Is there anything that I, and/or others, can do to help resolve this
CVE? As its a critical (9.8 CVE) RCE, I'm quite concerned about running
ClamAV right now with any exposure to the internet, and have begun
looking into compiling a drop-in replacement of ClamAV for this existing
package.
If
We did a temporary inplace-replacement with the 1.0.1 LTS clamav:
https://blog.werk21.de/en/2023/02/20/update-place-replacement-clamav-ubuntu
We have package-dependencies and were not able to purge the original
packages so we decided to override the bins and libs temporary. Maybe
you want to
We are currently working on updates, and they should be released within
the next few days.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2007456
Title:
CVE-2023-20032: Fixed a possible
