1c959d22c6
- Update to 0.102.3
* CVE-2020-3327: Fix a vulnerability in the ARJ archive parsing
module in ClamAV 0.102.2 that could cause a Denial-of-Service (DoS)
condition. Improper bounds checking of an unsigned variable results
in an out-of-bounds read which causes a crash.
* CVE-2020-3341: Fix a vulnerability in the PDF parsing module in
ClamAV 0.101 - 0.102.2 that could cause a Denial-of-Service (DoS)
condition. Improper size checking of a buffer used to initialize AES
decryption routines results in an out-of-bounds read which may cause
a crash.
* Fix "Attempt to allocate 0 bytes" error when parsing some PDF
documents.
* Fix a couple of minor memory leaks.
* Updated libclamunrar to UnRAR 5.9.2.
OBS-URL: https://build.opensuse.org/request/show/803374
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=205
|
||
|---|---|---|
| .gitattributes | ||
| .gitignore | ||
| clamav-0.102.3.tar.gz | ||
| clamav-0.102.3.tar.gz.sig | ||
| clamav-conf.patch | ||
| clamav-disable-timestamps.patch | ||
| clamav-disable-yara.patch | ||
| clamav-obsolete-config.patch | ||
| clamav-rpmlintrc | ||
| clamav-str-h.patch | ||
| clamav-tmpfiles.conf | ||
| clamav.changes | ||
| clamav.keyring | ||
| clamav.spec | ||
| service.clamav-milter | ||
| service.clamd | ||
| service.freshclam | ||