[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SUA 240-1] Updated clamav package



----------------------------------------------------------------------------
Debian Stable Updates Announcement SUA 240-1         https://www.debian.org/
debian-release@lists.debian.org                    Sebastian Andrzej Siewior
September 14th, 2023
----------------------------------------------------------------------------

Package              : clamav
Version              : 1.0.3+dfsg-1~deb12u1 [bookworm]
                       0.103.10+dfsg-0+deb11u1 [bullseye]
Importance           : medium

ClamAV is an AntiVirus toolkit for Unix.

Upstream published versions 1.0.3 and 0.103.10.

This is a bug-fix release and an upstream LTS release. The changes are not
currently required for operation, but upstream strongly recommends that users
update.

Changes since 1.0.1 and 0.103.8 currently in bookworm and bullseye include
fixes for security issues:

    CVE-2023-20197: Possible denial of service vulnerability in the HFS+
                    file parser.

    CVE-2023-20212: Possible denial of service vulnerability in the AutoIt
                    module.

If you use clamav, we recommend that you install this update.

Upgrade Instructions
--------------------

You can get the updated packages by adding the stable-updates archive
for your distribution to your /etc/apt/sources.list:

 deb https://deb.debian.org/debian bookworm-updates main
 deb-src https://deb.debian.org/debian bookworm-updates main

  or

 deb https://deb.debian.org/debian bullseye-updates main
 deb-src https://deb.debian.org/debian bullseye-updates main

You can also use any of the Debian archive mirrors. See
https://www.debian.org/mirrors/list for the full list of mirrors.

For further information about stable-updates, please refer to
https://lists.debian.org/debian-devel-announce/2011/03/msg00010.html

If you encounter any issues, please don't hesitate to get in touch with
the Debian Release Team at debian-release@lists.debian.org

Attachment: signature.asc
Description: This is a digitally signed message part


Reply to: