[Bug 1174250] VUL-1: CVE-2020-3481: clamav: improper error handling causing crash due to NULL pointer dereference

http://bugzilla.opensuse.org/show_bug.cgi?id=1174250 http://bugzilla.opensuse.org/show_bug.cgi?id=1174250#c1 --- Comment #1 from Alexandros Toptsoglou --- egg parser was introduced in version 0.102. We ship only older versions. Only Factory is affected. Please upgrade to 0.102.4. The respective fix is located at [1]. Note that the commit/fix also takes care some memory leaks that could also be back-ported to our SLE versions. However, this CVE is against the egg archive module and thus we track our SLE versions as not affected. [1] https://github.com/Cisco-Talos/clamav-devel/commit/20490786224f4a8256fb395de... -- You are receiving this mail because: You are on the CC list for the bug.