---------------------------------------------------------------------------- Debian Stable Updates Announcement SUA 231-1 https://www.debian.org/ debian-release@lists.debian.org Sebastian Andrzej Siewior February 20th, 2023 ---------------------------------------------------------------------------- Package : clamav Version : 0.103.8+dfsg-0+deb11u1 [bullseye] Importance : medium ClamAV is an AntiVirus toolkit for Unix. Upstream published version 0.103.8. This is a bug-fix release and an upstream LTS release. The changes are not currently required for operation, but upstream strongly recommends that users update. Changes since 0.103.7 currently in bullseye include fixes for two security issues: CVE-2023-20032: Possible remote code execution vulnerability in the HFS+ file parser. CVE-2023-20052: Possible remote information leak vulnerability in the DMG file parser. If you use clamav, we recommend that you install this update. Upgrade Instructions -------------------- You can get the updated packages by adding the stable-updates archive to your /etc/apt/sources.list: deb https://deb.debian.org/debian bullseye-updates main deb-src https://deb.debian.org/debian bullseye-updates main You can also use any of the Debian archive mirrors. See https://www.debian.org/mirrors/list for the full list of mirrors. For further information about stable-updates, please refer to https://lists.debian.org/debian-devel-announce/2011/03/msg00010.html If you encounter any issues, please don't hesitate to get in touch with the Debian Release Team at debian-release@lists.debian.org
Attachment:
signature.asc
Description: This is a digitally signed message part