Oval Definition:oval:org.opensuse.security:def:59450
Revision Date:2020-12-22Version:1
Title:Security update for clamav (Important)
Description:

This update for clamav fixes the following issues:

clamav was updated to 0.103.0 to implement jsc#ECO-3010 and bsc#1118459.

clamd can now reload the signature database without blocking scanning. This multi-threaded database reload improvement was made possible thanks to a community effort. - Non-blocking database reloads are now the default behavior. Some systems that are more constrained on RAM may need to disable non-blocking reloads as it will temporarily consume two times as much memory. We added a new clamd config option ConcurrentDatabaseReload, which may be set to no. * Fix clamav-milter.service (requires clamd.service to run) * bsc#1119353, clamav-fips.patch: Fix freshclam crash in FIPS mode. * Partial sync with SLE15.

Update to version 0.102.4

Accumulated security fixes:

CVE-2020-3350: Fix a vulnerability wherein a malicious user could replace a scan target's directory with a symlink to another path to trick clamscan, clamdscan, or clamonacc into removing or moving a different file (eg. a critical system file). The issue would affect users that use the --move or --remove options for clamscan, clamdscan, and clamonacc. (bsc#1174255) * CVE-2020-3327: Fix a vulnerability in the ARJ archive parsing module in ClamAV 0.102.3 that could cause a Denial-of-Service (DoS) condition. Improper bounds checking results in an out-of-bounds read which could cause a crash. The previous fix for this CVE in 0.102.3 was incomplete. This fix correctly resolves the issue. * CVE-2020-3481: Fix a vulnerability in the EGG archive module in ClamAV 0.102.0 - 0.102.3 could cause a Denial-of-Service (DoS) condition. Improper error handling may result in a crash due to a NULL pointer dereference. This vulnerability is mitigated for those using the official ClamAV signature databases because the file type signatures in daily.cvd will not enable the EGG archive parser in versions affected by the vulnerability. (bsc#1174250) * CVE-2020-3341: Fix a vulnerability in the PDF parsing module in ClamAV 0.101 - 0.102.2 that could cause a Denial-of-Service (DoS) condition. Improper size checking of a buffer used to initialize AES decryption routines results in an out-of-bounds read which may cause a crash. (bsc#1171981) * CVE-2020-3123: A denial-of-service (DoS) condition may occur when using the optional credit card data-loss-prevention (DLP) feature. Improper bounds checking of an unsigned variable resulted in an out-of-bounds read, which causes a crash. * CVE-2019-15961: A Denial-of-Service (DoS) vulnerability may occur when scanning a specially crafted email file as a result of excessively long scan times. The issue is resolved by implementing several maximums in parsing MIME messages and by optimizing use of memory allocation. (bsc#1157763). * CVE-2019-12900: An out of bounds write in the NSIS bzip2 (bsc#1149458) * CVE-2019-12625: Introduce a configurable time limit to mitigate zip bomb vulnerability completely. Default is 2 minutes, configurable useing the clamscan --max-scantime and for clamd using the MaxScanTime config option (bsc#1144504)

Update to version 0.101.3:

ZIP bomb causes extreme CPU spikes (bsc#1144504)

Update to version 0.101.2 (bsc#1118459):

