SUSE-SU-2018:3250-1 -- SLES clamav, libclamav7, libclammspack0ID: oval:org.secpod.oval:def:89049750 | Date: (C)2023-12-20 (M)2023-12-20 |
Class: PATCH | Family: unix |
This update for clamav fixes the following issues: clamav was updated to version 0.100.2. Following security issues were fixed: - CVE-2018-15378: Vulnerability in ClamAV"s MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. - CVE-2018-14680, CVE-2018-14681, CVE-2018-14682: more fixes for embedded libmspack. Following non-security issues were addressed: - Make freshclam more robust against lagging signature mirrors. - On-Access "Extra Scanning", an opt-in minor feature of OnAccess scanning on Linux systems, has been disabled due to a known issue with resource cleanup OnAccessExtraScanning will be re-enabled in a future release when the issue is resolved. In the mean-time, users who enabled the feature in clamd.conf will see a warning informing them that the feature is not active. For details, see: https://bugzilla.clamav.net/show_bug.cgi?id=12048 - Restore exit code compatibility of freshclam with versions before 0.100.0 when the virus database is already up to date
Platform: |
SUSE Linux Enterprise Server 15 |
SUSE Linux Enterprise Desktop 15 |
Product: |
clamav |
libclamav7 |
libclammspack0 |