SUSE-SU-2022:1644-1 -- SLES clamav, libclamav9, libfreshclam2| ID: oval:org.secpod.oval:def:89047545 | Date: (C)2022-11-04 (M)2023-11-13 |
| Class: PATCH | Family: unix |
This update for clamav fixes the following issues: - CVE-2022-20770: Fixed a possible infinite loop vulnerability in the CHM file parser . - CVE-2022-20796: Fixed a possible NULL-pointer dereference crash in the scan verdict cache check . - CVE-2022-20771: Fixed a possible infinite loop vulnerability in the TIFF file parser . - CVE-2022-20785: Fixed a possible memory leak in the HTML file parser / Javascript normalizer . - CVE-2022-20792: Fixed a possible multi-byte heap buffer overflow write vulnerability in the signature database load module .
| Platform: |
| SUSE Linux Enterprise Desktop 15 SP4 |
| SUSE Linux Enterprise Server 15 SP4 |
| SUSE Linux Enterprise Server 15 SP3 |
| SUSE Linux Enterprise Desktop 15 SP3 |
| Product: |
| clamav |
| libclamav9 |
| libfreshclam2 |
