{"affected":[{"ecosystem_specific":{"binaries":[{"clamav":"1.4.2-3.36.1","clamav-devel":"1.4.2-3.36.1","clamav-docs-html":"1.4.2-3.36.1","clamav-milter":"1.4.2-3.36.1","libclamav12":"1.4.2-3.36.1","libclammspack0":"1.4.2-3.36.1","libfreshclam3":"1.4.2-3.36.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP5-LTSS","name":"clamav","purl":"pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.4.2-3.36.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"clamav":"1.4.2-3.36.1","clamav-devel":"1.4.2-3.36.1","clamav-docs-html":"1.4.2-3.36.1","clamav-milter":"1.4.2-3.36.1","libclamav12":"1.4.2-3.36.1","libclammspack0":"1.4.2-3.36.1","libfreshclam3":"1.4.2-3.36.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server LTSS Extended Security 12 SP5","name":"clamav","purl":"pkg:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.4.2-3.36.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for clamav fixes the following issues:\n\nNew version 1.4.2:\n\n  * CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow\n    read bug in the OLE2 file parser that could cause a\n    denial-of-service (DoS) condition.  \n\n- Start clamonacc with --fdpass to avoid errors due to\n  clamd not being able to access user files. (bsc#1232242)\n\n- New version 1.4.1:\n\n  * https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html\n\n- New version 1.4.0:\n\n  * Added support for extracting ALZ archives.\n  * Added support for extracting LHA/LZH archives.\n  * Added the ability to disable image fuzzy hashing, if needed.\n    For context, image fuzzy hashing is a detection mechanism\n    useful for identifying malware by matching images included with\n    the malware or phishing email/document.\n  * https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html\n\n- New version 1.3.2:\n\n  * CVE-2024-20506: Changed the logging module to disable following\n    symlinks on Linux and Unix systems so as to prevent an attacker\n    with existing access to the 'clamd' or 'freshclam' services from\n    using a symlink to corrupt system files.\n  * CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF\n    file parser that could cause a denial-of-service condition.\n  * Removed unused Python modules from freshclam tests including\n    deprecated 'cgi' module that is expected to cause test failures in\n    Python 3.13.\n  * Fix unit test caused by expiring signing certificate.\n  * Fixed a build issue on Windows with newer versions of Rust. Also\n    upgraded GitHub Actions imports to fix CI failures.\n  * Fixed an unaligned pointer dereference issue on select architectures.\n  * Fixes to Jenkins CI pipeline.\n  \n\n- New Version: 1.3.1:\n\n  * CVE-2024-20380: Fixed a possible crash in the HTML file parser\n    that could cause a denial-of-service (DoS) condition.\n  * Updated select Rust dependencies to the latest versions.\n  * Fixed a bug causing some text to be truncated when converting\n    from UTF-16.\n  * Fixed assorted complaints identified by Coverity static\n    analysis.\n  * Fixed a bug causing CVDs downloaded by the DatabaseCustomURL\n  * Added the new 'valhalla' database name to the list of optional\n    databases in preparation for future work.\n\n- New version: 1.3.0:\n\n  * Added support for extracting and scanning attachments found in\n    Microsoft OneNote section files. OneNote parsing will be\n    enabled by default, but may be optionally disabled.\n  * Added file type recognition for compiled Python ('.pyc') files.\n  * Improved support for decrypting PDFs with empty passwords.\n  * Fixed a warning when scanning some HTML files.\n  * ClamOnAcc: Fixed an infinite loop when a watched directory\n    does not exist.\n  * ClamOnAcc: Fixed an infinite loop when a file has been deleted\n    before a scan.\n\n- New version: 1.2.0:\n\n  * Added support for extracting Universal Disk Format (UDF)\n    partitions.\n  * Added an option to customize the size of ClamAV's clean file\n    cache.\n  * Raised the MaxScanSize limit so the total amount of data\n    scanned when scanning a file or archive may exceed 4 gigabytes.\n  * Added ability for Freshclam to use a client certificate PEM\n    file and a private key PEM file for authentication to a private\n    mirror.\n  * Fix an issue extracting files from ISO9660 partitions where the\n    files are listed in the plain ISO tree and there also exists an\n    empty Joliet tree.\n  * PID and socket are now located under /run/clamav/clamd.pid and\n    /run/clamav/clamd.sock .