[clamav-users] ClamAV critical vulnerability
Matus UHLAR - fantomas
uhlar at fantomas.sk
Thu Mar 2 18:47:45 UTC 2023
On 02.03.23 13:27, Michael Kyriacou via clamav-users wrote:
>Does anybody know if the 0.104.2 version of clamav for AIX addresses
>CVE-2023-20032?
https://lists.clamav.net/pipermail/clamav-announce/2023/000070.html
ClamAV 0.104 has reached end-of-life according to the ClamAV End of Life
(EOL) policy<https://docs.clamav.net/faq/faq-eol.html> and will not be
patched. Anyone using ClamAV 0.104 must switch to a supported version.
All users should update as soon as possible to patch for two remote code
execution vulnerabilities that we recently discovered and patched.
>I’m confused on the 3 different types of versions that they state it affects
>
>1.0.0 and earlier
>0.105.1 and earlier
>0.103.7 and earlier
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
42.7 percent of all statistics are made up on the spot.
More information about the clamav-users
mailing list