SUSE-SU-2018:2323-1 -- SLES clamavID: oval:org.secpod.oval:def:89002127 | Date: (C)2021-02-25 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small file - CVE-2018-1000085: Fixed a out-of-bounds heap read in XAR parser - CVE-2018-14679: Libmspack heap buffer over-read in CHM parser - Buffer over-read in unRAR code due to missing max value checks in table initialization - PDF parser bugs The following other changes were made: - Disable YARA support for licensing reasons . - Add HTTPS support for clamsubmit - Fix for DNS resolution for users on IPv4-only machines where IPv6 is not available or is link-local only
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |