Oval Definition:oval:org.opensuse.security:def:58660
Revision Date:2020-12-22Version:1
Title:Security update for clamav (Important)
Description:

This update for clamav fixes the following issues:

clamav was updated to 0.103.0 to implement jsc#ECO-3010 and bsc#1118459.

clamd can now reload the signature database without blocking scanning. This multi-threaded database reload improvement was made possible thanks to a community effort. - Non-blocking database reloads are now the default behavior. Some systems that are more constrained on RAM may need to disable non-blocking reloads as it will temporarily consume two times as much memory. We added a new clamd config option ConcurrentDatabaseReload, which may be set to no. * Fix clamav-milter.service (requires clamd.service to run) * bsc#1119353, clamav-fips.patch: Fix freshclam crash in FIPS mode. * Partial sync with SLE15.

Update to version 0.102.4

Accumulated security fixes:

CVE-2020-3350: Fix a vulnerability wherein a malicious user could replace a scan target's directory with a symlink to another path to trick clamscan, clamdscan, or clamonacc into removing or moving a different file (eg. a critical system file). The issue would affect users that use the --move or --remove options for clamscan, clamdscan, and clamonacc. (bsc#1174255) * CVE-2020-3327: Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.3 that could cause a Denial-of-Service (DoS) condition. Improper bounds checking results in an out-of-bounds read which could cause a crash. The previous fix for this CVE in 0.102.3 was incomplete. This fix correctly resolves the issue. * CVE-2020-3481: Fix a vulnerability in the EGG archive module in ClamAV 0.102.0 - 0.102.3 could cause a Denial-of-Service (DoS) condition. Improper error handling may result in a crash due to a NULL pointer dereference. This vulnerability is mitigated for those using the official ClamAV signature databases because the file type signatures in daily.cvd will not enable the EGG archive parser in versions affected by the vulnerability. (bsc#1174250) * CVE-2020-3341: Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that could cause a Denial-of-Service (DoS) condition. Improper size checking of a buffer used to initialize AES decryption routines results in an out-of-bounds read which may cause a crash. (bsc#1171981) * CVE-2020-3123: A denial-of-service (DoS) condition may occur when using the optional credit card data-loss-prevention (DLP) feature. Improper bounds checking of an unsigned variable resulted in an out-of-bounds read, which causes a crash. * CVE-2019-15961: A Denial-of-Service (DoS) vulnerability may occur when scanning a specially crafted email file as a result of excessively long scan times. The issue is resolved by implementing several maximums in parsing MIME messages and by optimizing use of memory allocation. (bsc#1157763). * CVE-2019-12900: An out of bounds write in the NSIS bzip2 (bsc#1149458) * CVE-2019-12625: Introduce a configurable time limit to mitigate zip bomb vulnerability completely. Default is 2 minutes, configurable useing the clamscan --max-scantime and for clamd using the MaxScanTime config option (bsc#1144504)

Update to version 0.101.3:

ZIP bomb causes extreme CPU spikes (bsc#1144504)

Update to version 0.101.2 (bsc#1118459):

