drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in clamav
| Name: |
Mehrere Probleme in clamav |
|
| ID: |
SUSE-SU-2025:0327-1 |
|
| Distribution: |
SUSE |
|
| Plattformen: |
SUSE Linux Enterprise Desktop 15 SP6, SUSE Linux Enterprise Server for SAP Applications 15 SP6, SUSE Linux Enterprise Server 15 SP6, SUSE Linux Enterprise Real Time 15 SP6, SUSE openSUSE Leap 15.6, SUSE Basesystem Module 15-SP6 |
|
| Datum: |
Mo, 3. Februar 2025, 16:07 |
|
| Referenzen: |
https://www.cve.org/CVERecord?id=CVE-2024-20505
https://www.cve.org/CVERecord?id=CVE-2025-20128
https://www.cve.org/CVERecord?id=CVE-2018-14679
https://www.cve.org/CVERecord?id=CVE-2023-20197
https://www.cve.org/CVERecord?id=CVE-2024-20506
https://www.cve.org/CVERecord?id=CVE-2024-20380 |
|
| Applikationen: |
Clam Antivirus |
|
Originalnachricht |
--===============0362316222650648154==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
# Security update for clamav
Announcement ID: SUSE-SU-2025:0327-1
Release Date: 2025-02-03T09:39:44Z
Rating: important
References:
* bsc#1102840
* bsc#1103032
* bsc#1180296
* bsc#1202986
* bsc#1211594
* bsc#1214342
* bsc#1232242
* bsc#1236307
* jsc#PED-4596
Cross-References:
* CVE-2018-14679
* CVE-2023-20197
* CVE-2024-20380
* CVE-2024-20505
* CVE-2024-20506
* CVE-2025-20128
CVSS scores:
* CVE-2018-14679 ( SUSE ): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
* CVE-2018-14679 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-20197 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-20197 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-20380 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-20505 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-20505 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-20505 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-20505 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-20506 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2024-20506 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
* CVE-2024-20506 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2024-20506 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-20128 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-20128 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-20128 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-20128 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products:
* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves six vulnerabilities, contains one feature and has two
security fixes can now be installed.
## Description:
This update for clamav fixes the following issues:
New version 1.4.2:
* CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow read bug in
the OLE2 file parser that could cause a denial-of-service (DoS) condition.
* Start clamonacc with --fdpass to avoid errors due to clamd not being able
to
access user files. (bsc#1232242)
* New version 1.4.1:
* https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html
* New version 1.4.0:
* Added support for extracting ALZ archives.
* Added support for extracting LHA/LZH archives.
* Added the ability to disable image fuzzy hashing, if needed. For context,
image fuzzy hashing is a detection mechanism useful for identifying malware
by matching images included with the malware or phishing email/document.
* https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html
* New version 1.3.2:
* CVE-2024-20506: Changed the logging module to disable following symlinks on
Linux and Unix systems so as to prevent an attacker with existing access to
the 'clamd' or 'freshclam' services from using a symlink to
corrupt system
files.
* CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file
parser that could cause a denial-of-service condition.
* Removed unused Python modules from freshclam tests including deprecated
'cgi' module that is expected to cause test failures in Python
3.13.
* Fix unit test caused by expiring signing certificate.
* Fixed a build issue on Windows with newer versions of Rust. Also upgraded
GitHub Actions imports to fix CI failures.
* Fixed an unaligned pointer dereference issue on select architectures.
* Fixes to Jenkins CI pipeline.
* New Version: 1.3.1:
* CVE-2024-20380: Fixed a possible crash in the HTML file parser that could
cause a denial-of-service (DoS) condition.
* Updated select Rust dependencies to the latest versions.
* Fixed a bug causing some text to be truncated when converting from UTF-16.
* Fixed assorted complaints identified by Coverity static analysis.
* Fixed a bug causing CVDs downloaded by the DatabaseCustomURL
* Added the new 'valhalla' database name to the list of optional
databases in
preparation for future work.
* New version: 1.3.0:
* Added support for extracting and scanning attachments found in Microsoft
OneNote section files. OneNote parsing will be enabled by default, but may
be optionally disabled.
* Added file type recognition for compiled Python ('.pyc') files.
* Improved support for decrypting PDFs with empty passwords.
