Marcus Meissner
862d152324
- Update to version 0.101.2
* CVE-2019-1787:
An out-of-bounds heap read condition may occur when scanning PDF
documents. The defect is a failure to correctly keep track of the number
of bytes remaining in a buffer when indexing file data.
* CVE-2019-1789:
An out-of-bounds heap read condition may occur when scanning PE files
(i.e. Windows EXE and DLL files) that have been packed using Aspack as a
result of inadequate bound-checking.
* CVE-2019-1788:
An out-of-bounds heap write condition may occur when scanning OLE2 files
such as Microsoft Office 97-2003 documents. The invalid write happens when
an invalid pointer is mistakenly used to initialize a 32bit integer to
zero. This is likely to crash the application.
- added clamav-max_patch.patch to fix build
OBS-URL: https://build.opensuse.org/request/show/689169
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=181
12 lines
353 B
Diff
12 lines
353 B
Diff
--- libclamav/others_common.c.orig
|
|
+++ libclamav/others_common.c
|
|
@@ -855,7 +855,7 @@
|
|
size_t sanitized_index = 0;
|
|
char* sanitized_filepath = NULL;
|
|
|
|
- if((NULL == filepath) || (0 == filepath_len) || (MAX_PATH < filepath_len)) {
|
|
+ if((NULL == filepath) || (0 == filepath_len) || (PATH_MAX < filepath_len)) {
|
|
goto done;
|
|
}
|
|
|