UbuntuUpdates.org

Package "clamav"

Name: clamav

Description:

anti-virus utility for Unix - command-line interface
Latest version: 0.100.3+dfsg-0ubuntu0.18.04.1
Release: bionic (18.04)
Level: security
Repository: main
Homepage: https://www.clamav.net/

Links

Save this URL for the latest version of "clamav": https://www.ubuntuupdates.org/clamav

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "clamav"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "clamav" in Bionic

Repository Area Version
base main 0.99.4+addedllvm-0ubuntu1
base universe 0.99.4+addedllvm-0ubuntu1
security universe 0.100.3+dfsg-0ubuntu0.18.04.1
updates main 0.100.3+dfsg-0ubuntu0.18.04.1
updates universe 0.100.3+dfsg-0ubuntu0.18.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.100.3+dfsg-0ubuntu0.18.04.1 2019-04-08 15:06:22 UTC

  clamav (0.100.3+dfsg-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to version 0.100.3 to fix security issues. (LP: #1822503)
    - debian/libclamav7.symbols: updated to new version.
    - CVE-2019-1787
    - CVE-2019-1788
    - CVE-2019-1789

 -- Marc Deslauriers <email address hidden> Thu, 04 Apr 2019 09:25:12 -0400
Source diff to previous version
1822503 ClamAV needs updated to reflect security fixes
CVE-2019-1787 An out-of-bounds heap read condition when scanning PDF documents
CVE-2019-1788 An out-of-bounds heap write condition when scanning OLE2 files
CVE-2019-1789 An out-of-bounds heap read condition when scanning PE files

Version: 0.100.2+dfsg-1ubuntu0.18.04.1 2018-10-11 18:07:00 UTC

  clamav (0.100.2+dfsg-1ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to version 0.100.2 to fix security issue.
    - CVE-2018-15378
  * Bump to new symbol version
    - debian/rules: set CL_FLEVEL 93.
    - debian/libclamav7.symbols: updated to new version.

 -- Marc Deslauriers <email address hidden> Wed, 10 Oct 2018 13:25:28 -0400
Source diff to previous version
CVE-2018-15378 denial-of-service in MEW unpacking feature

Version: 0.100.1+dfsg-1ubuntu0.18.04.3 2018-09-19 08:06:23 UTC

  clamav (0.100.1+dfsg-1ubuntu0.18.04.3) bionic-security; urgency=medium

  * debian/clamav-daemon.config.in: fix infinite loop during
    dpkg-reconfigure (LP: #1792051)

 -- Marc Deslauriers <email address hidden> Thu, 13 Sep 2018 13:59:22 -0400
Source diff to previous version
1792051 [regression] clamav-daemon: Infinite loop at dpkg-reconfigure

Version: 0.100.1+dfsg-1ubuntu0.18.04.2 2018-07-26 17:06:53 UTC

  clamav (0.100.1+dfsg-1ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY REGRESSION: clamav-daemon fails to start due to options
    removed in new version and manually edited configuration file.
    (LP: #1783632)
    - debian/patches/Deprecate-unused-options-instead-of-removing-it.patch:
      add patch from Debian stretch to simply warn about removed options.

 -- Marc Deslauriers <email address hidden> Thu, 26 Jul 2018 10:24:27 -0400
Source diff to previous version
1783632 clamav-daemon won't start after upgrade to 0.100.1+dfsg, complaining of \

Version: 0.100.1+dfsg-1ubuntu0.18.04.1 2018-07-24 19:06:48 UTC

  clamav (0.100.1+dfsg-1ubuntu0.18.04.1) bionic-security; urgency=medium

  * Rebuild as security update for 18.04 to fix multiple issues
    - CVE-2018-0360
    - CVE-2018-0361
  * Re-enable LLVM support:
    - debian/control: add llvm-3.9-dev to BuildDepends.
    - debian/rules: add llvm back.
  * debian/clamav-daemon.postinst.in: updated version to drop support for
    clamav-daemon.socket.

 -- Marc Deslauriers <email address hidden> Thu, 19 Jul 2018 08:07:50 -0400
CVE-2018-0360 ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_parag
CVE-2018-0361 ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.


About   -   Send Feedback to @ubuntu_updates