[clamav-users] New ClamAV update?

Joel Esler (jesler) jesler at cisco.com
Sat Jul 1 20:03:33 UTC 2017 

We are currently planning on 0.99.3 coming out near the end of July.


--
Joel Esler | Talos: Manager | jesler at cisco.com<mailto:jesler at cisco.com>






On Jun 29, 2017, at 5:10 PM, Al Varnell <alvarnell at mac.com<mailto:alvarnell at mac.com>> wrote:

CVE-2012-6706 concerns a VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution.
<https://nvd.nist.gov/vuln/detail/CVE-2012-6706>.

The list of CVE's known to apply to ClamAV can be found here:
<https://www.cvedetails.com/vulnerability-list/vendor_id-8871/product_id-15657/Clamav-Clamav.html>.

The latest scan engine is correctly shown as 0.99.2, which I believe was released over a year ago (May 2016).

-Al-

On Thu, Jun 29, 2017 at 11:25 AM, Paul Kosinski wrote:

I just got a security notice from SuSE talking about updating ClamAV.
The CVE looks quite old: is SuSE so far behind, or is there something
recent to worry about?

----------------------------------------------------

 SUSE Security Update: Security update for clamav
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:1716-1
Rating:             important
References:         #1040662 #1045490
Cross-References:   CVE-2012-6706
Affected Products:
                  SUSE Linux Enterprise Server for SAP 12-SP1
                  SUSE Linux Enterprise Server for SAP 12
                  SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
                  SUSE Linux Enterprise Server 12-SP2
                  SUSE Linux Enterprise Server 12-SP1-LTSS
                  SUSE Linux Enterprise Server 12-LTSS
                  SUSE Linux Enterprise Desktop 12-SP2
______________________________________________________________________________

 An update that solves one vulnerability and has one errata
 is now available.

Description:


 This update for clamav fixes the following issues:

 Security issue fixed:

 - CVE-2012-6706: Fixed an arbitrary memory write in VMSF_DELTA filter in
   libclamunrar (bsc#1045490)

 Non security issues fixed:

 - Provide and obsolete clamav-nodb to trigger its removal in openSUSE
   Leap. (bsc#1040662)


Patch Instructions:

 To install this SUSE Security Update use YaST online_update.
 Alternatively you can run the command listed for your product:

 - SUSE Linux Enterprise Server for SAP 12-SP1:

    zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1069=1

 - SUSE Linux Enterprise Server for SAP 12:

    zypper in -t patch SUSE-SLE-SAP-12-2017-1069=1

 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:

    zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1069=1

 - SUSE Linux Enterprise Server 12-SP2:

    zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1069=1

 - SUSE Linux Enterprise Server 12-SP1-LTSS:

    zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1069=1

 - SUSE Linux Enterprise Server 12-LTSS:

    zypper in -t patch SUSE-SLE-SERVER-12-2017-1069=1

 - SUSE Linux Enterprise Desktop 12-SP2:

    zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1069=1

 To bring your system up-to-date, use "zypper patch".


Package List:

 - SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64):

    clamav-0.99.2-32.1
    clamav-debuginfo-0.99.2-32.1
    clamav-debugsource-0.99.2-32.1

 - SUSE Linux Enterprise Server for SAP 12 (x86_64):

    clamav-0.99.2-32.1
    clamav-debuginfo-0.99.2-32.1
    clamav-debugsource-0.99.2-32.1

 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):

    clamav-0.99.2-32.1
    clamav-debuginfo-0.99.2-32.1
    clamav-debugsource-0.99.2-32.1

 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64):

    clamav-0.99.2-32.1
    clamav-debuginfo-0.99.2-32.1
    clamav-debugsource-0.99.2-32.1

 - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64):

    clamav-0.99.2-32.1
    clamav-debuginfo-0.99.2-32.1
    clamav-debugsource-0.99.2-32.1

 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64):

    clamav-0.99.2-32.1
    clamav-debuginfo-0.99.2-32.1
    clamav-debugsource-0.99.2-32.1

 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64):

    clamav-0.99.2-32.1
    clamav-debuginfo-0.99.2-32.1
    clamav-debugsource-0.99.2-32.1


References:

 https://www.suse.com/security/cve/CVE-2012-6706.html
 https://bugzilla.suse.com/1040662
 https://bugzilla.suse.com/1045490
_______________________________________________
clamav-users mailing list
clamav-users at lists.clamav.net<mailto:clamav-users at lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

More information about the clamav-users mailing list