[CLSA-2025:1756923561] clamav: Fix of 8 CVEs
Type:
security
Severity:
None
Release date:
2025-09-03 18:19:25 UTC
Description:
- Update to 1.0.9 LTS version - CVE-2025-20260: Fixed a possible buffer overflow write bug in the PDF file parser - CVE-2025-20128: Fixed a possible buffer overflow read bug in the OLE2 file parser - CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the 'clamd' or 'freshclam' services from using a symlink to corrupt system files - CVE-2024-20290: Fixed a possible heap overflow read bug in the OLE2 file parser - CVE-2024-20328: Fixed a possible command injection in the 'VirusEvent' feature of the clamd service - CVE-2023-20197: Fixed a possible denial of service in the HFS+ parser - CVE-2023-20212: Fixed a possible DoS in the AutoIT file parser - CVE-2023-20052: Fixed a possible remote information leak in the DMG file parser
Updated packages:
  • clamav-1.0.9-1.el6.tuxcare.els1.x86_64.rpm
    sha:6ee835b7995d016497c196d72e3135e0404a2b6058ff4d868f61d5fcec67dbd3
  • clamav-data-1.0.9-1.el6.tuxcare.els1.noarch.rpm
    sha:d986c3ba6b8dd7343cd630d5402a9435284a00ab9e7eaf0327b13ce96ea95514
  • clamav-devel-1.0.9-1.el6.tuxcare.els1.x86_64.rpm
    sha:47b97c74cde8fe69346699d135ea92155bffbe5b7973dd7d51e43a51d0cb64c5
  • clamav-doc-1.0.9-1.el6.tuxcare.els1.noarch.rpm
    sha:3c62d8460c9b2e6ae5a4c6787a6f65babbf113dddd308ce46c88df5f108d9d8a
  • clamav-filesystem-1.0.9-1.el6.tuxcare.els1.noarch.rpm
    sha:1dd4d72d0172489ed9e964d46dbd3418cea3f54fa8c6be9da27cf230cdbdc35f
  • clamav-freshclam-1.0.9-1.el6.tuxcare.els1.x86_64.rpm
    sha:5cf7c8054b4e4c5c78bea2750e6529072662f19fbeb17071f84e9c6c661a6dd1
  • clamav-lib-1.0.9-1.el6.tuxcare.els1.x86_64.rpm
    sha:429c596375ac8aab74b4722f5cffdf455237a1b545c979258a99d4361f5e9b4c
  • clamav-milter-1.0.9-1.el6.tuxcare.els1.x86_64.rpm
    sha:8b2ce9c6cfa5e349dfeb3f469d46bf24b6c8651ad94b88e58aee8ab3941ab368
  • clamd-1.0.9-1.el6.tuxcare.els1.x86_64.rpm
    sha:77aa75236b8cdcb7db23f4d91d3e3ce976aa494a01041f05f783a0c26ca6ef67
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.