Publishing details

• Published on 2022-09-10

Changelog

clamav (0.103.6+dfsg-0+deb10u1) buster; urgency=medium

  * Import 0.103.6
    - CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file
      parser).
    - CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan
      verdict cache check).
    - CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file
      parser).
    - CVE-2022-20785 (Possible memory leak in the HTML file parser/
      Javascript normalizer).
    - CVE-2022-20792 (Possible multi-byte heap buffer overflow write
      vulnerability in the signature database load module.
    - Update symbol file.

 -- Sebastian Andrzej Siewior <email address hidden>  Thu, 26 May 2022 10:19:13 +0200

Builds

Package files

• clamav_0.103.6+dfsg-0+deb10u1.debian.tar.xz (214.2 KiB)
• clamav_0.103.6+dfsg-0+deb10u1.dsc (2.9 KiB)
• clamav_0.103.6+dfsg.orig.tar.xz (6.8 MiB)