openSUSE Recommended Update: Recommended update for clamav ______________________________________________________________________________
Announcement ID: openSUSE-RU-2016:1545-1 Rating: moderate References: #978459 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
ClamAV was updated to version 0.99.2, which brings fixes and enhancements:
- Fix 7z's FolderStartPackStreamIndex array index check. - Print all CDBNAME entries for a zip file when using the -z flag. - clamunrar: Notice if unpacking comment failed. - Use temporary variable for realloc to prevent pointer loss. - freshclam: Avoid random data in mirrors.dat. - libclamav: Print raw certificate metadata. - Fix download and verification of *.cld through PrivateMirrors. - Suppress IP notification when using proxy. - Remove redundant mempool assignment. - Divide out dumpcerts output for better readability. - Fix dconf and option handling for nocert and dumpcert. - Increase clamd's soft file descriptor to its potential maximum on 64-bit systems. - Move libfreshclam config to m4/reorganization. - Add 'cdb' datafile to sigtools list of datafile types. - Prevent memory allocations on used pointers. - Check packSizes prior to dereference - Fix inconsistent folder state on failure. - Add sanity checks to 7z header parsing.
For a comprehensive list of fixes please refer to the package's change log.
This update was imported from the SUSE:SLE-12:Update update project.
Patch Instructions:
To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product:
- openSUSE Leap 42.1:
zypper in -t patch openSUSE-2016-701=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.1 (i586 x86_64):
clamav-0.99.2-14.1 clamav-debuginfo-0.99.2-14.1 clamav-debugsource-0.99.2-14.1
References:
-
maintenanceļ¼ opensuse.org