Dominique Leuenberger
d88a0e4e4c
- Update to version 0.101.2 (bsc#1130721)
* CVE-2019-1787:
An out-of-bounds heap read condition may occur when scanning PDF
documents. The defect is a failure to correctly keep track of the number
of bytes remaining in a buffer when indexing file data.
* CVE-2019-1789:
An out-of-bounds heap read condition may occur when scanning PE files
(i.e. Windows EXE and DLL files) that have been packed using Aspack as a
result of inadequate bound-checking.
* CVE-2019-1788:
An out-of-bounds heap write condition may occur when scanning OLE2 files
such as Microsoft Office 97-2003 documents. The invalid write happens when
an invalid pointer is mistakenly used to initialize a 32bit integer to
zero. This is likely to crash the application.
* CVE-2019-1786:
An out-of-bounds heap read condition may occur when scanning malformed
PDF documents as a result of improper bounds-checking.
* CVE-2019-1785:
A path-traversal write condition may occur as a result of improper
input validation when scanning RAR archives.
* CVE-2019-1798:
A use-after-free condition may occur as a result of improper error
handling when scanning nested RAR archives.
- added clamav-max_patch.patch to fix build
- dropped clamav-freshclam-exit.patch
- Update to version 0.101.1:
* Add missing headers to fix build of packages against libclamav.
- Add missing include for str.h to libclamav/others_common.c
(clamav-str-h.patch)
OBS-URL: https://build.opensuse.org/request/show/689824
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/clamav?expand=0&rev=97