----------------------------------------------------------------------------
Debian Stable Updates Announcement SUA 231-1 https://www.debian.org/
debian-release@lists.debian.org Sebastian Andrzej Siewior
February 20th, 2023
----------------------------------------------------------------------------
Package : clamav
Version : 0.103.8+dfsg-0+deb11u1 [bullseye]
Importance : medium
ClamAV is an AntiVirus toolkit for Unix.
Upstream published version 0.103.8.
This is a bug-fix release and an upstream LTS release. The changes are not
currently required for operation, but upstream strongly recommends that users
update.
Changes since 0.103.7 currently in bullseye include fixes for two security
issues:
CVE-2023-20032: Possible remote code execution vulnerability in the HFS+
file parser.
CVE-2023-20052: Possible remote information leak vulnerability in the
DMG file parser.
If you use clamav, we recommend that you install this update.
Upgrade Instructions
--------------------
You can get the updated packages by adding the stable-updates archive
to your /etc/apt/sources.list:
deb https://deb.debian.org/debian bullseye-updates main
deb-src https://deb.debian.org/debian bullseye-updates main
You can also use any of the Debian archive mirrors. See
https://www.debian.org/mirrors/list for the full list of mirrors.
For further information about stable-updates, please refer to
https://lists.debian.org/debian-devel-announce/2011/03/msg00010.html
If you encounter any issues, please don't hesitate to get in touch with
the Debian Release Team at debian-release@lists.debian.org
Attachment:
signature.asc
Description: This is a digitally signed message part