clamav-0.99.2-4.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10571 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z clamav-0.99.2-4.1 on GA media These are all security issues fixed in the clamav-0.99.2-4.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10571 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:10571 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2010-0405/ SUSE CVE CVE-2010-0405 page https://www.suse.com/security/cve/CVE-2011-2721/ SUSE CVE CVE-2011-2721 page https://www.suse.com/security/cve/CVE-2011-3627/ SUSE CVE CVE-2011-3627 page https://www.suse.com/security/cve/CVE-2012-1457/ SUSE CVE CVE-2012-1457 page https://www.suse.com/security/cve/CVE-2012-1458/ SUSE CVE CVE-2012-1458 page https://www.suse.com/security/cve/CVE-2012-1459/ SUSE CVE CVE-2012-1459 page https://www.suse.com/security/cve/CVE-2013-6497/ SUSE CVE CVE-2013-6497 page https://www.suse.com/security/cve/CVE-2014-9328/ SUSE CVE CVE-2014-9328 page https://www.suse.com/security/cve/CVE-2015-1461/ SUSE CVE CVE-2015-1461 page https://www.suse.com/security/cve/CVE-2015-1462/ SUSE CVE CVE-2015-1462 page https://www.suse.com/security/cve/CVE-2015-1463/ SUSE CVE CVE-2015-1463 page https://www.suse.com/security/cve/CVE-2015-2170/ SUSE CVE CVE-2015-2170 page https://www.suse.com/security/cve/CVE-2015-2221/ SUSE CVE CVE-2015-2221 page https://www.suse.com/security/cve/CVE-2015-2222/ SUSE CVE CVE-2015-2222 page https://www.suse.com/security/cve/CVE-2015-2305/ SUSE CVE CVE-2015-2305 page https://www.suse.com/security/cve/CVE-2015-2668/ SUSE CVE CVE-2015-2668 page openSUSE Tumbleweed clamav-0.99.2-4.1 clamav-0.99.2-4.1 as a component of openSUSE Tumbleweed Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file. CVE-2010-0405 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2010-0405.html CVE-2010-0405 https://bugzilla.suse.com/636978 SUSE Bug 636978 https://bugzilla.suse.com/646682 SUSE Bug 646682 Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations. CVE-2011-2721 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-2721.html CVE-2011-2721 https://bugzilla.suse.com/708263 SUSE Bug 708263 The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c. CVE-2011-3627 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3627.html CVE-2011-3627 https://bugzilla.suse.com/724856 SUSE Bug 724856 https://bugzilla.suse.com/809945 SUSE Bug 809945 The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. CVE-2012-1457 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-1457.html CVE-2012-1457 https://bugzilla.suse.com/753611 SUSE Bug 753611 https://bugzilla.suse.com/767574 SUSE Bug 767574 The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations. CVE-2012-1458 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-1458.html CVE-2012-1458 https://bugzilla.suse.com/753613 SUSE Bug 753613 https://bugzilla.suse.com/767574 SUSE Bug 767574 The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. CVE-2012-1459 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-1459.html CVE-2012-1459 https://bugzilla.suse.com/753610 SUSE Bug 753610 https://bugzilla.suse.com/767574 SUSE Bug 767574 clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file. CVE-2013-6497 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6497.html CVE-2013-6497 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/906077 SUSE Bug 906077 ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition." CVE-2014-9328 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-9328.html CVE-2014-9328 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/915512 SUSE Bug 915512 ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition." CVE-2015-1461 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1461.html CVE-2015-1461 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/916217 SUSE Bug 916217 ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition." CVE-2015-1462 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1462.html CVE-2015-1462 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/916214 SUSE Bug 916214 ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization." CVE-2015-1463 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1463.html CVE-2015-1463 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/916215 SUSE Bug 916215 The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file. CVE-2015-2170 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2170.html CVE-2015-2170 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/921950 SUSE Bug 921950 https://bugzilla.suse.com/922560 SUSE Bug 922560 https://bugzilla.suse.com/929192 SUSE Bug 929192 ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file. CVE-2015-2221 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2221.html CVE-2015-2221 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/921950 SUSE Bug 921950 https://bugzilla.suse.com/922560 SUSE Bug 922560 https://bugzilla.suse.com/929192 SUSE Bug 929192 ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file. CVE-2015-2222 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2222.html CVE-2015-2222 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/921950 SUSE Bug 921950 https://bugzilla.suse.com/922560 SUSE Bug 922560 https://bugzilla.suse.com/929192 SUSE Bug 929192 Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. CVE-2015-2305 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2305.html CVE-2015-2305 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/921950 SUSE Bug 921950 https://bugzilla.suse.com/922022 SUSE Bug 922022 https://bugzilla.suse.com/922028 SUSE Bug 922028 https://bugzilla.suse.com/922030 SUSE Bug 922030 https://bugzilla.suse.com/922043 SUSE Bug 922043 https://bugzilla.suse.com/922560 SUSE Bug 922560 https://bugzilla.suse.com/922567 SUSE Bug 922567 https://bugzilla.suse.com/929192 SUSE Bug 929192 https://bugzilla.suse.com/980366 SUSE Bug 980366 ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file. CVE-2015-2668 openSUSE Tumbleweed:clamav-0.99.2-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2668.html CVE-2015-2668 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/921950 SUSE Bug 921950 https://bugzilla.suse.com/922560 SUSE Bug 922560 https://bugzilla.suse.com/929192 SUSE Bug 929192