Security update for clamav SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:0906-1 Final 1 1 2015-05-11T15:59:23Z current 2015-05-11T15:59:23Z 2015-05-11T15:59:23Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for clamav The ClamAV antivirus engine was updated to version 0.98.7 to fix several security and non-security issues. The following vulnerabilities were fixed (bsc#929192): * CVE-2015-2170: Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. * CVE-2015-2221: Fix infinite loop condition on crafted y0da cryptor file. Identified and patch suggested by Sebastian Andrzej Siewior. * CVE-2015-2222: Fix crash on crafted petite packed file. Reported and patch supplied by Sebastian Andrzej Siewior. * CVE-2015-2668: Fix an infinite loop condition on a crafted 'xz' archive file. This was reported by Dimitri Kirchner and Goulven Guiheux. * CVE-2015-2305: Apply upstream patch for possible heap overflow in Henry Spencer's regex library. The following bugfixes were applyed (bsc#929192): * Fix false negatives on files within iso9660 containers. This issue was reported by Minzhuan Gong. * Fix a couple crashes on crafted upack packed file. Identified and patches supplied by Sebastian Andrzej Siewior. * Fix a crash during algorithmic detection on crafted PE file. Identified and patch supplied by Sebastian Andrzej Siewior. * Fix compilation error after ./configure --disable-pthreads. Reported and fix suggested by John E. Krokes. * Fix segfault scanning certain HTML files. Reported with sample by Kai Risku. * Improve detections within xar/pkg files. * Improvements to PDF processing: decryption, escape sequence handling, and file property collection. * Scanning/analysis of additional Microsoft Office 2003 XML format. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html E-Mail link for openSUSE-SU-2015:0906-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings clamav-0.98.7-33.1 The upx decoder in ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted file. CVE-2015-2170 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html https://www.suse.com/security/cve/CVE-2015-2170.html CVE-2015-2170 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/921950 SUSE Bug 921950 https://bugzilla.suse.com/922560 SUSE Bug 922560 https://bugzilla.suse.com/929192 SUSE Bug 929192 ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted y0da cryptor file. CVE-2015-2221 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html https://www.suse.com/security/cve/CVE-2015-2221.html CVE-2015-2221 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/921950 SUSE Bug 921950 https://bugzilla.suse.com/922560 SUSE Bug 922560 https://bugzilla.suse.com/929192 SUSE Bug 929192 ClamAV before 0.98.7 allows remote attackers to cause a denial of service (crash) via a crafted petite packed file. CVE-2015-2222 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html https://www.suse.com/security/cve/CVE-2015-2222.html CVE-2015-2222 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/921950 SUSE Bug 921950 https://bugzilla.suse.com/922560 SUSE Bug 922560 https://bugzilla.suse.com/929192 SUSE Bug 929192 Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. CVE-2015-2305 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html https://www.suse.com/security/cve/CVE-2015-2305.html CVE-2015-2305 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/921950 SUSE Bug 921950 https://bugzilla.suse.com/922022 SUSE Bug 922022 https://bugzilla.suse.com/922028 SUSE Bug 922028 https://bugzilla.suse.com/922030 SUSE Bug 922030 https://bugzilla.suse.com/922043 SUSE Bug 922043 https://bugzilla.suse.com/922560 SUSE Bug 922560 https://bugzilla.suse.com/922567 SUSE Bug 922567 https://bugzilla.suse.com/929192 SUSE Bug 929192 https://bugzilla.suse.com/980366 SUSE Bug 980366 ClamAV before 0.98.7 allows remote attackers to cause a denial of service (infinite loop) via a crafted xz archive file. CVE-2015-2668 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html https://www.suse.com/security/cve/CVE-2015-2668.html CVE-2015-2668 https://bugzilla.suse.com/1040662 SUSE Bug 1040662 https://bugzilla.suse.com/921950 SUSE Bug 921950 https://bugzilla.suse.com/922560 SUSE Bug 922560 https://bugzilla.suse.com/929192 SUSE Bug 929192