Support for RAR v5 archive extraction. * Incompatible changes to the arguments of cl_scandesc, cl_scandesc_callback, and cl_scanmap_callback. * Scanning options have been converted from a single flag bit-field into a structure of multiple categorized flag bit-fields. * The CL_SCAN_HEURISTIC_ENCRYPTED scan option was replaced by 2 new scan options: CL_SCAN_HEURISTIC_ENCRYPTED_ARCHIVE, and CL_SCAN_HEURISTIC_ENCRYPTED_DOC * Incompatible clamd.conf and command line interface changes. * Heuristic Alerts' (aka 'Algorithmic Detection') options have been changed to make the names more consistent. The original options are deprecated in 0.101, and will be removed in a future feature release. * For details, see https://blog.clamav.net/2018/12/clamav-01010-has-been-released.html
Family:unixClass:patch
Status:Reference(s):1011348
1021578
1022062
1028744
1029638
1029639
1029706
1029707
1029751
1039513
1044016
1050947
1058425
1064232
1076110
1083635
1085042
1086652
1087081
1089343
1090123
1091171
1094248
1096130
1096480
1096978
1097140
1097551
1098016
1098425
1098435
1099924
1100089
1100416
1100418
1100491
1101557
1102340
1102851
1103097
1103119
1103580
1106119
1111634
1111635
1118459
1119353
1119553
1119554
1119555
1119556
1119557
1119558
1130721
1131060
1135902
1139073
1140402
1141035
1143794
1144504
1149458
1155321
1155988
1156318
1157763
1159329
1160968
1161719
1161799
1163809
1165528
1169658
1170643
1171981
1174250
1174255
988274
CVE-2010-3170
CVE-2011-3172
CVE-2011-3389
CVE-2011-3640
CVE-2013-0743
CVE-2013-0791
CVE-2013-1620
CVE-2013-1739
CVE-2013-1740
CVE-2013-5605
CVE-2014-1492
CVE-2014-1568
CVE-2014-1569
CVE-2015-4000
CVE-2015-7181
CVE-2015-7182
CVE-2015-7575
CVE-2016-1938
CVE-2016-1950
CVE-2016-1978
CVE-2016-1979
CVE-2016-2834
CVE-2016-5285
CVE-2016-8635
CVE-2016-9074
CVE-2016-9574
CVE-2017-11671
CVE-2017-14482
CVE-2017-18344
CVE-2017-6435
CVE-2017-6436
CVE-2017-6437
CVE-2017-6438
CVE-2017-6439
CVE-2018-1000807
CVE-2018-1000808
CVE-2018-13053
CVE-2018-13405
CVE-2018-13406
CVE-2018-14734
CVE-2018-3620
CVE-2018-3646
CVE-2018-4437
CVE-2018-4438
CVE-2018-4441
CVE-2018-4442
CVE-2018-4443
CVE-2018-4464
CVE-2018-5390
CVE-2018-5391
CVE-2018-5814
CVE-2018-9385
CVE-2019-11135
CVE-2019-11139
CVE-2019-12155
CVE-2019-12900
CVE-2019-13164
CVE-2019-14378
CVE-2019-15961
CVE-2019-1787
CVE-2019-1788
CVE-2019-1789
CVE-2019-3880
CVE-2019-8625
CVE-2019-8710
CVE-2019-8720
CVE-2019-8743
CVE-2019-8764
CVE-2019-8766
CVE-2019-8769
CVE-2019-8771
CVE-2019-8782
CVE-2019-8783
CVE-2019-8808
CVE-2019-8811
CVE-2019-8812
CVE-2019-8813
CVE-2019-8814
CVE-2019-8815
CVE-2019-8816
CVE-2019-8819
CVE-2019-8820
CVE-2019-8823
CVE-2019-8835
CVE-2019-8844
CVE-2019-8846
CVE-2020-10018
CVE-2020-11793
CVE-2020-2583
CVE-2020-2590
CVE-2020-2593
CVE-2020-2601
CVE-2020-2604
CVE-2020-2654
CVE-2020-2659
CVE-2020-3123
CVE-2020-3327
CVE-2020-3341
CVE-2020-3350
CVE-2020-3481
CVE-2020-3862
CVE-2020-3864
CVE-2020-3865
CVE-2020-3867
CVE-2020-3868
CVE-2020-3899
CVE-2020-6796
CVE-2020-6797
CVE-2020-6798
CVE-2020-6799
CVE-2020-6800
SUSE-SU-2017:2201-1
SUSE-SU-2017:2526-1
SUSE-SU-2017:2529-1
SUSE-SU-2018:4063-1
SUSE-SU-2019:0897-1
SUSE-SU-2019:1195-1
SUSE-SU-2019:2157-1
SUSE-SU-2019:2988-1
SUSE-SU-2020:0261-1
SUSE-SU-2020:1135-1
SUSE-SU-2020:1211-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND icoutils-0.31.3-lp150.1 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libtasn1-4.13-lp151.4.3 is installed
  • OR libtasn1-6-4.13-lp151.4.3 is installed
  • OR libtasn1-6-32bit-4.13-lp151.4.3 is installed
  • OR libtasn1-devel-4.13-lp151.4.3 is installed
  • OR libtasn1-devel-32bit-4.13-lp151.4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • python-cryptography-1.3.1-7.13 is installed
  • OR python-pyOpenSSL-16.0.0-4.11 is installed