* Fixed a warning when scanning some HTML files.
* ClamOnAcc: Fixed an infinite loop when a watched directory does not exist.
* ClamOnAcc: Fixed an infinite loop when a file has been deleted before a
scan.
* New version: 1.2.0:
* Added support for extracting Universal Disk Format (UDF) partitions.
* Added an option to customize the size of ClamAV's clean file cache.
* Raised the MaxScanSize limit so the total amount of data scanned when
scanning a file or archive may exceed 4 gigabytes.
* Added ability for Freshclam to use a client certificate PEM file and a
private key PEM file for authentication to a private mirror.
* Fix an issue extracting files from ISO9660 partitions where the files are
listed in the plain ISO tree and there also exists an empty Joliet tree.
* PID and socket are now located under /run/clamav/clamd.pid and
/run/clamav/clamd.sock .
* bsc#1211594: Fixed an issue where ClamAV does not abort the signature load
process after partially loading an invalid signature.
* New version 1.1.0:
* https://blog.clamav.net/2023/05/clamav-110-released.html
* Added the ability to extract images embedded in HTML CSS <style>
blocks.
* Updated to Sigtool so that the '\--vba' option will extract VBA
code from
Microsoft Office documents the same way that libclamav extracts VBA.
* Added a new option --fail-if-cvd-older-than=days to clamscan and clamd, and
FailIfCvdOlderThan to clamd.conf
* Added a new function 'cl_cvdgetage()' to the libclamav API.
* Added a new function 'cl_engine_set_clcb_vba()' to the libclamav
API.
* bsc#1180296: Integrate clamonacc as a service.
* New version 1.0.1 LTS (including changes in 0.104 and 0.105):
* As of ClamAV 0.104, CMake is required to build ClamAV.
* As of ClamAV 0.105, Rust is now required to compile ClamAV.
* Increased the default limits for file and scan size:
* MaxScanSize: 100M to 400M
* MaxFileSize: 25M to 100M
* StreamMaxLength: 25M to 100M
* PCREMaxFileSize: 25M to 100M
* MaxEmbeddedPE: 10M to 40M
* MaxHTMLNormalize: 10M to 40M
* MaxScriptNormalize: 5M to 20M
* MaxHTMLNoTags: 2M to 8M
* Added image fuzzy hash subsignatures for logical signatures.
* Support for decrypting read-only OLE2-based XLS files that are encrypted
with the default password.
* Overhauled the implementation of the all-match feature.
* Added a new callback to the public API for inspecting file content during a
scan at each layer of archive extraction.
* Added a new function to the public API for unpacking CVD signature
archives.
* The option to build with an external TomsFastMath library has been removed.
ClamAV requires non-default build options for TomsFastMath to support
bigger
floating point numbers.
* For a full list of changes see the release announcements:
* https://blog.clamav.net/2022/11/clamav-100-lts-released.html
* https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html
* https://blog.clamav.net/2021/09/clamav-01040-released.html
* Build clamd with systemd support.
* CVE-2023-20197: Fixed a possible denial of service vulnerability in the
HFS+
file parser. (bsc#1214342)
* CVE-2018-14679: Fixed that an issue was discovered in mspack/chmd.c in
libmspack before 0.7alpha. There isan off-by-one error in the CHM PMGI/PMGL
chunk number validity checks, which could lead to denial of service
(uninitialized da (bsc#1103032)
* Package huge .html documentation in a separate subpackage.
* Update to 0.103.7 (bsc#1202986)
* Zip parser: tolerate 2-byte overlap in file entries
* Fix bug with logical signature Intermediates feature
* Update to UnRAR v6.1.7
* Patch UnRAR: allow skipping files in solid archives
* Patch UnRAR: limit dict winsize to 1GB
* Use a split-provides for clamav-milter instead of recommending it.
