clamav was updated to version 0.98.5 to fix five security issues:
* Crash when scanning maliciously crafted yoda's crypter files
(CVE-2013-6497).
* Heap-based buffer overflow when scanning crypted PE files
(CVE-2014-9050).
* Fix heap corruption (CVE-2013-2020).
* Fix overflow due to PDF key length computation (CVE-2013-2021).
* Crash when using 'clamscan -a'.
Several non-security issues have also been fixed, please refer to the
package’s change log for details.
Security Issues:
* CVE-2013-6497
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6497">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6497</a>>
* CVE-2014-9050
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050</a>>
* CVE-2013-2021
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2021">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2021</a>>
* CVE-2013-2020
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2020">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2020</a>>
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
SUSE Linux Enterprise Server LTSS | 11.2 | s390x | clamav | < 0.98.5-0.5.1 | clamav-0.98.5-0.5.1.s390x.rpm |
SUSE Linux Enterprise Server LTSS | 11.2 | x86_64 | clamav | < 0.98.5-0.5.1 | clamav-0.98.5-0.5.1.x86_64.rpm |
SUSE Linux Enterprise Server LTSS | 11.2 | i586 | clamav | < 0.98.5-0.5.1 | clamav-0.98.5-0.5.1.i586.rpm |
SUSE Linux Enterprise Server LTSS | 11.1 | x86_64 | clamav | < 0.98.5-0.5.1 | clamav-0.98.5-0.5.1.x86_64.rpm |
SUSE Linux Enterprise Server LTSS | 11.1 | s390x | clamav | < 0.98.5-0.5.1 | clamav-0.98.5-0.5.1.s390x.rpm |
SUSE Linux Enterprise Server LTSS | 11.1 | i586 | clamav | < 0.98.5-0.5.1 | clamav-0.98.5-0.5.1.i586.rpm |
download.suse.com/patch/finder/?keywords=21beeab39cfa85199510367c32cbdd16
download.suse.com/patch/finder/?keywords=da1389754016c53659409dd9ebba9efc
bugzilla.suse.com/show_bug.cgi?id=899395
bugzilla.suse.com/show_bug.cgi?id=903489
bugzilla.suse.com/show_bug.cgi?id=903719
bugzilla.suse.com/show_bug.cgi?id=904207
bugzilla.suse.com/show_bug.cgi?id=906077
bugzilla.suse.com/show_bug.cgi?id=906770