FEDORA-2019-1543eae191 created by orion 11 months ago for Fedora 31
stable

ClamAV 0.101.5 is a security patch release that addresses the following issues.

  • CVE-2019-15961: A Denial-of-Service (DoS) vulnerability may occur when scanning a specially crafted email file as a result of excessively long scan times. The issue is resolved by implementing several maximums in parsing MIME messages and by optimizing use of memory allocation.
  • Added the zip scanning improvements found in v0.102.0 where it scans files using zip records from a sorted catalogue which provides deduplication of file records resulting in faster extraction and scan time and reducing the likelihood of alerting on non-malicious duplicate file entries as overlapping files.
  • Signature load time is significantly reduced by changing to a more efficient algorithm for loading signature patterns and allocating the AC trie. Patch courtesy of Alberto Wu.
  • Introduced a new configure option to statically link libjson-c with libclamav. Static linking with libjson is highly recommended to prevent crashes in applications that use libclamav alongside another JSON parsing library.
  • Null-dereference fix in email parser when using the --gen-json metadata option.

Add TimeoutStartSec=420 to clamd@.service to match upstream

How to install

sudo dnf upgrade --advisory=FEDORA-2019-1543eae191

This update has been submitted for testing by orion.

11 months ago

This update's test gating status has been changed to 'waiting'.

11 months ago

This update has obsoleted clamav-0.101.4-2.fc31, and has inherited its bugs and notes.

11 months ago

This update's test gating status has been changed to 'ignored'.

11 months ago

This update has been pushed to testing.

11 months ago
User Icon bojan provided feedback 11 months ago
karma
User Icon mstevens commented & provided feedback 11 months ago
karma

works fine

BZ#1725810 /usr/lib/systemd/system/clamd@scan.service:1: .include directives are deprecated

This update can be pushed to stable now if the maintainer wishes

11 months ago

This update has been submitted for stable by orion.

10 months ago

This update has been pushed to stable.

10 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
11 months ago
in testing
11 months ago
in stable
10 months ago
BZ#1631525 clamav: clamscan --gen-json does not output JSON
0
0
BZ#1725810 /usr/lib/systemd/system/clamd@scan.service:1: .include directives are deprecated
0
1
BZ#1764835 clamd at 100% CPU and SystemD keeps restarting clamd
0
0
BZ#1775550 Request to build clamav 0.101.5 for EPEL 7
0
0

Automated Test Results

Test Cases

0 0 Test Case ClamAV