* Package clamav-milter in a subpackage
* Remove virus signatures upon uninstall
* Check for database existence before starting clamd
* Restart clamd when it exits
* Don't daemonize freshclam, but use a systemd timer instead to trigger
updates
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2025-327=1 openSUSE-SLE-15.6-2025-327=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-327=1
## Package List:
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* clamav-1.4.2-150600.18.6.1
* libfreshclam3-debuginfo-1.4.2-150600.18.6.1
* libclamav12-1.4.2-150600.18.6.1
* clamav-devel-1.4.2-150600.18.6.1
* libclammspack0-debuginfo-1.4.2-150600.18.6.1
* clamav-debuginfo-1.4.2-150600.18.6.1
* libfreshclam3-1.4.2-150600.18.6.1
* libclamav12-debuginfo-1.4.2-150600.18.6.1
* clamav-debugsource-1.4.2-150600.18.6.1
* libclammspack0-1.4.2-150600.18.6.1
* clamav-milter-debuginfo-1.4.2-150600.18.6.1
* clamav-milter-1.4.2-150600.18.6.1
* openSUSE Leap 15.6 (noarch)
* clamav-docs-html-1.4.2-150600.18.6.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* clamav-1.4.2-150600.18.6.1
* libfreshclam3-debuginfo-1.4.2-150600.18.6.1
* libclamav12-1.4.2-150600.18.6.1
* clamav-devel-1.4.2-150600.18.6.1
* libclammspack0-debuginfo-1.4.2-150600.18.6.1
* clamav-debuginfo-1.4.2-150600.18.6.1
* libfreshclam3-1.4.2-150600.18.6.1
* libclamav12-debuginfo-1.4.2-150600.18.6.1
* clamav-debugsource-1.4.2-150600.18.6.1
* libclammspack0-1.4.2-150600.18.6.1
* clamav-milter-debuginfo-1.4.2-150600.18.6.1
* clamav-milter-1.4.2-150600.18.6.1
* Basesystem Module 15-SP6 (noarch)
* clamav-docs-html-1.4.2-150600.18.6.1
## References:
* https://www.suse.com/security/cve/CVE-2018-14679.html
* https://www.suse.com/security/cve/CVE-2023-20197.html
* https://www.suse.com/security/cve/CVE-2024-20380.html
* https://www.suse.com/security/cve/CVE-2024-20505.html
* https://www.suse.com/security/cve/CVE-2024-20506.html
* https://www.suse.com/security/cve/CVE-2025-20128.html
* https://bugzilla.suse.com/show_bug.cgi?id=1102840
* https://bugzilla.suse.com/show_bug.cgi?id=1103032
* https://bugzilla.suse.com/show_bug.cgi?id=1180296
* https://bugzilla.suse.com/show_bug.cgi?id=1202986
* https://bugzilla.suse.com/show_bug.cgi?id=1211594
* https://bugzilla.suse.com/show_bug.cgi?id=1214342
* https://bugzilla.suse.com/show_bug.cgi?id=1232242
* https://bugzilla.suse.com/show_bug.cgi?id=1236307
* https://jira.suse.com/browse/PED-4596
--===============0362316222650648154==
Content-Type: text/html; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
<div class="container">
<h1>Security update for clamav</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2025:0327-1</td>
</tr>
<tr>
<th>Release Date:</th>
<td>2025-02-03T09:39:44Z</td>
</tr>
<tr>
<th>Rating:</th>
<td>important</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1102840">bsc#1102840</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1103032">bsc#1103032</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1180296">bsc#1180296</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1202986">bsc#1202986</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211594">bsc#1211594</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1214342">bsc#1214342</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1232242">bsc#1232242</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1236307">bsc#1236307</a>
</li>
<li style="display: inline;">
<a href="https://jira.suse.com/browse/PED-4596">jsc#PED-4596</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2018-14679.html">CVE-2018-14679</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-20197.html">CVE-2023-20197</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-20380.html">CVE-2024-20380</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-20505.html">CVE-2024-20505</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-20506.html">CVE-2024-20506</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-20128.html">CVE-2025-20128</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span
class="cvss-reference">CVE-2018-14679</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">4.4</span>
<span
class="cvss-vector">CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2018-14679</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">6.5</span>
<span
