FEDORA-2024-34474f346b
Packages in this update:
clamav-1.0.6-1.fc40
Update description:
ClamAV 1.0.6 is a critical patch release with the following fixes:
Updated select Rust dependencies to the latest versions. This resolved Cargo audit complaints and included PNG parser bug fixes.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1225
Fixed a bug causing some text to be truncated when converting from UTF-16.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1232
Fixed assorted complaints identified by Coverity static analysis.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1237
Fixed a bug causing CVDs downloaded by the DatabaseCustomURL Freshclam config option to be pruned and then re-downloaded with every update.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1240
Added the new ‘valhalla’ database name to the list of optional databases in preparation for future work.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1240
Silenced a warning “Unexpected early end-of-file” that occured when scanning some PNG files.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1216
More Stories
USN-7202-1: HPLIP vulnerability
Kevin Backhouse discovered that HPLIP incorrectly handled certain MDNS responses. A remote attacker could use this issue to cause HPLIP...
USN-7201-1: WebKitGTK vulnerabilities
Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a...
USN-7200-1: Roundcube vulnerability
It was discovered that Roundcube incorrectly handled certain file-based attachment plugins. An attacker could exploit this to gain unauthorized access...
USN-6940-2: snapd vulnerabilities
USN-6940-1 fixed vulnerabilities in snapd. This update provides the corresponding updates for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Original...
USN-7199-1: xmltok library vulnerabilities
It was discovered that Expat, contained within the xmltok library, incorrectly handled malformed XML data. If a user or application...
ZDI-25-027: (Pwn2Own) Google Chrome VideoFrame Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google Chrome. User interaction is required to...