Path to this page:
Subject: CVS commit: pkgsrc/security/clamav
From: Takahiro Kambe
Date: 2023-02-20 14:41:19
Message id: 20230220134119.8BA69FA90@cvs.NetBSD.org
Log Message:
security/clamav: update to 0.103.8
pkgsrc change: avoid use empty in options.mk.
Security release.
0.103.8 (2023-02-15)
* \
CVE-2023-20032<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032>:
Fixed a possible remote code execution vulnerability in the HFS+ file
parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and
earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for
reporting this issue.
* \
CVE-2023-20052<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052>:
Fixed a possible remote information leak vulnerability in the DMG file
parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and
earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for
reporting this issue.
* Update the vendored libmspack library to version 0.11alpha.
* GitHub pull request: https://github.com/Cisco-Talos/clamav/pull/830
Files: