IT-Connect

Übersicht Übersicht Suchen Suchen Ebene Ebene
Download details
clamav_0.100.2_copfilter-v2_bundle.tar.gz clamav_0.100.2_copfilter-v2_bundle.tar.gz

 

Clamav 0.100.1 for Copfilter v2 (with new c_icap 0.5.5 and c_icap-modules 0.5.2)

 

  • Fixes for the following ClamAV vulnerabilities:
    • CVE-2018-15378:
      • Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
      • Reported by Secunia Research at Flexera.
    • Fix for a 2-byte buffer over-read bug in ClamAV's PDF parsing code.
      • Reported by Alex Gaynor.
    • Fixes for the following vulnerabilities in bundled third-party libraries:
    • CVE-2018-14680:
      • An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.
    • CVE-2018-14681:
      • An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.
    • CVE-2018-14682:
      • An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression. Additionally, 0.100.2 reverted 0.100.1's patch for CVE-2018-14679, and applied libmspack's version of the fix in its place
  • Other changes:
    • Some users have reported freshclam signature update failures as a result of a delay between the time the new signature database content is announced and the time that the content-delivery-network has the content available for download. To mitigate these errors, this patch release includes some modifications to freshclam to make it more lenient, and to reduce the time that freshclam will ignore a mirror when it detects an issue.
    • On-Access "Extra Scanning", an opt-in minor feature of OnAccess scanning on Linux systems, has been disabled due to a known issue with resource cleanup OnAccessExtraScanning will be re-enabled in a future release when the issue is resolved. In the mean-time, users who enabled the feature in clamd.conf will see a warning informing them that the feature is not active. For details, see: https://bugzilla.clamav.net/show_bug.cgi?id=12048

 

md5sum:  060361274721908a1cf4546666c4148b
sha1sum: 0fbf25e55a4862eefcb5054d371f72cd2564821b

 

Daten

Version
Dateigröße6.6 MB
Downloads115
Sprache
LizenzGNU/GPL external
Autor
Webseite
Erstelldatum08.10.2018 20:10:56
Erstellt von
Änderungsdatum08.10.2018 20:22:35

Download

Kommentar schreiben

Sicherheitscode
Aktualisieren

Cookie Einstellungen
Auf Grund einer EU-Richtlinie müssen wir Sie darauf hinweisen, dass wir zur Bereitstellung unserer Dienste Cookies einsetzen.
Mit der Nutzung unserer Dienste erklären Sie sich damit einverstanden, dass wir Cookies verwenden.
Weitere Informationen Ok Ablehnen