CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2022/05/05 04:57:55
Modified files:
security/clamav: Makefile distinfo
security/clamav/pkg: PLIST
Removed files:
security/clamav/patches: patch-cmake_FindCURSES_cmake
Log message:
update to clamav-0.104.3
CVE-2022-20803: Fixed a possible double-free vulnerability in the OLE2 file
parser.
Issue affects versions 0.104.0 through 0.104.2.
CVE-2022-20770: Fixed a possible infinite loop vulnerability in the CHM file
parser.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
CVE-2022-20796: Fixed a possible NULL-pointer dereference crash in the scan
verdict cache check.
Issue affects versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2.
CVE-2022-20771: Fixed a possible infinite loop vulnerability in the TIFF file
parser.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
CVE-2022-20785: Fixed a possible memory leak in the HTML file parser /
Javascript normalizer.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
CVE-2022-20792: Fixed a possible multi-byte heap buffer overflow write
vulnerability in the
signature database load module.
Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and
prior versions.