class="cvss-vector">CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2023-20197</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">7.5</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2023-20197</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">7.5</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2024-20380</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">7.5</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2024-20505</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">8.7</span>
<span
class="cvss-vector">CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2024-20505</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">7.5</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2024-20505</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">4.0</span>
<span
class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2024-20505</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">7.5</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2024-20506</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">6.8</span>
<span
class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2024-20506</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">6.5</span>
<span
class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2024-20506</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">6.1</span>
<span
class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2024-20506</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">6.1</span>
<span
class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-20128</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">6.8</span>
<span
class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-20128</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">5.5</span>
<span
class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-20128</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">5.3</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-20128</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">5.3</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">Basesystem
Module 15-SP6</li>
<li class="list-group-item">openSUSE Leap
15.6</li>
<li class="list-group-item">SUSE Linux
Enterprise Desktop 15 SP6</li>
<li class="list-group-item">SUSE Linux
Enterprise Real Time 15 SP6</li>
<li class="list-group-item">SUSE Linux
Enterprise Server 15 SP6</li>
<li class="list-group-item">SUSE Linux
Enterprise Server for SAP Applications 15 SP6</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves six vulnerabilities, contains one feature
and has two security fixes can now be installed.</p>
<h2>Description:</h2>
<p>This update for clamav fixes the following issues:</p>
<p>New version 1.4.2:</p>
<ul>
<li>
<p>CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow
read bug in the OLE2 file parser that could cause a
denial-of-service (DoS) condition. </p>
</li>
<li>
<p>Start clamonacc with --fdpass to avoid errors due to
clamd not being able to access user files. (bsc#1232242)</p>
</li>
<li>
<p>New version 1.4.1:</p>
</li>
<li>
<p>https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html</p>
</li>
<li>
<p>New version 1.4.0:</p>
</li>
<li>
<p>Added support for extracting ALZ archives.</p>
</li>
<li>Added support for extracting LHA/LZH archives.</li>
<li>Added the ability to disable image fuzzy hashing, if needed.
For context, image fuzzy hashing is a detection mechanism
useful for identifying malware by matching images included with
the malware or phishing email/document.</li>
<li>
<p>https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html</p>
</li>
<li>
<p>New version 1.3.2:</p>
</li>
<li>
<p>CVE-2024-20506: Changed the logging module to disable following
symlinks on Linux and Unix systems so as to prevent an attacker
with existing access to the 'clamd' or
'freshclam' services from
using a symlink to corrupt system files.</p>
</li>
<li>CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF
file parser that could cause a denial-of-service condition.</li>
<li>Removed unused Python modules from freshclam tests including
deprecated 'cgi' module that is expected to cause test
failures in
Python 3.13.</li>
<li>Fix unit test caused by expiring signing certificate.</li>
<li>Fixed a build issue on Windows with newer versions of Rust. Also
upgraded GitHub Actions imports to fix CI failures.</li>
<li>Fixed an unaligned pointer dereference issue on select
architectures.</li>
<li>
<p>Fixes to Jenkins CI pipeline.</p>
</li>
<li>
<p>New Version: 1.3.1:</p>
</li>
<li>
<p>CVE-2024-20380: Fixed a possible crash in the HTML file parser
