[clamav-users] New ClamAV update?

Al Varnell alvarnell at mac.com
Thu Jun 29 21:10:23 UTC 2017 

CVE-2012-6706 concerns a VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution.
<https://nvd.nist.gov/vuln/detail/CVE-2012-6706>.

The list of CVE's known to apply to ClamAV can be found here:
<https://www.cvedetails.com/vulnerability-list/vendor_id-8871/product_id-15657/Clamav-Clamav.html>.

The latest scan engine is correctly shown as 0.99.2, which I believe was released over a year ago (May 2016).

-Al-

On Thu, Jun 29, 2017 at 11:25 AM, Paul Kosinski wrote:
> 
> I just got a security notice from SuSE talking about updating ClamAV.
> The CVE looks quite old: is SuSE so far behind, or is there something
> recent to worry about?
> 
> ----------------------------------------------------
> 
>   SUSE Security Update: Security update for clamav
> ______________________________________________________________________________
> 
> Announcement ID:    SUSE-SU-2017:1716-1
> Rating:             important
> References:         #1040662 #1045490 
> Cross-References:   CVE-2012-6706
> Affected Products:
>                    SUSE Linux Enterprise Server for SAP 12-SP1
>                    SUSE Linux Enterprise Server for SAP 12
>                    SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
>                    SUSE Linux Enterprise Server 12-SP2
>                    SUSE Linux Enterprise Server 12-SP1-LTSS
>                    SUSE Linux Enterprise Server 12-LTSS
>                    SUSE Linux Enterprise Desktop 12-SP2
> ______________________________________________________________________________
> 
>   An update that solves one vulnerability and has one errata
>   is now available.
> 
> Description:
> 
> 
>   This update for clamav fixes the following issues:
> 
>   Security issue fixed:
> 
>   - CVE-2012-6706: Fixed an arbitrary memory write in VMSF_DELTA filter in
>     libclamunrar (bsc#1045490)
> 
>   Non security issues fixed:
> 
>   - Provide and obsolete clamav-nodb to trigger its removal in openSUSE
>     Leap. (bsc#1040662)
> 
> 
> Patch Instructions:
> 
>   To install this SUSE Security Update use YaST online_update.
>   Alternatively you can run the command listed for your product:
> 
>   - SUSE Linux Enterprise Server for SAP 12-SP1:
> 
>      zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1069=1
> 
>   - SUSE Linux Enterprise Server for SAP 12:
> 
>      zypper in -t patch SUSE-SLE-SAP-12-2017-1069=1
> 
>   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:
> 
>      zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1069=1
> 
>   - SUSE Linux Enterprise Server 12-SP2:
> 
>      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1069=1
> 
>   - SUSE Linux Enterprise Server 12-SP1-LTSS:
> 
>      zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1069=1
> 
>   - SUSE Linux Enterprise Server 12-LTSS:
> 
>      zypper in -t patch SUSE-SLE-SERVER-12-2017-1069=1
> 
>   - SUSE Linux Enterprise Desktop 12-SP2:
> 
>      zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1069=1
> 
>   To bring your system up-to-date, use "zypper patch".
> 
> 
> Package List:
> 
>   - SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64):
> 
>      clamav-0.99.2-32.1
>      clamav-debuginfo-0.99.2-32.1
>      clamav-debugsource-0.99.2-32.1
> 
>   - SUSE Linux Enterprise Server for SAP 12 (x86_64):
> 
>      clamav-0.99.2-32.1
>      clamav-debuginfo-0.99.2-32.1
>      clamav-debugsource-0.99.2-32.1
> 
>   - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):
> 
>      clamav-0.99.2-32.1
>      clamav-debuginfo-0.99.2-32.1
>      clamav-debugsource-0.99.2-32.1
> 
>   - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64):
> 
>      clamav-0.99.2-32.1
>      clamav-debuginfo-0.99.2-32.1
>      clamav-debugsource-0.99.2-32.1
> 
>   - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64):
> 
>      clamav-0.99.2-32.1
>      clamav-debuginfo-0.99.2-32.1
>      clamav-debugsource-0.99.2-32.1
> 
>   - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64):
> 
>      clamav-0.99.2-32.1
>      clamav-debuginfo-0.99.2-32.1
>      clamav-debugsource-0.99.2-32.1
> 
>   - SUSE Linux Enterprise Desktop 12-SP2 (x86_64):
> 
>      clamav-0.99.2-32.1
>      clamav-debuginfo-0.99.2-32.1
>      clamav-debugsource-0.99.2-32.1
> 
> 
> References:
> 
>   https://www.suse.com/security/cve/CVE-2012-6706.html
>   https://bugzilla.suse.com/1040662
>   https://bugzilla.suse.com/1045490
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3569 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20170629/6f926405/attachment.bin>

More information about the clamav-users mailing list