SUSE-SU-2018:2232-1 -- SLES clamavID: oval:org.secpod.oval:def:89002562 | Date: (C)2021-02-26 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small file - Buffer over-read in unRAR code due to missing max value checks in table initialization - Libmspack heap buffer over-read in CHM parser - PDF parser bugs The following other changes were made: - Disable YARA support for licensing reasons . - Add HTTPS support for clamsubmit - Fix for DNS resolution for users on IPv4-only machines where IPv6 is not available or is link-local only
Platform: |
SUSE Linux Enterprise Server 11 SP4 |