Package "clamav"
| Name: |
clamav
|
Description: |
anti-virus utility for Unix - command-line interface
|
| Latest version: |
1.5.3+dfsg-0ubuntu0.24.04.1 |
| Release: |
noble (24.04) |
| Level: |
security |
| Repository: |
main |
| Homepage: |
https://www.clamav.net/ |
Links
Download "clamav"
Other versions of "clamav" in Noble
Packages in group
Deleted packages are displayed in grey.
Changelog
|
clamav (1.5.3+dfsg-0ubuntu0.24.04.1) noble-security; urgency=medium
* Update to 1.5.3 to fix security issues and FIPS compatibility
- debian/watch: switch to 1.5.*.
- upstream/signing-key.asc: updated.
- debian/rules: bump CL_FLEVEL to 233.
- debian/libclamav12.symbols: updated symbols to new version.
- debian/*postinst.in: added new options.
- debian/libclamav12.install: bump so versions.
- debian/clamav-freshclam.*: added new /etc/clamav/certs directory.
- debian/usr.bin.freshclam, debian/usr.sbin.clamd: add
/etc/clamav/certs to profile.
- CVE-2026-20213, CVE-2026-20214, CVE-2026-20215, CVE-2026-20216,
CVE-2026-20217, CVE-2026-20243, CVE-2026-20244
-- Marc Deslauriers <email address hidden> Thu, 02 Jul 2026 08:07:08 -0400
|
| Source diff to previous version |
| CVE-2026-20213 |
A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other ex |
| CVE-2026-20214 |
A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other e |
| CVE-2026-20215 |
A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other ex |
| CVE-2026-20216 |
A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affe |
| CVE-2026-20217 |
A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly othe |
| CVE-2026-20243 |
A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other e |
| CVE-2026-20244 |
A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other e |
|
|
clamav (1.4.4+dfsg-0ubuntu0.24.04.1) noble-security; urgency=medium
* Updated to version 1.4.4 to fix security issue.
- debian/rules: bump CL_FLEVEL to 214, set DH_ALWAYS_EXCLUDE = *.orig.
- debian/libclamav12.symbols: updated symbols to new version.
- debian/control, debian/rules: build with rustc 1.91.
- CVE-2026-20031
-- Marc Deslauriers <email address hidden> Tue, 14 Apr 2026 06:02:01 -0400
|
| Source diff to previous version |
| CVE-2026-20031 |
A vulnerability in the HTML Cascading Style Sheets (CSS) module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of servic |
|
|
clamav (1.4.3+dfsg-0ubuntu0.24.04.1) noble-security; urgency=medium
* Rebuild as security update for Ubuntu 24.04 LTS.
- CVE-2025-20234
- CVE-2025-20260
-- Marc Deslauriers <email address hidden> Wed, 25 Jun 2025 13:10:29 -0400
|
| Source diff to previous version |
| CVE-2025-20234 |
A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS |
| CVE-2025-20260 |
A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a |
|
|
clamav (1.0.8+dfsg-0ubuntu0.24.04.1) noble-security; urgency=medium
* Updated to version 1.0.8 to fix security issue.
- debian/rules: bump CL_FLEVEL to 168.
- debian/libclamav11t64.symbols: updated CLAMAV_PRIVATE and
cl_retflevel symbols to new version.
- CVE-2025-20128
-- Marc Deslauriers <email address hidden> Thu, 23 Jan 2025 12:29:13 -0500
|
| Source diff to previous version |
| CVE-2025-20128 |
A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a |
|
|
clamav (1.0.7+dfsg-0ubuntu0.24.04.1) noble-security; urgency=medium
* Updated to version 1.0.7 to fix security issues.
- debian/rules: bump CL_FLEVEL to 167.
- debian/libclamav11t64.symbols: updated CLAMAV_PRIVATE and
cl_retflevel symbols to new version.
- debian/patches/resolve-armhf-ftbfs.patch: removed, no longer needed.
- CVE-2024-20505
- CVE-2024-20506
-- Marc Deslauriers <email address hidden> Fri, 06 Sep 2024 14:27:14 -0400
|
| CVE-2024-20505 |
A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior ve |
| CVE-2024-20506 |
A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior |
|
About
-
Send Feedback to @ubuntu_updates