ClamAV vulnerability in all versions <0.100.1

Bug #1782695 reported by arunanc
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
clamav (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Denial of Service vulnerability in all ClamAV versions prior to 0.100.1

References:

https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/
https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html

Can we have this version bumped to?

arunanc (arunanc)
information type: Private Security → Public
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in clamav (Ubuntu):
status: New → Confirmed
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Thanks

This is being handled by the security team as we speak, and should be released in a few days. I'll close this bug when that happens.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

This was fixed with https://usn.ubuntu.com/3722-1/

Changed in clamav (Ubuntu):
status: Confirmed → Fix Released
Revision history for this message
arunanc (arunanc) wrote :

Thanks Andreas.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.