that could cause a denial-of-service (DoS) condition.</p>
</li>
<li>Updated select Rust dependencies to the latest versions.</li>
<li>Fixed a bug causing some text to be truncated when converting
from UTF-16.</li>
<li>Fixed assorted complaints identified by Coverity static
analysis.</li>
<li>Fixed a bug causing CVDs downloaded by the
DatabaseCustomURL</li>
<li>
<p>Added the new 'valhalla' database name to the list
of optional
databases in preparation for future work.</p>
</li>
<li>
<p>New version: 1.3.0:</p>
</li>
<li>
<p>Added support for extracting and scanning attachments found in
Microsoft OneNote section files. OneNote parsing will be
enabled by default, but may be optionally disabled.</p>
</li>
<li>Added file type recognition for compiled Python
('.pyc') files.</li>
<li>Improved support for decrypting PDFs with empty passwords.</li>
<li>Fixed a warning when scanning some HTML files.</li>
<li>ClamOnAcc: Fixed an infinite loop when a watched directory
does not exist.</li>
<li>
<p>ClamOnAcc: Fixed an infinite loop when a file has been deleted
before a scan.</p>
</li>
<li>
<p>New version: 1.2.0:</p>
</li>
<li>
<p>Added support for extracting Universal Disk Format (UDF)
partitions.</p>
</li>
<li>Added an option to customize the size of ClamAV's clean file
cache.</li>
<li>Raised the MaxScanSize limit so the total amount of data
scanned when scanning a file or archive may exceed 4 gigabytes.</li>
<li>Added ability for Freshclam to use a client certificate PEM
file and a private key PEM file for authentication to a private
mirror.</li>
<li>Fix an issue extracting files from ISO9660 partitions where the
files are listed in the plain ISO tree and there also exists an
empty Joliet tree.</li>
<li>PID and socket are now located under /run/clamav/clamd.pid and
/run/clamav/clamd.sock .</li>
<li>
<p>bsc#1211594: Fixed an issue where ClamAV does not abort the
signature load process after partially loading an invalid
signature.</p>
</li>
<li>
<p>New version 1.1.0:</p>
</li>
<li>
<p>https://blog.clamav.net/2023/05/clamav-110-released.html</p>
</li>
<li>Added the ability to extract images embedded in HTML CSS
<style> blocks.</li>
<li>Updated to Sigtool so that the '--vba' option will
extract VBA
code from Microsoft Office documents the same way that
libclamav extracts VBA.</li>
<li>Added a new option --fail-if-cvd-older-than=days to clamscan
and clamd, and FailIfCvdOlderThan to clamd.conf</li>
<li>Added a new function 'cl_cvdgetage()' to the
libclamav API.</li>
<li>Added a new function 'cl_engine_set_clcb_vba()' to
the
libclamav API.</li>
<li>bsc#1180296: Integrate clamonacc as a service.</li>
<li>New version 1.0.1 LTS (including changes in 0.104 and
0.105):</li>
<li>As of ClamAV 0.104, CMake is required to build ClamAV.</li>
<li>As of ClamAV 0.105, Rust is now required to compile
ClamAV.</li>
<li>Increased the default limits for file and scan size:<ul>
<li>MaxScanSize: 100M to 400M</li>
<li>MaxFileSize: 25M to 100M</li>
<li>StreamMaxLength: 25M to 100M</li>
<li>PCREMaxFileSize: 25M to 100M</li>
<li>MaxEmbeddedPE: 10M to 40M</li>
<li>MaxHTMLNormalize: 10M to 40M</li>
<li>MaxScriptNormalize: 5M to 20M</li>
<li>MaxHTMLNoTags: 2M to 8M</li>
</ul>
</li>
<li>Added image fuzzy hash subsignatures for logical
signatures.</li>
<li>Support for decrypting read-only OLE2-based XLS files that are
encrypted with the default password.</li>
<li>Overhauled the implementation of the all-match feature.</li>
<li>Added a new callback to the public API for inspecting file
content during a scan at each layer of archive extraction.</li>
<li>Added a new function to the public API for unpacking CVD
signature archives.</li>
<li>The option to build with an external TomsFastMath library has
been removed. ClamAV requires non-default build options for
TomsFastMath to support bigger floating point numbers.</li>
<li>For a full list of changes see the release announcements:<ul>
<li>https://blog.clamav.net/2022/11/clamav-100-lts-released.html</li>
<li>https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html</li>
<li>https://blog.clamav.net/2021/09/clamav-01040-released.html</li>
</ul>
</li>
<li>
<p>Build clamd with systemd support.</p>
</li>
<li>
<p>CVE-2023-20197: Fixed a possible denial of service vulnerability in
the HFS+ file parser. (bsc#1214342)</p>
</li>
<li>
<p>CVE-2018-14679: Fixed that an issue was discovered in mspack/chmd.c
in libmspack before 0.7alpha. There isan off-by-one error in the CHM
