Hi,
the blog [1] is inconsistent with the CVEs descriptions for
CVE-2021-1404 and -1405. This makes it unclear which versions are
affected by which CVE. Can you fix the blog please?
Furthermore, can you please confirm that the "buffer overread in PDF
parser" issue (CVE-2021-1405 according to mitre) really is limited to
0.103.x? The surrounding code of [2] is two years old, so from my naive
point of view 0.102 could be affected as well.
Regards
Damian
[1] https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html
[2]
https://github.com/Cisco-Talos/clamav-devel/commit/7a70a03ba01d657296be61f0ec98ca6990f51578
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
