Univention Bugzilla – Bug 55734
clamav: Multiple issues (5.0)
Last modified: 2023-02-23 16:55:08 CET
New Debian clamav 0.103.8+dfsg-0+deb10u1A~5.0.3.202302221419 fixes: This update addresses the following issues: 0.103.7+dfsg-0+deb10u1 (Sun, 04 Dec 2022 22:22:22 +0530) * Non-maintainer upload by the LTS team. * Import 0.103.7 - Update symbol file. * clamav (CVE-2023-20032) * clamav (CVE-2023-20052)
--- mirror/ftp/pool/main/c/clamav/clamav_0.103.7+dfsg-0+deb10u1A~5.0.3.202302012005.dsc +++ apt/ucs_5.0-0-errata5.0-3/source/clamav_0.103.8+dfsg-0+deb10u1A~5.0.3.202302221419.dsc @@ -1,7 +1,15 @@ -0.103.7+dfsg-0+deb10u1A~5.0.3.202302012005 [Wed, 01 Feb 2023 20:08:47 +0100] Univention builddaemon <buildd@univention.de>: +0.103.8+dfsg-0+deb10u1A~5.0.3.202302221419 [Wed, 22 Feb 2023 14:20:08 +0100] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package 030-silence-version-msg + +0.103.8+dfsg-0+deb10u1 [Mon, 20 Feb 2023 14:32:21 +0100] Emilio Pozuelo Monfort <pochu@debian.org>: + + * Non-maintainer upload by the LTS Team. + * New upstream release. + - CVE-2023-20032 (Possible RCE in the HFS+ file parser). + - CVE-2023-20052 (Possible information leak in the DMG file parser). + * Update symbols and clamav compatibility level. 0.103.7+dfsg-0+deb10u1 [Sun, 04 Dec 2022 22:22:22 +0530] Utkarsh Gupta <utkarsh@debian.org>: <http://piuparts.knut.univention.de/5.0-3/#5648212133727253239>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-3] ace9ef67db Bug #55734: clamav 0.103.8+dfsg-0+deb10u1A~5.0.3.202302221419 doc/errata/staging/clamav.yaml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) [5.0-3] 59dbd74137 Bug #55734: clamav 0.103.8+dfsg-0+deb10u1A~5.0.3.202302221419 doc/errata/staging/clamav.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x590>