Sync clamav 0.103.2+dfsg-1 (main) from Debian unstable (main)
Bug #1923831 reported by
Utkarsh Gupta
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
clamav (Ubuntu) |
Fix Released
|
Critical
|
Utkarsh Gupta |
Bug Description
Please sync clamav 0.103.2+dfsg-1 (main) from Debian unstable (main).
The update fixes 3 new vulnerabilities and some other misc fixes.
IOW: it's probably important to update the package and hence the sync request
Changelog entries since current hirsute version 0.103.0+dfsg-3.1:
clamav (0.103.2+dfsg-1) unstable; urgency=medium
* Import 0.103.2
- CVE-2021-1252 (Fix for Excel XLM parser infinite loop.)
- CVE-2021-1404 (Fix for PDF parser buffer over-read; possible crash.)
- CVE-2021-1405 (Fix for mail parser NULL-dereference crash.)
- Update symbol file.
(Closes: #986622).
-- Sebastian Andrzej Siewior <email address hidden> Mon, 12 Apr 2021 21:31:08 +0200
To post a comment you must log in.
If it helps, upstream release blog: /blog.clamav. net/2021/ 04/clamav- 01032-security- patch-release. html
https:/