Read Time:57 Second

FEDORA-EPEL-2023-466d8ae059

Packages in this update:

clamav-0.103.8-3.el7

Update description:

Fix daily.cvd file
Split out documentation into separate -doc sub-package
(#2128276) Please port your pcre dependency to pcre2
Explicit dependency on systemd since systemd-devel no longer has this dependency on F37+
(#2136977) not requires data(clamav) on clamav-libs
(#2023371) Add documentation to preserve user permissions of DatabaseOwner

ClamAV 0.103.8 is a critical patch release with the following fixes:

CVE-2023-20032https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.

CVE-2023-20052https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.

Smashing Security podcast #414: Zoom.. just one click and your data goes boom!

DOGE Worker’s Code Supports NLRB Whistleblower

Regulating AI Behavior with a Hypervisor

Verizon’s DBIR Reveals 34% Jump in Vulnerability Exploitation

FBI Reveals “Staggering” $16.6bn Lost to Cybercrime in 2024

Vulnerability Exploitation and Credential Theft Now Top Initial Access Vectors

US Data Breach Victim Count Surges 26% Annually

M&S Grapples with Cyber Incident Affecting In-Store Services

Dutch Warn of “Whole of Society” Russian Cyber-Threat

clamav-0.103.8-3.el7

FEDORA-EPEL-2023-466d8ae059

Packages in this update:

Update description:

USN-7454-1: libarchive vulnerabilities

USN-7453-1: Linux kernel (Real-time) vulnerabilities

USN-7452-1: Linux kernel vulnerabilities

USN-7451-1: Linux kernel vulnerabilities

USN-7450-1: Linux kernel vulnerabilities

USN-7449-1: Linux kernel vulnerabilities