AZL-11128 CVE-2022-2879 affecting package golang for versions less than 1.19.10-1

Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

PT-2022-37522 · Clamav · Clamav

Name of the Vulnerable Software and Affected Versions: clamav versions prior to 0.103.7 Description: The issue is related to the clamav software, where an update to version 0.103.7 fixes several problems, including the upgrade of the UnRAR library to version 6.1.7, a fix for the logical signature...

cpio security update

2.6-23.1 - CVE-2010-0624 fix heap-based buffer overflow by expanding a specially-crafted archive - CVE-2007-4476 fix stack crashing in safernamesuffix...