[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 3328-1] clamav security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3328-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
February 20, 2023                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : clamav
Version        : 0.103.8+dfsg-0+deb10u1
CVE ID         : CVE-2023-20032 CVE-2023-20052

Two vulnerabilities have been found in the ClamAV antivirus toolkit,
which could result in arbitrary code execution or information disclosure
when parsing maliciously crafted HFS+ or DMG files.

For Debian 10 buster, these problems have been fixed in version
0.103.8+dfsg-0+deb10u1.

We recommend that you upgrade your clamav packages.

For the detailed security status of clamav please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/clamav

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmPzszoACgkQnUbEiOQ2
gwJP0A//bZ6bSegTVHGqOFxYV8ORQZp+tYhhceRwj9BV5z6gZWinD4P54uQ2v4U7
WmPpxo0wVfXt+7i/UH8Hf1AWw0wEnAzI+mnw/bjvk2n2Q3xayCjW+ab2x1Omk8+w
W14TX7kdvBwz2bzkoq8t2IeG11++wrSpgFy6/SkYJZnRrlsVtzBXTpQyK22PbecE
LPcB+F0EznnwDeAzFbcykkx1xw+0RBM3OrFVn6lBS9nqXZ/vI+xbrXPshjnaNwBW
EQ3aHRbw7diE7IHh+FvfNMDoZgVb39AfDac+paGlLuoctQmaiE5gTfWGCWA89Rza
VJzjHvicm439cGi5RsM6M7jRTu/RGo+7C1/QgUmWCI5y4H2jDBPSFBhooWcc27/T
XNNACwBZjaQNu5EOZ1B+oka6eIMNf4lpaOHio9kxjy6WOU2GMA/nnRtA9utbrbKT
F6IPhUrTcs9uBOkjgunGvxuKQO56x2ZCUvxI9GxzICvIiKIscyLc8aRTDU4YooAE
ea3L/qQQrH6AdwlS/622bRIn/xJfULz4Jirmn7YNuY+/j2czhIHwoB6AJJhfDENn
sIffGwNw6ExjRKfhAmz+u/mQuLd93oRl+lgcsST7Uisg2eNR3t1uaXZxAcc1mt0G
i7+5G4sTS8YUOnyB3REyc5zaVwNS6l5Nuc3f6wHp8a9FMt0pxRo=
=cfUo
-----END PGP SIGNATURE-----


Reply to: