pool/clamav
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
clamav/clamav-0.100.1.tar.gz
Andreas Stieger 1ca8804a22 Accepting request 622505 from home:EGDFree:branches:security 
- Update to version 0.100.1
  * CVE-2017-16932: Vulnerability in libxml2 dependency (affects
    ClamAV on Windows only).
  * CVE-2018-0360: HWP integer overflow, infinite loop
    vulnerability. Reported by Secunia Research at Flexera.
  * CVE-2018-0361: ClamAV PDF object length check, unreasonably
    long time to parse relatively small file. Reported by aCaB.
  * Buffer over-read in unRAR code due to missing max value checks
    in table initialization. Reported by Rui Reis.
  * Libmspack heap buffer over-read in CHM parser. Reported by
    Hanno Böck.
  * Buffer length checks when reading integers from non-NULL
    terminated strings.
  * Buffer length tracking when reading strings from dictionary
    objects.
  * HTTPS support for clamsubmit.
  * Fix for DNS resolution for users on IPv4-only machines where
    IPv6 is not available or is link-local only. Patch provided by
    Guilherme Benkenstein.

OBS-URL: https://build.opensuse.org/request/show/622505
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=168
2018-07-17 21:41:32 +00:00

4 lines
133 B
Plaintext
Raw Blame History

version https://git-lfs.github.com/spec/v1
oid sha256:84e026655152247de7237184ee13003701c40be030dd68e0316111049f58a59f
size 16154415
Reference in New Issue View Git Blame Copy Permalink