Overview
Request 689824 accepted
- Update to version 0.101.2 (bsc#1130721)
* CVE-2019-1787:
An out-of-bounds heap read condition may occur when scanning PDF
documents. The defect is a failure to correctly keep track of the number
of bytes remaining in a buffer when indexing file data.
* CVE-2019-1789:
An out-of-bounds heap read condition may occur when scanning PE files
(i.e. Windows EXE and DLL files) that have been packed using Aspack as a
result of inadequate bound-checking.
* CVE-2019-1788:
An out-of-bounds heap write condition may occur when scanning OLE2 files
such as Microsoft Office 97-2003 documents. The invalid write happens when
an invalid pointer is mistakenly used to initialize a 32bit integer to
zero. This is likely to crash the application.
* CVE-2019-1786:
An out-of-bounds heap read condition may occur when scanning malformed
PDF documents as a result of improper bounds-checking.
* CVE-2019-1785:
A path-traversal write condition may occur as a result of improper
input validation when scanning RAR archives.
* CVE-2019-1798:
A use-after-free condition may occur as a result of improper error
handling when scanning nested RAR archives.
- added clamav-max_patch.patch to fix build
- dropped clamav-freshclam-exit.patch
- Update to version 0.101.1:
* Add missing headers to fix build of packages against libclamav.
- Add missing include for str.h to libclamav/others_common.c
(clamav-str-h.patch)
Request History
rmax created request
- Update to version 0.101.2 (bsc#1130721)
* CVE-2019-1787:
An out-of-bounds heap read condition may occur when scanning PDF
documents. The defect is a failure to correctly keep track of the number
of bytes remaining in a buffer when indexing file data.
* CVE-2019-1789:
An out-of-bounds heap read condition may occur when scanning PE files
(i.e. Windows EXE and DLL files) that have been packed using Aspack as a
result of inadequate bound-checking.
* CVE-2019-1788:
An out-of-bounds heap write condition may occur when scanning OLE2 files
such as Microsoft Office 97-2003 documents. The invalid write happens when
an invalid pointer is mistakenly used to initialize a 32bit integer to
zero. This is likely to crash the application.
* CVE-2019-1786:
An out-of-bounds heap read condition may occur when scanning malformed
PDF documents as a result of improper bounds-checking.
* CVE-2019-1785:
A path-traversal write condition may occur as a result of improper
input validation when scanning RAR archives.
* CVE-2019-1798:
A use-after-free condition may occur as a result of improper error
handling when scanning nested RAR archives.
- added clamav-max_patch.patch to fix build
- dropped clamav-freshclam-exit.patch
- Update to version 0.101.1:
* Add missing headers to fix build of packages against libclamav.
- Add missing include for str.h to libclamav/others_common.c
(clamav-str-h.patch)
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
staging-bot added openSUSE:Factory:Staging:adi:38 as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:38"
staging-bot accepted review
Picked openSUSE:Factory:Staging:adi:38
dimstar accepted review
licensedigger accepted review
ok
staging-bot accepted review
ready to accept
staging-bot approved review
ready to accept
dimstar_suse accepted request
Accept to openSUSE:Factory
