FEDORA-2018-d2b08aa37f — security update for clamav

stable

clamav-0.99.4-1.fc26

FEDORA-2018-d2b08aa37f created by orion 7 years ago for Fedora 26

Update to 0.99.4

0.99.4 addresses a few outstanding vulnerability bugs. It includes fixes for:

CVE-2012-6706
CVE-2017-6419
CVE-2017-11423
CVE-2018-1000085

There are also a few bug fixes that were not assigned CVE’s, but were important enough to address while we had the chance. One of these was the notorious file descriptor exhaustion bug that caused outages late last January.

In addition to the above, 0.99.4 fixes:

CVE-2018-0202: Two newly reported vulnerabilities in the PDF parsing code.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2018-d2b08aa37f

This update has been submitted for testing by orion.

7 years ago

This update has been pushed to testing.

7 years ago

hreindl commented & provided feedback 7 years ago

karma

works for me

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

7 years ago

This update has been submitted for batched by orion.

7 years ago

This update has been submitted for stable by bodhi.

7 years ago

This update has been pushed to stable.

7 years ago

Please login to add feedback.

Metadata

Type

security

Karma

Signed

Content Type

RPM

Test Gating

passed

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Dates

submitted

7 years ago

in testing

7 years ago

in stable

7 years ago

Builds

clamav-0.99.4-1.fc26

BZ#1549071 CVE-2018-1000085 clamav: Out-of-bounds heap read in XAR parser [fedora-all]

BZ#1550747 clamav-0.99.4 is available

clamav-0.99.4-1.fc26

Automated Test Results

passed

Test Cases


0	0	Test Case ClamAV