PMGI/PMGL chunk number validity checks, which could lead to denial of
service (uninitialized da (bsc#1103032)</p>
</li>
<li>
<p>Package huge .html documentation in a separate subpackage.</p>
</li>
<li>
<p>Update to 0.103.7 (bsc#1202986)</p>
</li>
<li>
<p>Zip parser: tolerate 2-byte overlap in file entries</p>
</li>
<li>Fix bug with logical signature Intermediates feature</li>
<li>Update to UnRAR v6.1.7</li>
<li>Patch UnRAR: allow skipping files in solid archives</li>
<li>
<p>Patch UnRAR: limit dict winsize to 1GB</p>
</li>
<li>
<p>Use a split-provides for clamav-milter instead of recommending
it.</p>
</li>
<li>Package clamav-milter in a subpackage</li>
<li>Remove virus signatures upon uninstall</li>
<li>Check for database existence before starting clamd</li>
<li>Restart clamd when it exits</li>
<li>Don't daemonize freshclam, but use a systemd timer instead
to
trigger updates</li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper
patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
openSUSE Leap 15.6
<br/>
<code>zypper in -t patch SUSE-2025-327=1
openSUSE-SLE-15.6-2025-327=1</code>
</li>
<li class="list-group-item">
Basesystem Module 15-SP6
<br/>
<code>zypper in -t patch
SUSE-SLE-Module-Basesystem-15-SP6-2025-327=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
<ul>
<li>clamav-1.4.2-150600.18.6.1</li>
<li>libfreshclam3-debuginfo-1.4.2-150600.18.6.1</li>
<li>libclamav12-1.4.2-150600.18.6.1</li>
<li>clamav-devel-1.4.2-150600.18.6.1</li>
<li>libclammspack0-debuginfo-1.4.2-150600.18.6.1</li>
<li>clamav-debuginfo-1.4.2-150600.18.6.1</li>
<li>libfreshclam3-1.4.2-150600.18.6.1</li>
<li>libclamav12-debuginfo-1.4.2-150600.18.6.1</li>
<li>clamav-debugsource-1.4.2-150600.18.6.1</li>
<li>libclammspack0-1.4.2-150600.18.6.1</li>
<li>clamav-milter-debuginfo-1.4.2-150600.18.6.1</li>
<li>clamav-milter-1.4.2-150600.18.6.1</li>
</ul>
</li>
<li>
openSUSE Leap 15.6 (noarch)
<ul>
<li>clamav-docs-html-1.4.2-150600.18.6.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
<ul>
<li>clamav-1.4.2-150600.18.6.1</li>
<li>libfreshclam3-debuginfo-1.4.2-150600.18.6.1</li>
<li>libclamav12-1.4.2-150600.18.6.1</li>
<li>clamav-devel-1.4.2-150600.18.6.1</li>
<li>libclammspack0-debuginfo-1.4.2-150600.18.6.1</li>
<li>clamav-debuginfo-1.4.2-150600.18.6.1</li>
<li>libfreshclam3-1.4.2-150600.18.6.1</li>
<li>libclamav12-debuginfo-1.4.2-150600.18.6.1</li>
<li>clamav-debugsource-1.4.2-150600.18.6.1</li>
<li>libclammspack0-1.4.2-150600.18.6.1</li>
<li>clamav-milter-debuginfo-1.4.2-150600.18.6.1</li>
<li>clamav-milter-1.4.2-150600.18.6.1</li>
</ul>
</li>
<li>
Basesystem Module 15-SP6 (noarch)
<ul>
<li>clamav-docs-html-1.4.2-150600.18.6.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2018-14679.html">https://www.suse.com/security/cve/CVE-2018-14679.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-20197.html">https://www.suse.com/security/cve/CVE-2023-20197.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2024-20380.html">https://www.suse.com/security/cve/CVE-2024-20380.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2024-20505.html">https://www.suse.com/security/cve/CVE-2024-20505.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2024-20506.html">https://www.suse.com/security/cve/CVE-2024-20506.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-20128.html">https://www.suse.com/security/cve/CVE-2025-20128.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1102840">https://bugzilla.suse.com/show_bug.cgi?id=1102840</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1103032">https://bugzilla.suse.com/show_bug.cgi?id=1103032</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1180296">https://bugzilla.suse.com/show_bug.cgi?id=1180296</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1202986">https://bugzilla.suse.com/show_bug.cgi?id=1202986</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211594">https://bugzilla.suse.com/show_bug.cgi?id=1211594</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1214342">https://bugzilla.suse.com/show_bug.cgi?id=1214342</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1232242">https://bugzilla.suse.com/show_bug.cgi?id=1232242</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1236307">https://bugzilla.suse.com/show_bug.cgi?id=1236307</a>
</li>
<li>
<a href="https://jira.suse.com/browse/PED-4596">https://jira.suse.com/browse/PED-4596</a>
</li>
</ul>
</div>
--===============0362316222650648154==--
|
|
|
|
