Read Time:57 Second

FEDORA-EPEL-2023-466d8ae059

Packages in this update:

clamav-0.103.8-3.el7

Update description:

Fix daily.cvd file
Split out documentation into separate -doc sub-package
(#2128276) Please port your pcre dependency to pcre2
Explicit dependency on systemd since systemd-devel no longer has this dependency on F37+
(#2136977) not requires data(clamav) on clamav-libs
(#2023371) Add documentation to preserve user permissions of DatabaseOwner

ClamAV 0.103.8 is a critical patch release with the following fixes:

CVE-2023-20032https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.

CVE-2023-20052https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.

Smashing Security podcast #412: Signalgate sucks, and the quandary of quishing

WK Kellogg Confirms Data Breach Tied to Cleo Software Exploit

Precision-Validated Phishing Elevates Credential Theft Risks

Ransomware Attacks Hit All-Time High as Payoffs Dwindle

How to Leak to a Journalist

Three-Quarters of IT Leaders Fear Nation-State AI Cyber Threats

Microsoft Fixes Over 130 CVEs in April Patch Tuesday

NCSC Warns of Spyware Targeting Chinese and Taiwanese Diaspora

Patch Tuesday, April 2025 Edition

clamav-0.103.8-3.el7

FEDORA-EPEL-2023-466d8ae059

Packages in this update:

Update description:

USN-7426-2: poppler vulnerabilities

fish-3.7.1-2.el9

USN-7429-2: Linux kernel (FIPS) vulnerabilities

USN-7429-1: Linux kernel vulnerabilities

USN-7428-2: Linux kernel (FIPS) vulnerabilities

USN-7428-1: Linux kernel vulnerabilities