UbuntuUpdates.org

Package "clamav"

Name: clamav

Description:

anti-virus utility for Unix - command-line interface
Latest version: 0.103.6+dfsg-0ubuntu0.18.04.1
Release: bionic (18.04)
Level: security
Repository: main
Homepage: https://www.clamav.net/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "clamav"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "clamav" in Bionic

Repository Area Version
base main 0.99.4+addedllvm-0ubuntu1
base universe 0.99.4+addedllvm-0ubuntu1
security universe 0.103.6+dfsg-0ubuntu0.18.04.1
updates universe 0.103.6+dfsg-0ubuntu0.18.04.1
updates main 0.103.6+dfsg-0ubuntu0.18.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.103.6+dfsg-0ubuntu0.18.04.1 2022-05-17 12:06:19 UTC

  clamav (0.103.6+dfsg-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to version 0.103.6 to fix security issues.
    - Drop debian/patches/Fix-ck_assert_msg-call.patch, included in new
      version
    - debian/rules: bump CL_FLEVEL to 127.
    - debian/libclamav9.symbols: updated CLAMAV_PRIVATE symbols to new
      version.
    - CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792,
      CVE-2022-20796

 -- Marc Deslauriers <email address hidden> Thu, 12 May 2022 12:40:40 -0400
Source diff to previous version
CVE-2022-20770 On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A v
CVE-2022-20771 On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A v
CVE-2022-20785 On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A v
CVE-2022-20796 On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vuln

Version: 0.103.5+dfsg-0ubuntu0.18.04.1 2022-01-18 13:06:23 UTC

  clamav (0.103.5+dfsg-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to version 0.103.5 to fix security issue.
    - Sync most of packaging with 0.103.5+dfsg-1.
    - CVE-2022-20698

 -- Marc Deslauriers <email address hidden> Mon, 17 Jan 2022 08:50:58 -0500
Source diff to previous version
CVE-2022-20698 A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allo

Version: 0.103.2+dfsg-0ubuntu0.18.04.2 2021-05-04 00:06:22 UTC

  clamav (0.103.2+dfsg-0ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY REGRESSION: clamdscan - MULTISCAN parameter causes
    Segmentation fault.
    (LP: #1926300)
    - debian/patches/lp_1926300_multiscan_param_segfault.patch: fix
      --fdpass -m & ExcludePath crash in clamd/scanner.c,
      libclamav/others.h, libclamav/others_common.c,
      unit_tests/check_clamd.c.

 -- Leonidas Da Silva Barbosa <email address hidden> Thu, 29 Apr 2021 08:33:37 -0300
Source diff to previous version
1926300 clamdscan - MULTISCAN parameter causes Segmentation fault error

Version: 0.103.2+dfsg-0ubuntu0.18.04.1 2021-04-19 21:07:00 UTC

  clamav (0.103.2+dfsg-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to version 0.103.2 to fix security issues.
    - Sync most of packaging with 0.103.2+dfsg-1.
    - CVE-2021-1252, CVE-2021-1404, CVE-2021-1405

 -- Marc Deslauriers <email address hidden> Thu, 15 Apr 2021 12:48:39 -0400
Source diff to previous version
CVE-2021-1252 A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated
CVE-2021-1404 A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.0 and all prior versions could allow an unauthenticated
CVE-2021-1405 A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote att

Version: 0.102.4+dfsg-0ubuntu0.18.04.1 2020-07-27 16:06:47 UTC

  clamav (0.102.4+dfsg-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to 0.102.2 to fix security issues
    - debian/libclamav9.symbols: updated for new version.
    - debian/rules: bumped CL_FLEVEL to 115.
    - CVE-2020-3327
    - CVE-2020-3350
    - CVE-2020-3481

 -- Marc Deslauriers <email address hidden> Thu, 23 Jul 2020 09:08:18 -0400
CVE-2020-3327 A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacke
CVE-2020-3350 A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the runn
CVE-2020-3481 A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remo


About   -   Send Feedback to @ubuntu_updates