Andreas Stieger
1ca8804a22
- Update to version 0.100.1
* CVE-2017-16932: Vulnerability in libxml2 dependency (affects
ClamAV on Windows only).
* CVE-2018-0360: HWP integer overflow, infinite loop
vulnerability. Reported by Secunia Research at Flexera.
* CVE-2018-0361: ClamAV PDF object length check, unreasonably
long time to parse relatively small file. Reported by aCaB.
* Buffer over-read in unRAR code due to missing max value checks
in table initialization. Reported by Rui Reis.
* Libmspack heap buffer over-read in CHM parser. Reported by
Hanno Böck.
* Buffer length checks when reading integers from non-NULL
terminated strings.
* Buffer length tracking when reading strings from dictionary
objects.
* HTTPS support for clamsubmit.
* Fix for DNS resolution for users on IPv4-only machines where
IPv6 is not available or is link-local only. Patch provided by
Guilherme Benkenstein.
OBS-URL: https://build.opensuse.org/request/show/622505
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=168
|
||
|---|---|---|
| .gitattributes | ||
| .gitignore | ||
| clamav-0.100.1.tar.gz | ||
| clamav-0.100.1.tar.gz.sig | ||
| clamav-conf.patch | ||
| clamav-disable-timestamps.patch | ||
| clamav-obsolete-config.patch | ||
| clamav-rpmlintrc | ||
| clamav-tmpfiles.conf | ||
| clamav.changes | ||
| clamav.keyring | ||
| clamav.spec | ||
| service.clamav-milter | ||
| service.clamd | ||
| service.freshclam | ||