\n  * bsc#1211594: Fixed an issue where ClamAV does not abort the\n    signature load process after partially loading an invalid\n    signature.\n\n- New version 1.1.0:\n\n  * https://blog.clamav.net/2023/05/clamav-110-released.html\n  * Added the ability to extract images embedded in HTML CSS\n    <style> blocks.\n  * Updated to Sigtool so that the '--vba' option will extract VBA\n    code from Microsoft Office documents the same way that\n    libclamav extracts VBA.\n  * Added a new option --fail-if-cvd-older-than=days to clamscan\n    and clamd, and FailIfCvdOlderThan to clamd.conf\n  * Added a new function 'cl_cvdgetage()' to the libclamav API.\n  * Added a new function 'cl_engine_set_clcb_vba()' to the\n    libclamav API.\n- bsc#1180296: Integrate clamonacc as a service.\n- New version 1.0.1 LTS (including changes in 0.104 and 0.105):\n  * As of ClamAV 0.104, CMake is required to build ClamAV.\n  * As of ClamAV 0.105, Rust is now required to compile ClamAV.\n  * Increased the default limits for file and scan size:\n    * MaxScanSize: 100M to 400M\n    * MaxFileSize: 25M to 100M\n    * StreamMaxLength: 25M to 100M\n    * PCREMaxFileSize: 25M to 100M\n    * MaxEmbeddedPE: 10M to 40M\n    * MaxHTMLNormalize: 10M to 40M\n    * MaxScriptNormalize: 5M to 20M\n    * MaxHTMLNoTags: 2M to 8M\n  * Added image fuzzy hash subsignatures for logical signatures.\n  * Support for decrypting read-only OLE2-based XLS files that are\n    encrypted with the default password.\n  * Overhauled the implementation of the all-match feature.\n  * Added a new callback to the public API for inspecting file\n    content during a scan at each layer of archive extraction.\n  * Added a new function to the public API for unpacking CVD\n    signature archives.\n  * The option to build with an external TomsFastMath library has\n    been removed. ClamAV requires non-default build options for\n    TomsFastMath to support bigger floating point numbers.\n  * For a full list of changes see the release announcements:\n    * https://blog.clamav.net/2022/11/clamav-100-lts-released.html\n    * https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html\n    * https://blog.clamav.net/2021/09/clamav-01040-released.html\n- Build clamd with systemd support.\n\n* CVE-2023-20197: Fixed a possible denial of service vulnerability in\n  the HFS+ file parser. (bsc#1214342)\n* CVE-2018-14679: Fixed that an issue was discovered in mspack/chmd.c\n  in libmspack before 0.7alpha. There isan off-by-one error in the CHM\n  PMGI/PMGL chunk number validity checks, which could lead to denial of\n  service (uninitialized da (bsc#1103032)\n  \n- Package huge .html documentation in a separate subpackage.\n\n- Update to 0.103.7 (bsc#1202986)\n\n  - Zip parser: tolerate 2-byte overlap in file entries\n  - Fix bug with logical signature Intermediates feature\n  - Update to UnRAR v6.1.7\n  - Patch UnRAR: allow skipping files in solid archives\n  - Patch UnRAR: limit dict winsize to 1GB\n\n- Use a split-provides for clamav-milter instead of recommending it.\n- Package clamav-milter in a subpackage\n- Remove virus signatures upon uninstall\n- Check for database existence before starting clamd\n- Restart clamd when it exits\n- Don't daemonize freshclam, but use a systemd timer instead to\n  trigger updates\n","id":"SUSE-SU-2025:0328-1","modified":"2025-02-03T09:39:50Z","published":"2025-02-03T09:39:50Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20250328-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1102840"},{"type":"REPORT","url":"https://bugzilla.suse.com/1103032"},{"type":"REPORT","url":"https://bugzilla.suse.com/1180296"},{"type":"REPORT","url":"https://bugzilla.suse.com/1202986"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211594"},{"type":"REPORT","url":"https://bugzilla.suse.com/1214342"},{"type":"REPORT","url":"https://bugzilla.suse.com/1232242"},{"type":"REPORT","url":"https://bugzilla.suse.com/1236307"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-14679"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-20197"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-20380"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-20505"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-20506"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-20128"}],"related":["CVE-2018-14679","CVE-2023-20197","CVE-2024-20380","CVE-2024-20505","CVE-2024-20506","CVE-2025-20128"],"summary":"Security update for clamav","upstream":["CVE-2018-14679","CVE-2023-20197","CVE-2024-20380","CVE-2024-20505","CVE-2024-20506","CVE-2025-20128"]}