-1458: allows to bypass malware detection via a crafted
reset interval in the LZXC header of a CHM file
- CVE-2012-1459: allows to bypass malware detection via a TAR archive
entry with a length field corresponding to that entire entry, plus
part of the header of the next entry
- also addresses stability issues in portions of the bytecode engine
- update clamav-conf.patch for moved lines
- add a definitions snapshot as {main,daily}.cvd no longer in tarball
- fix file-contains-date-and-time rpmlint warning
OBS-URL: https://build.opensuse.org/request/show/125380
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=62
- New version 0.97.4
* libclamav/bytecode.c: reset to BYTECODE_AUTO mode at db reload
so that we don't fail to re-enable or re-disable it again
(bb#3789)
* misc: performance improvement for HP-UX PA-RISC - patch from
Michael Pelletier <michael.v.pelletier*raytheon.com>
(bb#3926)
* libclamav/pe.c: parse vinfo where varfileinfo occours before
stringfileinfo (bb#3062)
* clamd: add support for on-access scanning on OS X with ClamAuth
(beta)
* libclamav/bytecode_api*: Fix Sparc crash (bb #4324)
* libclamav: fix bytecode whitelisting
* libclamav: fix macro detection in OLE2BlockMacros (bb#4269)
* libclamav/readdb.c: allow comments in all db files (bb#3930)
* libclamav/scanners.c: use lsigs when scanning vba data (bb#3922)
* libclamav/matcher-hash.c: Fix SIGBUS on PA-RISC (big-endian)
architectures (bb #3894).
OBS-URL: https://build.opensuse.org/request/show/109812
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=58
