Oval Definition:	oval:org.opensuse.security:def:54697
Revision Date: 2020-12-22 Version: 1 Title: Security update for clamav (Important) Description: This update for clamav fixes the following issues: clamav was updated to 0.103.0 to implement jsc#ECO-3010 and bsc#1118459. clamd can now reload the signature database without blocking scanning. This multi-threaded database reload improvement was made possible thanks to a community effort. - Non-blocking database reloads are now the default behavior. Some systems that are more constrained on RAM may need to disable non-blocking reloads as it will temporarily consume two times as much memory. We added a new clamd config option ConcurrentDatabaseReload, which may be set to no. * Fix clamav-milter.service (requires clamd.service to run) * bsc#1119353, clamav-fips.patch: Fix freshclam crash in FIPS mode. * Partial sync with SLE15. Update to version 0.102.4 Accumulated security fixes: CVE-2020-3350: Fix a vulnerability wherein a malicious user could replace a scan target's directory with a symlink to another path to trick clamscan, clamdscan, or clamonacc into removing or moving a different file (eg. a critical system file). The issue would affect users that use the --move or --remove options for clamscan, clamdscan, and clamonacc. (bsc#1174255) * CVE-2020-3327: Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.3 that could cause a Denial-of-Service (DoS) condition. Improper bounds checking results in an out-of-bounds read which could cause a crash. The previous fix for this CVE in 0.102.3 was incomplete. This fix correctly resolves the issue. * CVE-2020-3481: Fix a vulnerability in the EGG archive module in ClamAV 0.102.0 - 0.102.3 could cause a Denial-of-Service (DoS) condition. Improper error handling may result in a crash due to a NULL pointer dereference. This vulnerability is mitigated for those using the official ClamAV signature databases because the file type signatures in daily.cvd will not enable the EGG archive parser in versions affected by the vulnerability. (bsc#1174250) * CVE-2020-3341: Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that could cause a Denial-of-Service (DoS) condition. Improper size checking of a buffer used to initialize AES decryption routines results in an out-of-bounds read which may cause a crash. (bsc#1171981) * CVE-2020-3123: A denial-of-service (DoS) condition may occur when using the optional credit card data-loss-prevention (DLP) feature. Improper bounds checking of an unsigned variable resulted in an out-of-bounds read, which causes a crash. * CVE-2019-15961: A Denial-of-Service (DoS) vulnerability may occur when scanning a specially crafted email file as a result of excessively long scan times. The issue is resolved by implementing several maximums in parsing MIME messages and by optimizing use of memory allocation. (bsc#1157763). * CVE-2019-12900: An out of bounds write in the NSIS bzip2 (bsc#1149458) * CVE-2019-12625: Introduce a configurable time limit to mitigate zip bomb vulnerability completely. Default is 2 minutes, configurable useing the clamscan --max-scantime and for clamd using the MaxScanTime config option (bsc#1144504) Update to version 0.101.3: ZIP bomb causes extreme CPU spikes (bsc#1144504) Update to version 0.101.2 (bsc#1118459): Support for RAR v5 archive extraction. * Incompatible changes to the arguments of cl_scandesc, cl_scandesc_callback, and cl_scanmap_callback. * Scanning options have been converted from a single flag bit-field into a structure of multiple categorized flag bit-fields. * The CL_SCAN_HEURISTIC_ENCRYPTED scan option was replaced by 2 new scan options: CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE, and CL_SCAN_HEURISTIC_ENCRYPTED_DOC * Incompatible clamd.conf and command line interface changes. * Heuristic Alerts' (aka 'Algorithmic Detection') options have been changed to make the names more consistent. The original options are deprecated in 0.101, and will be removed in a future feature release. * For details, see