openSUSE Recommended Update: clamav: Update to 0.98.3 ______________________________________________________________________________ Announcement ID: openSUSE-RU-2014:0708-1 Rating: moderate References: #877475 Affected Products: openSUSE 13.1 openSUSE 12.3 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update fixes the following issues with clamav: - bnc#877475: Update to 0.98.3 + Support for common raw disk image formats using 512 byte sectors, specifically GPT, APM, and MBR partitioning. + Experimental support of OpenIOC files. ClamAV will now extract file hashes from OpenIOC files residing in the signature database location, and generate ClamAV hash signatures. ClamAV uses no other OpenIOC features at this time. No OpenIOC files will be delivered through freshclam. See openioc.org and iocbucket.com for additional information about OpenIOC. + All ClamAV sockets (clamd, freshclam, clamav-milter, clamdscan, clamdtop) now support IPV6 addresses and configuration parameters. + Use OpenSSL file hash functions for improved performance. OpenSSL is now prerequisite software for ClamAV 0.98.3. + Improved detection of malware scripts within image files. + Change to circumvent possible denial of service when processing icons within specially crafted PE files. Icon limits are now in place with corresponding clamd and clamscan configuration parameters. + Improvements to the fidelity of the ClamAV pattern matcher. + Opt-in collection of statistics. * Statistics collected are: sizes and MD5 hashes of files, PE file section counts and section MD5 hashes, and names and counts of detected viruses. Enable statistics collection with the --enable-stats clamscan flag or StatsEnabled clamd configuration parameter. + Improvements to ClamAV build process, unit tests, and platform support. + Improve error handling in freshclam. + ClamAV 0.98.3 also includes miscellaneous bug fixes and documentation improvements. Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch openSUSE-2014-388 - openSUSE 12.3: zypper in -t patch openSUSE-2014-388 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.1 (i586 x86_64): clamav-0.98.3-10.2 clamav-debuginfo-0.98.3-10.2 clamav-debugsource-0.98.3-10.2 - openSUSE 12.3 (i586 x86_64): clamav-0.98.3-5.18.2 clamav-debuginfo-0.98.3-5.18.2 clamav-debugsource-0.98.3-5.18.2 References: https://bugzilla.novell.com/877475