Security update for clamav SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2018:2230-1 Final 1 1 2018-08-07T07:39:11Z current 2018-08-07T07:39:11Z 2018-08-07T07:39:11Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for clamav This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability (bsc#1101410) - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small file (bsc#1101412) - Buffer over-read in unRAR code due to missing max value checks in table initialization - Libmspack heap buffer over-read in CHM parser (bsc#1103040) - PDF parser bugs The following other changes were made: - Disable YARA support for licensing reasons (bsc#1101654). - Add HTTPS support for clamsubmit - Fix for DNS resolution for users on IPv4-only machines where IPv6 is not available or is link-local only The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Module-Basesystem-15-2018-1509 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2018/suse-su-20182230-1/ Link for SUSE-SU-2018:2230-1 https://lists.suse.com/pipermail/sle-security-updates/2018-August/004379.html E-Mail link for SUSE-SU-2018:2230-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1101410 SUSE Bug 1101410 https://bugzilla.suse.com/1101412 SUSE Bug 1101412 https://bugzilla.suse.com/1101654 SUSE Bug 1101654 https://bugzilla.suse.com/1103040 SUSE Bug 1103040 https://www.suse.com/security/cve/CVE-2018-0360/ SUSE CVE CVE-2018-0360 page https://www.suse.com/security/cve/CVE-2018-0361/ SUSE CVE CVE-2018-0361 page SUSE Linux Enterprise Module for Basesystem 15 clamav-0.100.1-3.3.1 clamav-devel-0.100.1-3.3.1 libclamav7-0.100.1-3.3.1 libclammspack0-0.100.1-3.3.1 clamav-0.100.1-3.3.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 clamav-devel-0.100.1-3.3.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 libclamav7-0.100.1-3.3.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 libclammspack0-0.100.1-3.3.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c. CVE-2018-0360 SUSE Linux Enterprise Module for Basesystem 15:clamav-0.100.1-3.3.1 SUSE Linux Enterprise Module for Basesystem 15:clamav-devel-0.100.1-3.3.1 SUSE Linux Enterprise Module for Basesystem 15:libclamav7-0.100.1-3.3.1 SUSE Linux Enterprise Module for Basesystem 15:libclammspack0-0.100.1-3.3.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182230-1/ https://www.suse.com/security/cve/CVE-2018-0360.html CVE-2018-0360 https://bugzilla.suse.com/1101410 SUSE Bug 1101410 https://bugzilla.suse.com/1103091 SUSE Bug 1103091 https://bugzilla.suse.com/1103092 SUSE Bug 1103092 https://bugzilla.suse.com/1103099 SUSE Bug 1103099 ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file. CVE-2018-0361 SUSE Linux Enterprise Module for Basesystem 15:clamav-0.100.1-3.3.1 SUSE Linux Enterprise Module for Basesystem 15:clamav-devel-0.100.1-3.3.1 SUSE Linux Enterprise Module for Basesystem 15:libclamav7-0.100.1-3.3.1 SUSE Linux Enterprise Module for Basesystem 15:libclammspack0-0.100.1-3.3.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182230-1/ https://www.suse.com/security/cve/CVE-2018-0361.html CVE-2018-0361 https://bugzilla.suse.com/1101410 SUSE Bug 1101410 https://bugzilla.suse.com/1101412 SUSE Bug 1101412 https://bugzilla.suse.com/1103091 SUSE Bug 1103091 https://bugzilla.suse.com/1103092 SUSE Bug 1103092 https://bugzilla.suse.com/1103099 SUSE Bug 1103099