Lucene search
SuseSUSE-SU-2014:1571-1HistoryDec 05, 2014 - 7:04 p.m.
Security update for clamav (important)
2014-12-0519:04:48
lists.opensuse.org
11
0.151 Low
EPSS
Percentile
95.3%
clamav was updated to version 0.98.5 to fix five security issues:
* Crash when scanning maliciously crafted yoda's crypter files
(CVE-2013-6497).
* Heap-based buffer overflow when scanning crypted PE files
(CVE-2014-9050).
* Fix heap corruption (CVE-2013-2020).
* Fix overflow due to PDF key length computation (CVE-2013-2021).
* Crash when using 'clamscan -a'.
Several non-security issues have also been fixed, please refer to the
package’s change log for details.
Security Issues:
* CVE-2013-6497
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6497">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6497</a>>
* CVE-2014-9050
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050</a>>
* CVE-2013-2021
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2021">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2021</a>>
* CVE-2013-2020
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2020">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2020</a>>
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| SUSE Linux Enterprise Server LTSS | 11.2 | s390x | clamav | < 0.98.5-0.5.1 | clamav-0.98.5-0.5.1.s390x.rpm |
| SUSE Linux Enterprise Server LTSS | 11.2 | x86_64 | clamav | < 0.98.5-0.5.1 | clamav-0.98.5-0.5.1.x86_64.rpm |
| SUSE Linux Enterprise Server LTSS | 11.2 | i586 | clamav | < 0.98.5-0.5.1 | clamav-0.98.5-0.5.1.i586.rpm |
| SUSE Linux Enterprise Server LTSS | 11.1 | x86_64 | clamav | < 0.98.5-0.5.1 | clamav-0.98.5-0.5.1.x86_64.rpm |
| SUSE Linux Enterprise Server LTSS | 11.1 | s390x | clamav | < 0.98.5-0.5.1 | clamav-0.98.5-0.5.1.s390x.rpm |
| SUSE Linux Enterprise Server LTSS | 11.1 | i586 | clamav | < 0.98.5-0.5.1 | clamav-0.98.5-0.5.1.i586.rpm |
References
download.suse.com/patch/finder/?keywords=21beeab39cfa85199510367c32cbdd16
download.suse.com/patch/finder/?keywords=da1389754016c53659409dd9ebba9efc
bugzilla.suse.com/show_bug.cgi?id=899395
bugzilla.suse.com/show_bug.cgi?id=903489
bugzilla.suse.com/show_bug.cgi?id=903719
bugzilla.suse.com/show_bug.cgi?id=904207
bugzilla.suse.com/show_bug.cgi?id=906077
bugzilla.suse.com/show_bug.cgi?id=906770
Related
openvas
openvas
SUSE: Security Advisory for clamav (SUSE-SU-2014:1571-1)
2015-10-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:1571-1)
2021-06-09 00:00:00
Fedora Update for clamav FEDORA-2014-15434
2015-01-05 00:00:00
nessus
nessus
Debian DLA-95-1 : clamav security update
2015-03-26 00:00:00
Ubuntu 14.04 LTS : ClamAV vulnerabilities (USN-2423-1)
2014-11-27 00:00:00
Fedora 19 : clamav-0.98.5-1.fc19 (2014-15463)
2014-11-28 00:00:00
osv
osv
clamav - security update
2014-12-02 00:00:00
debian
debian
[SECURITY] [DLA 95-1] clamav security update
2014-12-02 21:37:38
suse
suse
Security update for clamav (important)
2014-12-21 19:04:40
Security update for clamav (important)
2014-12-05 21:04:59
Security update for clamav (important)
2014-12-05 10:04:48
fedora
fedora
[SECURITY] Fedora 19 Update: clamav-0.98.5-1.fc19
2014-11-27 08:37:32
[SECURITY] Fedora 21 Update: clamav-0.98.5-1.fc21
2014-12-06 10:32:13
[SECURITY] Fedora 20 Update: clamav-0.98.5-1.fc20
2014-11-22 12:39:19
securityvulns
securityvulns
ClamAV memory corruptions
2014-11-30 00:00:00
[USN-2423-1] ClamAV vulnerabilities
2014-11-30 00:00:00
[USN-1816-1] ClamAV vulnerabilities
2013-05-04 00:00:00
ubuntu
ubuntu
ClamAV vulnerabilities
2014-11-26 00:00:00
ClamAV vulnerability
2015-02-12 00:00:00
ClamAV vulnerabilities
2013-05-03 00:00:00
mageia
mageia
Updated clamav packages fix security vulnerabilities
2014-11-26 13:14:01
gentoo
gentoo
Clam AntiVirus: Denial of service
2014-12-09 00:00:00
ClamAV: Multiple vulnerabilities
2014-05-16 00:00:00
ubuntucve
ubuntucve
amazon
amazon
Low: clamav
2014-12-08 13:12:00
prion
prion
Code injection
2014-12-01 15:59:00
Heap overflow
2014-12-01 15:59:00
Integer overflow
2013-05-13 23:55:00
debiancve
debiancve
cve
cve
archlinux
archlinux
clamav: denial of service
2014-11-20 00:00:00
checkpoint_advisories
checkpoint_advisories
ClamAV UPX File PE parsing Memory Access Error (CVE-2013-2020)
2013-07-25 00:00:00
ClamAV Encrypted PDF File Handling Memory Access Error (CVE-2013-2021)
2013-06-20 00:00:00