https://blog.clamav.net/2018/12/clamav-01010-has-been-released.html Family: unix Class: patch Status: Reference(s): 1003581 1004003 1009745 1011044 1012060 1012382 1012422 1012452 1012829 1012910 1012985 1013561 1013887 1015342 1015452 1017461 1018885 1019531 1020102 1020412 1021424 1021610 1022266 1022595 1023287 1023807 1023822 1023848 1025461 1026570 1027101 1027512 1027974 1028217 1028310 1028340 1028883 1029607 1029631 1030057 1030070 1031040 1031142 1031147 1031470 1031500 1031512 1031555 1031717 1031796 1032141 1032339 1032345 1032400 1032581 1032803 1033117 1033281 1033336 1033340 1033885 1034048 1034419 1034635 1034670 1034671 1034762 1034902 1034995 1035024 1035312 1035866 1035887 1035920 1035922 1036214 1036638 1036659 1036752 1036763 1037177 1037186 1037384 1037483 1037669 1037840 1037871 1037969 1038033 1038043 1038085 1038142 1038143 1038297 1038458 1038544 1038842 1038843 1038846 1038847 1038848 1038879 1038981 1038982 1038984 1039214 1039348 1039354 1039700 1039864 1039882 1039883 1039885 1039900 1040069 1040125 1040182 1040279 1040351 1040364 1040395 1040425 1040463 1040567 1040609 1040855 1040929 1040941 1041087 1041160 1041168 1041242 1041431 1041810 1042286 1042356 1042421 1042517 1042535 1042536 1042863 1042886 1043014 1043218 1043231 1043236 1043347 1043371 1043467 1043488 1043598 1043912 1043935 1043990 1044015 1044082 1044120 1044125 1044532 1044767 1044772 1044854 1044880 1044912 1045154 1045235 1045286 1045307 1045467 1045568 1045735 1046105 1046417 1046434 1046589 1046856 1047785 1048315 1076503 1083302 1083303 1106383 1108631 1108632 1118459 1119353 1124781 1128140 1133495 1135727 1135729 1139459 1144504 1149458 1151377 1151506 1154043 1155574 1156482 1157763 1159814 1162108 1171981 1174250 1174255 799133 863764 892464 922871 939801 965901 966170 966172 966191 966321 966339 970072 970073 970547 971975 988065 989311 990058 990682 993832 995542 CVE-2009-2694 CVE-2009-2703 CVE-2009-3026 CVE-2009-3083 CVE-2009-3084 CVE-2009-3085 CVE-2009-3615 CVE-2010-0013 CVE-2010-0277 CVE-2010-0420 CVE-2010-0423 CVE-2010-1624 CVE-2010-2528 CVE-2010-3711 CVE-2011-1091 CVE-2011-3594 CVE-2012-2214 CVE-2012-3374 CVE-2012-3386 CVE-2012-6152 CVE-2013-0271 CVE-2013-0272 CVE-2013-0273 CVE-2013-0274 CVE-2013-6477 CVE-2013-6478 CVE-2013-6479 CVE-2013-6481 CVE-2013-6482 CVE-2013-6483 CVE-2013-6484 CVE-2013-6485 CVE-2013-6486 CVE-2013-6487 CVE-2014-0020 CVE-2014-3694 CVE-2014-3695 CVE-2014-3696 CVE-2014-3697 CVE-2014-3698 CVE-2014-5270 CVE-2016-0960 CVE-2016-0961 CVE-2016-0962 CVE-2016-0963 CVE-2016-0964 CVE-2016-0965 CVE-2016-0966 CVE-2016-0967 CVE-2016-0968 CVE-2016-0969 CVE-2016-0970 CVE-2016-0971 CVE-2016-0972 CVE-2016-0973 CVE-2016-0974 CVE-2016-0975 CVE-2016-0976 CVE-2016-0977 CVE-2016-0978 CVE-2016-0979 CVE-2016-0980 CVE-2016-0981 CVE-2016-0982 CVE-2016-0983 CVE-2016-0984 CVE-2016-0985 CVE-2016-0986 CVE-2016-0987 CVE-2016-0988 CVE-2016-0989 CVE-2016-0990 CVE-2016-0991 CVE-2016-0992 CVE-2016-0993 CVE-2016-0994 CVE-2016-0995 CVE-2016-0996 CVE-2016-0997 CVE-2016-0998 CVE-2016-0999 CVE-2016-1000 CVE-2016-1001 CVE-2016-1002 CVE-2016-1005 CVE-2016-1010 CVE-2016-1285 CVE-2016-1286 CVE-2017-0381 CVE-2017-1000083 CVE-2017-1000365 CVE-2017-1000380 CVE-2017-2640 CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-5836 CVE-2017-6440 CVE-2017-7346 CVE-2017-7435 CVE-2017-7436 CVE-2017-7487 CVE-2017-7616 CVE-2017-7618 CVE-2017-7982 CVE-2017-8890 CVE-2017-8924 CVE-2017-8925 CVE-2017-9074 CVE-2017-9075 CVE-2017-9076 CVE-2017-9077 CVE-2017-9150 CVE-2017-9242 CVE-2017-9269 CVE-2018-17097 CVE-2018-17098 CVE-2018-20340 CVE-2018-5732 CVE-2018-5733 CVE-2018-5764 CVE-2019-12209 CVE-2019-12210 CVE-2019-12900 CVE-2019-15961 CVE-2019-9578 CVE-2020-1712 CVE-2020-3123 CVE-2020-3327 CVE-2020-3341 CVE-2020-3350 CVE-2020-3481 SUSE-SU-2016:0400-1 SUSE-SU-2016:0716-1 SUSE-SU-2016:0825-1 SUSE-SU-2017:0436-1 SUSE-SU-2017:1368-1 SUSE-SU-2017:1853-1 SUSE-SU-2017:2264-1 SUSE-SU-2017:2390-1 SUSE-SU-2018:0174-1 SUSE-SU-2018:0812-1 SUSE-SU-2019:0096-1 SUSE-SU-2019:1749-1 SUSE-SU-2020:0331-1 