Security update for clamav (important)

2014-12-05T21:04:59
ID SUSE-SU-2014:1574-1
Type suse
Reporter Suse
Modified 2014-12-05T21:04:59

Description

clamav was updated to version 0.98.5 to fix three security issues and several non-security issues.

These security issues have been fixed:

   * Crash when scanning maliciously crafted yoda's crypter files
     (CVE-2013-6497).
   * Heap-based buffer overflow when scanning crypted PE files
     (CVE-2014-9050).
   * Crash when using 'clamscan -a'.

These non-security issues have been fixed:

   * Support for the XDP file format and extracting, decoding, and
     scanning PDF files within XDP files.
   * Addition of shared library support for LLVM versions 3.1 - 3.5 for
     the purpose of just-in-time(JIT) compilation of ClamAV bytecode
     signatures.
   * Enhancements to the clambc command line utility to assist ClamAV
     bytecode signature authors by providing introspection into compiled
     bytecode programs.
   * Resolution of many of the warning messages from ClamAV compilation.
   * Improved detection of malicious PE files.
   * ClamAV 0.98.5 now works with OpenSSL in FIPS compliant mode
     (bnc#904207).
   * Fix server socket setup code in clamd (bnc#903489).
   * Change updateclamconf to prefer the state of the old config file
     even for commented-out options (bnc#903719).
   * Fix infinite loop in clamdscan when clamd is not running.
   * Fix buffer underruns when handling multi-part MIME email attachments.
   * Fix configuration of OpenSSL on various platforms.
   * Fix linking issues with libclamunrar.

Security Issues:

   * CVE-2013-6497
     <<a  rel="nofollow" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6497">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6497</a>>
   * CVE-2014-9050
     <<a  rel="nofollow" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050</a>>