[ubuntu/focal-security] clamav 0.103.2+dfsg-0ubuntu0.20.04.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Mon Apr 19 17:48:12 UTC 2021 

clamav (0.103.2+dfsg-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Updated to version 0.103.2 to fix security issues.
    - CVE-2021-1252, CVE-2021-1404, CVE-2021-1405

clamav (0.103.2+dfsg-1) unstable; urgency=medium

  * Import 0.103.2
    - CVE-2021-1252 (Fix for Excel XLM parser infinite loop.)
    - CVE-2021-1404 (Fix for PDF parser buffer over-read; possible crash.)
    - CVE-2021-1405 (Fix for mail parser NULL-dereference crash.)
    - Update symbol file.
   (Closes: #986622).

clamav (0.103.0+dfsg-3.1) unstable; urgency=medium

  * Non-maintainer upload.
  * debian/patches: Apply upstream patch to fix call of ck_assert_msg (Closes:
    #980592)

clamav (0.103.0+dfsg-3) unstable; urgency=medium

  * Update apparmor profile for clamd. Thanks to Stefano Callegari.
    (Closes: #973619).

clamav (0.103.0+dfsg-2) unstable; urgency=medium

  * Update apparmor profile for freshclam. Thanks to Michael Borgelt.
    (Closes: #972974)
  * Fix testsuite in an IPv6 only environment (Closes: #963853).

clamav (0.103.0+dfsg-1) unstable; urgency=medium

  * Import 0.103.0
    - Drop CURL_CA_BUNDLE related patch, changes applied upstream.
    - Update symbol file.
  * Rename NEWS.Debian to NEWS.
  * Update lintian overrides.

clamav (0.102.4+dfsg-1) unstable; urgency=medium

  [ Helmut Grohne ]
  * Honour DEB_BUILD_OPTIONS=nocheck again. (Closes: #960843)

  [ Scott Kitterman ]
  * Add Suggests for unversioned libclamunrar package on clamav-daemon and
    clamav binaries

  [ Sebastian Andrzej Siewior ]
  * Import 0.102.4
    - CVE-2020-3350 (A malicious user trick clamav into moving a different file).
    - CVE-2020-3327 (A vulnerability in the ARJ archive parsing module).
    - CVE-2020-3481 (A vulnerability in the EGG archive module).
  * Update symbol file.

Date: 2021-04-15 17:27:14.692258+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/clamav/0.103.2+dfsg-0ubuntu0.20.04.1
-------------- next part --------------
Sorry, changesfile not available.

More information about the Focal-changes mailing list