  • OR python-setuptools-18.0.1-4.8 is installed
  • OR python3-cryptography-1.3.1-7.13 is installed
  • OR python3-pyOpenSSL-16.0.0-4.11 is installed
  • OR python3-setuptools-18.0.1-4.8 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kernel-default-4.4.121-92.92 is installed
  • OR kernel-default-base-4.4.121-92.92 is installed
  • OR kernel-default-devel-4.4.121-92.92 is installed
  • OR kernel-devel-4.4.121-92.92 is installed
  • OR kernel-macros-4.4.121-92.92 is installed
  • OR kernel-source-4.4.121-92.92 is installed
  • OR kernel-syms-4.4.121-92.92 is installed
  • OR kgraft-patch-4_4_121-92_92-default-1-3.7 is installed
  • OR kgraft-patch-SLE12-SP2_Update_24-1-3.7 is installed
  • OR lttng-modules-2.7.1-9.4 is installed
  • OR lttng-modules-kmp-default-2.7.1_k4.4.121_92.92-9.4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libfreebl3-3.29.5-57 is installed
  • OR libfreebl3-32bit-3.29.5-57 is installed
  • OR libfreebl3-hmac-3.29.5-57 is installed
  • OR libfreebl3-hmac-32bit-3.29.5-57 is installed
  • OR libsoftokn3-3.29.5-57 is installed
  • OR libsoftokn3-32bit-3.29.5-57 is installed
  • OR libsoftokn3-hmac-3.29.5-57 is installed
  • OR libsoftokn3-hmac-32bit-3.29.5-57 is installed
  • OR mozilla-nss-3.29.5-57 is installed
  • OR mozilla-nss-32bit-3.29.5-57 is installed
  • OR mozilla-nss-certs-3.29.5-57 is installed
  • OR mozilla-nss-certs-32bit-3.29.5-57 is installed
  • OR mozilla-nss-sysinit-3.29.5-57 is installed
  • OR mozilla-nss-sysinit-32bit-3.29.5-57 is installed
  • OR mozilla-nss-tools-3.29.5-57 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • nfs-client-1.3.0-34.22 is installed
  • OR nfs-doc-1.3.0-34.22 is installed
  • OR nfs-kernel-server-1.3.0-34.22 is installed
  • OR nfs-utils-1.3.0-34.22 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kernel-default-4.4.180-94.107 is installed
  • OR kernel-default-base-4.4.180-94.107 is installed
  • OR kernel-default-devel-4.4.180-94.107 is installed
  • OR kernel-default-kgraft-4.4.180-94.107 is installed
  • OR kernel-devel-4.4.180-94.107 is installed
  • OR kernel-macros-4.4.180-94.107 is installed
  • OR kernel-source-4.4.180-94.107 is installed
  • OR kernel-syms-4.4.180-94.107 is installed
  • OR kgraft-patch-4_4_180-94_107-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_29-1-4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.68 is installed
  • OR libgcrypt20-1.6.1-16.68 is installed
  • OR libgcrypt20-32bit-1.6.1-16.68 is installed
  • OR libgcrypt20-hmac-1.6.1-16.68 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND ucode-intel-20180807-13.29 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • gdk-pixbuf-loader-rsvg-2.40.20-5.6 is installed
  • OR librsvg-2-2-2.40.20-5.6 is installed
  • OR librsvg-2-2-32bit-2.40.20-5.6 is installed
  • OR rsvg-view-2.40.20-5.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND clamav-0.103.0-33.32.1 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.1-2.50 is installed
  • OR libwebkit2gtk-4_0-37-2.28.1-2.50 is installed
  • OR libwebkit2gtk3-lang-2.28.1-2.50 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.1-2.50 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.1-2.50 is installed
  • OR webkit2gtk3-2.28.1-2.50 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • xorg-x11-server-1.19.6-4.11 is installed
  • OR xorg-x11-server-extra-1.19.6-4.11 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.2-2.53 is installed
  • OR libwebkit2gtk-4_0-37-2.28.2-2.53 is installed
  • OR libwebkit2gtk3-lang-2.28.2-2.53 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.2-2.53 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.2-2.53 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.2-2.53 is installed
  • OR webkit2gtk3-2.28.2-2.53 is installed
  • BACK