Read Time:42 Second
FEDORA-2023-d686b8d48f
Packages in this update:
clamav-0.103.8-1.fc37
Update description:
ClamAV 0.103.8 is a critical patch release with the following fixes:
CVE-2023-20032https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.
CVE-2023-20052https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.