ClamAV 0.103.8 is a critical patch release with the following fixes:
CVE-2023-20032https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.
CVE-2023-20052https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.
Please login to add feedback.
| 0 | 2 | Test Case ClamAV |
This update has been submitted for testing by orion.
This update's test gating status has been changed to 'ignored'.
This update has obsoleted clamav-0.103.8-1.el7, and has inherited its bugs and notes.
Tested. No errors now from the bundled daily.cvd
This update has been pushed to testing.
Tested upgrading to this one and scanned a drive with a known malware, worked fine.
This update can be pushed to stable now if the maintainer wishes
Tested. Worked fine
This update has been submitted for stable by bodhi.
This update has been pushed to stable.