Support for RAR v5 archive extraction. * Incompatible changes to the arguments of cl_scandesc, cl_scandesc_callback, and cl_scanmap_callback. * Scanning options have been converted from a single flag bit-field into a structure of multiple categorized flag bit-fields. * The CL_SCAN_HEURISTIC_ENCRYPTED scan option was replaced by 2 new scan options: CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE, and CL_SCAN_HEURISTIC_ENCRYPTED_DOC * Incompatible clamd.conf and command line interface changes. * Heuristic Alerts' (aka 'Algorithmic Detection') options have been changed to make the names more consistent. The original options are deprecated in 0.101, and will be removed in a future feature release. * For details, see https://blog.clamav.net/2018/12/clamav-01010-has-been-released.html
Family:unixClass:patch
Status:Reference(s):1012382
1027519
1032138
1032230
1033053
1033054
1033914
1033915
1038395
1039616
1040643
1047002
1047487
1050879
1050887
1050888
1050889
1050891
1051184
1063043
1064311
1065180
1068032
1068951
1071009
1072556
1072962
1073090
1073230
1073792
1073809
1073874
1073912
1076017
1083488
1084878
1085114
1085447
1087289
1092497
1094725
1095242
1096224
1097521
1097522
1097523
1102682
1105437
1105459
1105460
1106913
1117665
1118459
1119353
1131291
1135966
1135967
1137865
1139550
1140671
1141054
1144338
1144504
1144903
1145477
1146285
1146361
1146378
1146391
1146413
1146425
1146512
1146514
1146516
1146519
1146584
1147122
1148394
1148938
1149376
1149458
1149522
1149527
1149555
1149612
1149849
1150025
1150112
1150223
1150452
1150457
1150465
1150466
1151347
1151350
1152685
1152782
1152788
1153158
1154372
1154609
1155671
1155898
1156187
1157763
1160467
1160468
1171981
1174250
1174255
1175070
1175071
1175072
964063
969470
CVE-2009-0946
CVE-2010-2497
CVE-2010-2805
CVE-2010-3053
CVE-2010-3054
CVE-2010-3311
CVE-2010-3814
CVE-2011-0226
CVE-2012-5668
CVE-2012-5669
CVE-2012-5670
CVE-2013-7447
CVE-2014-2240
CVE-2014-9656
CVE-2014-9657
CVE-2014-9658
CVE-2014-9659
CVE-2014-9660
CVE-2014-9661
CVE-2014-9662
CVE-2014-9663
CVE-2014-9664
CVE-2014-9665
CVE-2014-9666
CVE-2014-9667
CVE-2014-9668
CVE-2014-9669
CVE-2014-9670
CVE-2014-9671
CVE-2014-9672
CVE-2014-9673
CVE-2014-9674
CVE-2014-9675
CVE-2016-10198
CVE-2016-10199
CVE-2016-10219
CVE-2016-10317
CVE-2016-10906
CVE-2016-9634
CVE-2016-9635
CVE-2016-9636
CVE-2016-9807
CVE-2016-9808
CVE-2016-9810
CVE-2017-10790
CVE-2017-11714
CVE-2017-13166
CVE-2017-17805
CVE-2017-17806
CVE-2017-18509
CVE-2017-18595
CVE-2017-5715
CVE-2017-5753
CVE-2017-5754
CVE-2017-5840
CVE-2017-5841
CVE-2017-5845
CVE-2017-7585
CVE-2017-7586
CVE-2017-7741
CVE-2017-7742
CVE-2017-8386
CVE-2017-9216
CVE-2017-9612
CVE-2017-9726
CVE-2017-9727
CVE-2017-9739
CVE-2017-9835
CVE-2018-1000004
CVE-2018-1068
CVE-2018-10844
CVE-2018-10845
CVE-2018-10846
CVE-2018-11806
CVE-2018-12207
CVE-2018-12891
CVE-2018-12892
CVE-2018-12893
CVE-2018-20976
CVE-2018-3665
CVE-2018-5390
CVE-2018-7566
CVE-2019-0154
CVE-2019-0155
CVE-2019-10220
CVE-2019-11135
CVE-2019-12900
CVE-2019-13272
CVE-2019-14814
CVE-2019-14815
CVE-2019-14816
CVE-2019-14821
CVE-2019-14835
CVE-2019-14896
CVE-2019-14897
CVE-2019-15098
CVE-2019-15211
CVE-2019-15212
CVE-2019-15214
CVE-2019-15215
CVE-2019-15216
CVE-2019-15217
CVE-2019-15218
CVE-2019-15219
CVE-2019-15220
CVE-2019-15221
CVE-2019-15290
CVE-2019-15291
CVE-2019-15505
CVE-2019-15666
CVE-2019-15807
CVE-2019-15902
CVE-2019-15924
CVE-2019-15926
CVE-2019-15927
CVE-2019-15961
CVE-2019-16231
CVE-2019-16232
CVE-2019-16233
CVE-2019-16234
CVE-2019-16413
CVE-2019-16995
CVE-2019-17055
CVE-2019-17056
CVE-2019-17133
CVE-2019-17666
CVE-2019-18197
CVE-2019-18680
CVE-2019-18805
CVE-2019-9456
CVE-2019-9506
CVE-2020-11985
CVE-2020-11993
CVE-2020-3123
CVE-2020-3327
CVE-2020-3341
CVE-2020-3350
CVE-2020-3481
CVE-2020-9490
SUSE-SU-2017:1040-1
SUSE-SU-2017:1357-1
SUSE-SU-2018:0012-1
SUSE-SU-2018:0407-1
SUSE-SU-2018:1007-1
SUSE-SU-2018:2081-1
SUSE-SU-2018:2825-1
SUSE-SU-2019:2230-1
SUSE-SU-2019:2984-1
SUSE-SU-2020:0920-2
SUSE-SU-2020:2450-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libcdio16-0.94-lp150.4 is installed
  • OR libiso9660-10-0.94-lp150.4 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • chromedriver-77.0.3865.90-lp151.2.33 is installed
  • OR chromium-77.0.3865.90-lp151.2.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libsndfile-1.0.25-28 is installed
  • OR libsndfile1-1.0.25-28 is installed
  • OR libsndfile1-32bit-1.0.25-28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • kernel-default-4.4.121-92.125 is installed
  • OR kernel-default-base-4.4.121-92.125 is installed
  • OR kernel-default-devel-4.4.121-92.125 is installed
  • OR kernel-devel-4.4.121-92.125 is installed
  • OR kernel-macros-4.4.121-92.125 is installed
  • OR kernel-source-4.4.121-92.125 is installed
  • OR kernel-syms-4.4.121-92.125 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.52 is installed
  • OR libopenssl1_0_0-1.0.2j-60.52 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.52 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.52 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.52 is installed
  • OR openssl-1.0.2j-60.52 is installed
  • OR openssl-doc-1.0.2j-60.52 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • xen-4.7.6_02-43.36 is installed
  • OR xen-doc-html-4.7.6_02-43.36 is installed
  • OR xen-libs-4.7.6_02-43.36 is installed
  • OR xen-libs-32bit-4.7.6_02-43.36 is installed
  • OR xen-tools-4.7.6_02-43.36 is installed
  • OR xen-tools-domU-4.7.6_02-43.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND ft2demos-2.6.3-7.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • ibus-1.5.13-15.11 is installed
  • OR ibus-gtk-1.5.13-15.11 is installed
  • OR ibus-gtk3-1.5.13-15.11 is installed
  • OR ibus-lang-1.5.13-15.11 is installed
  • OR libibus-1_0-5-1.5.13-15.11 is installed
  • OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • nfs-client-1.3.0-34.22 is installed
  • OR nfs-doc-1.3.0-34.22 is installed
  • OR nfs-kernel-server-1.3.0-34.22 is installed
  • OR nfs-utils-1.3.0-34.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND clamav-0.103.0-33.32.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libtiff5-4.0.9-44.24 is installed
  • OR libtiff5-32bit-4.0.9-44.24 is installed
  • OR tiff-4.0.9-44.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND xrdp-0.9.0~git.1456906198.f422461-21.27 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libpolkit0-0.113-5.18 is installed
  • OR polkit-0.113-5.18 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-Django-1.11.11-3.3 is installed
    • BACK