Public bug reported:
Please sync clamav 0.103.2+dfsg-1 (main) from Debian unstable (main).
The update fixes 3 new vulnerabilities and some other misc fixes.
IOW: it's probably important to update the package and hence the sync request
Changelog entries since current hirsute version 0.103.0+dfsg-3.1:
clamav (0.103.2+dfsg-1) unstable; urgency=medium
* Import 0.103.2
- CVE-2021-1252 (Fix for Excel XLM parser infinite loop.)
- CVE-2021-1404 (Fix for PDF parser buffer over-read; possible crash.)
- CVE-2021-1405 (Fix for mail parser NULL-dereference crash.)
- Update symbol file.
(Closes: #986622).
-- Sebastian Andrzej Siewior <[email protected]> Mon, 12 Apr
2021 21:31:08 +0200
** Affects: clamav (Ubuntu)
Importance: Critical
Status: New
** Changed in: clamav (Ubuntu)
Importance: Undecided => Wishlist
** Changed in: clamav (Ubuntu)
Importance: Wishlist => Critical
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1923831
Title:
Sync clamav 0.103.2+dfsg-1 (main) from Debian unstable (main)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/1923831/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
