Sicherheit: Mehrere Probleme in clamav
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in clamav
ID: FEDORA-2020-dd0c20d985
Distribution: Fedora
Plattformen: Fedora 31
Datum: Di, 28. Juli 2020, 23:23
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3350
Applikationen: Clam Antivirus


Fedora Update Notification
2020-07-28 15:00:49.911952

Name : clamav
Product : Fedora 31
Version : 0.102.4
Release : 1.fc31
URL : https://www.clamav.net/
Summary : End-user tools for the Clam Antivirus scanner
Description :
Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this
software is the integration with mail servers (attachment scanning). The
package provides a flexible and scalable multi-threaded daemon, a command
line scanner, and a tool for automatic updating via Internet. The programs
are based on a shared library distributed with the Clam AntiVirus package,
which you can use with your own software. The virus database is based on
the virus database from OpenAntiVirus, but contains additional signatures
(including signatures for popular polymorphic viruses, too) and is KEPT UP

Update Information:

ClamAV 0.102.4 is a bug patch release to address the following issues:
CVE-2020-3350 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3350>
Fixed a vulnerability a malicious user could exploit to replace a scan
directory with a symlink to another path to trick clamscan, clamdscan, or
clamonacc into removing or moving a different file (such as a critical system
file). The issue would affect users that use the --move or --remove options for
clamscan, clamdscan and clamonacc. For more information about AV quarantine
attacks using links, see RACK911 Lab's report
software>. CVE-2020-3327 <https://cve.mitre.org/cgi-
bin/cvename.cgi?name=CVE-2020-3327> Fixed a vulnerability in the ARJ
parsing module in ClamAV 0.102.3 that could cause a denial-of-service (DoS)
condition. Improper bounds checking resulted in an out-of-bounds read that
cause a crash. The previous fix for this CVE in version 0.102.3 was incomplete.
This fix correctly resolves the issue. CVE-2020-3481
<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3481> Fixed a
vulnerability in the EGG archive module in ClamAV 0.102.0 - 0.102.3 that could
cause a denial-of-service (DoS) condition. Improper error handling could cause
crash due to a NULL pointer dereference. This vulnerability is mitigated for
those using the official ClamAV signature databases because the file type
signatures in daily.cvd will not enable the EGG archive parser in affected

* Fri Jul 17 2020 Orion Poplawski <orion@nwra.com> - 0.102.4-1
- Update to 0.102.4 (bz#1857867,1858262,1858263,1858265,1858266)
- Security fixes CVE-2020-3327 CVE-2020-3350 CVE-2020-3481
* Thu May 28 2020 Orion Poplawski <orion@nwra.com> - 0.102.3-2
- Update clamd README file (bz#1798369)

[ 1 ] Bug #1858261 - CVE-2020-3350 clamav: malicious user exploit to replace
scan target's directory with symlink
[ 2 ] Bug #1858264 - CVE-2020-3481 clamav: improper error handling causing
crash due to NULL pointer dereference

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-dd0c20d985' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Pro-Linux @Facebook
Neue Nachrichten