FS#54730 - [clamav] clamav affected by unrar vulnerability
Attached to Project:
Arch Linux
Opened by alex (kabolt) - Friday, 07 July 2017, 06:31 GMT
Last edited by Levente Polyak (anthraxx) - Monday, 22 October 2018, 19:39 GMT
Opened by alex (kabolt) - Friday, 07 July 2017, 06:31 GMT
Last edited by Levente Polyak (anthraxx) - Monday, 22 October 2018, 19:39 GMT
|
Details
Description:
clamav uses an own rar library for decompressing and the last update was in may. So most probably the hole is in archlinux present. In SUSE they fixed the vulnerability yesterday. German: https://www.pro-linux.de/sicherheit/2/39454/ausf%C3%BChren-beliebiger-kommandos-in-clam-antivirus.html English: https://bugzilla.suse.com/show_bug.cgi?id=1045490 |
This task depends upon
Closed by Levente Polyak (anthraxx)
Monday, 22 October 2018, 19:39 GMT
Reason for closing: Fixed
Additional comments about closing: fix present in 0.100.2
Monday, 22 October 2018, 19:39 GMT
Reason for closing: Fixed
Additional comments about closing: fix present in 0.100.2