SUSE-SU-2020:3918-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information augeas-1.10.1-lp150.1 is installed OR augeas-lenses-1.10.1-lp150.1 is installed OR libaugeas0-1.10.1-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information znc-1.7.4-lp151.2.3 is installed OR znc-devel-1.7.4-lp151.2.3 is installed OR znc-lang-1.7.4-lp151.2.3 is installed OR znc-perl-1.7.4-lp151.2.3 is installed OR znc-python3-1.7.4-lp151.2.3 is installed OR znc-tcl-1.7.4-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libgcrypt11-1.5.0-0.17 is installed OR libgcrypt11-32bit-1.5.0-0.17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information bind-9.9.6P1-0.25 is installed OR bind-libs-9.9.6P1-0.25 is installed OR bind-libs-32bit-9.9.6P1-0.25 is installed OR bind-utils-9.9.6P1-0.25 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libplist-1.8-10.9 is installed OR libplist++1-1.8-10.9 is installed OR libplist1-1.8-10.9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND wdiff-1.2.1-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information finch-2.12.0-1 is installed OR libpurple-2.12.0-1 is installed OR libpurple-branding-upstream-2.12.0-1 is installed OR libpurple-lang-2.12.0-1 is installed OR libpurple-plugin-sametime-2.12.0-1 is installed OR libpurple-tcl-2.12.0-1 is installed OR pidgin-2.12.0-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libu2f-host-1.1.6-3.5 is installed OR libu2f-host0-1.1.6-3.5 is installed OR pam_u2f-1.0.8-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information gpgme-1.5.1-1 is installed OR libgpgme11-1.5.1-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND sudo-1.8.10p3-2.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND coolkey-1.1.0-147 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-60.7.0-109.72 is installed OR MozillaFirefox-devel-60.7.0-109.72 is installed OR MozillaFirefox-translations-common-60.7.0-109.72 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND clamav-0.103.0-33.32.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND xinetd-2.3.15-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information xen-4.9.4_06-3.59 is installed OR xen-doc-html-4.9.4_06-3.59 is installed OR xen-libs-4.9.4_06-3.59 is installed OR xen-libs-32bit-4.9.4_06-3.59 is installed OR xen-tools-4.9.4_06-3.59 is installed OR xen-tools-domU-4.9.4_06-3.59 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND nmap-6.46-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cpio-2.11-36.3 is installed OR cpio-lang-2.11-36.3 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information cpp48-4.8.5-31.3 is installed OR gcc48-4.8.5-31.3 is installed OR gcc48-32bit-4.8.5-31.3 is installed OR gcc48-c++-4.8.5-31.3 is installed OR gcc48-info-4.8.5-31.3 is installed OR gcc48-locale-4.8.5-31.3 is installed OR libasan0-4.8.5-31.3 is installed OR libasan0-32bit-4.8.5-31.3 is installed OR libstdc++48-devel-4.8.5-31.3 is installed OR libstdc++48-devel-32bit-4.8.5-31.3 is installed Definition Synopsis SUSE OpenStack Cloud 6-LTSS is installed AND Package Information ruby2.1-rubygem-actionview-4_2-4.2.9-9.12 is installed OR rubygem-actionview-4_2-4.2.9-9.12 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information python-cryptography-1.3.1-7.13 is installed OR python-pyOpenSSL-16.0.0-4.11 is installed OR python-setuptools-18.0.1-4.8 is installed OR python3-cryptography-1.3.1-7.13 is installed OR python3-pyOpenSSL-16.0.0-4.11 is installed OR python3-setuptools-18.0.1-4.8 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libsolv-0.6.36-2.16 is installed OR libsolv-tools-0.6.36-2.16 is installed OR libzypp-16.20.0-2.39 is installed OR perl-solv-0.6.36-2.16 is installed OR python-solv-0.6.36-2.16 is installed OR zypper-1.13.51-21.26 is installed OR zypper-log-1.13.51-21.26 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND python-ecdsa-0.13.3-5.10 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-activejob-4_2-4.2.9-3.6 is installed OR rubygem-activejob-4_2-4.2.9-3.6 is installed
BACK