UbuntuUpdates.org

Package "clamav"

Name: clamav

Description:

anti-virus utility for Unix - command-line interface

Latest version: 0.103.6+dfsg-0ubuntu0.20.04.1
Release: focal (20.04)
Level: updates
Repository: main
Homepage: https://www.clamav.net/

Links


Download "clamav"


Other versions of "clamav" in Focal

Repository Area Version
base universe 0.102.2+dfsg-2ubuntu1
base main 0.102.2+dfsg-2ubuntu1
security main 0.103.6+dfsg-0ubuntu0.20.04.1
security universe 0.103.6+dfsg-0ubuntu0.20.04.1
updates universe 0.103.6+dfsg-0ubuntu0.20.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.103.6+dfsg-0ubuntu0.20.04.1 2022-05-17 14:06:26 UTC

  clamav (0.103.6+dfsg-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Updated to version 0.103.6 to fix security issues.
    - Drop debian/patches/Fix-ck_assert_msg-call.patch, included in new
      version
    - debian/rules: bump CL_FLEVEL to 127.
    - debian/libclamav9.symbols: updated CLAMAV_PRIVATE symbols to new
      version.
    - CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792,
      CVE-2022-20796

 -- Marc Deslauriers <email address hidden> Thu, 12 May 2022 12:40:40 -0400

Source diff to previous version
CVE-2022-20770 On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A v
CVE-2022-20771 On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A v
CVE-2022-20785 On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A v
CVE-2022-20796 On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vuln

Version: 0.103.5+dfsg-1~20.04.1 2022-01-18 14:07:20 UTC

  clamav (0.103.5+dfsg-1~20.04.1) focal-security; urgency=medium

  * Rebuild as security update for focal.

 -- Marc Deslauriers <email address hidden> Mon, 17 Jan 2022 08:19:19 -0500

Source diff to previous version

Version: 0.103.2+dfsg-0ubuntu0.20.04.2 2021-05-04 02:07:03 UTC

  clamav (0.103.2+dfsg-0ubuntu0.20.04.2) focal-security; urgency=medium

  * SECURITY REGRESSION: clamdscan - MULTISCAN parameter causes
    Segmentation fault.
    (LP: #1926300)
    - debian/patches/lp_1926300_multiscan_param_segfault.patch: fix
      --fdpass -m & ExcludePath crash in clamd/scanner.c,
      libclamav/others.h, libclamav/others_common.c,
      unit_tests/check_clamd.c.

 -- Leonidas Da Silva Barbosa <email address hidden> Thu, 29 Apr 2021 08:25:03 -0300

Source diff to previous version
1926300 clamdscan - MULTISCAN parameter causes Segmentation fault error

Version: 0.103.2+dfsg-0ubuntu0.20.04.1 2021-04-19 22:07:58 UTC

  clamav (0.103.2+dfsg-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Updated to version 0.103.2 to fix security issues.
    - CVE-2021-1252, CVE-2021-1404, CVE-2021-1405

 -- Marc Deslauriers <email address hidden> Thu, 15 Apr 2021 12:39:30 -0400

Source diff to previous version
CVE-2021-1252 A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated
CVE-2021-1404 A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.0 and all prior versions could allow an unauthenticated
CVE-2021-1405 A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote att

Version: 0.102.4+dfsg-0ubuntu0.20.04.1 2020-07-27 17:07:11 UTC

  clamav (0.102.4+dfsg-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Updated to 0.102.2 to fix security issues
    - debian/libclamav9.symbols: updated for new version.
    - debian/rules: bumped CL_FLEVEL to 115.
    - CVE-2020-3327
    - CVE-2020-3350
    - CVE-2020-3481

 -- Marc Deslauriers <email address hidden> Thu, 23 Jul 2020 09:08:18 -0400

CVE-2020-3327 A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacke
CVE-2020-3350 A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the runn
CVE-2020-3481 A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remo



About   -   Send Feedback to @ubuntu_updates