Описание
Security update for clamav
This update for clamav fixes the following issues:
-
CVE-2018-14679: Fixed off-by-one issue in embedded libmspack that could lead to denial of service (bsc#1103032).
-
Update to 0.103.4 (bsc#1192346).
-
Update to 0.103.3 (bsc#1188284).
Список пакетов
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
clamav-0.103.4-3.12.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
clamav-0.103.4-3.12.1
SUSE Linux Enterprise Server 12 SP5
clamav-0.103.4-3.12.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
clamav-0.103.4-3.12.1
Ссылки
- Link for SUSE-SU-2021:3853-1
- E-Mail link for SUSE-SU-2021:3853-1
- SUSE Security Ratings
- SUSE Bug 1103032
- SUSE Bug 1188284
- SUSE Bug 1192346
- SUSE CVE CVE-2018-14679 page
Описание
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).
Затронутые продукты
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:clamav-0.103.4-3.12.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:clamav-0.103.4-3.12.1
SUSE Linux Enterprise Server 12 SP5:clamav-0.103.4-3.12.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:clamav-0.103.4-3.12.1
Ссылки
- CVE-2018-14679
- SUSE Bug 1102922
- SUSE Bug 1103032
- SUSE Bug 1103040