SUSE-SU-2015:0291-1
- Source
- https://www.suse.com/support/update/announcement/2015/suse-su-20150291-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:0291-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2015:0291-1
- Related
- Published
- 2015-02-06T10:49:40Z
- Modified
- 2015-02-06T10:49:40Z
- Summary
- Security update for clamav
- Details
-
clamav was updated to version 0.98.6 to fix four security issues.
These security issues were fixed: - CVE-2015-1462: ClamAV allowed remote attackers to have unspecified impact via a crafted upx packer file, related to a heap out of bounds condition (bnc#916214). - CVE-2015-1463: ClamAV allowed remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an incorrect compiler optimization (bnc#916215). - CVE-2014-9328: ClamAV allowed remote attackers to have unspecified impact via a crafted upack packer file, related to a heap out of bounds condition (bnc#915512). - CVE-2015-1461: ClamAV allowed remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a heap out of bounds condition (bnc#916217).
- References
-
- https://www.suse.com/support/update/announcement/2015/suse-su-20150291-1/
- https://bugzilla.suse.com/915512
- https://bugzilla.suse.com/916214
- https://bugzilla.suse.com/916215
- https://bugzilla.suse.com/916217
- https://www.suse.com/security/cve/CVE-2014-9328
- https://www.suse.com/security/cve/CVE-2015-1461
- https://www.suse.com/security/cve/CVE-2015-1462
- https://www.suse.com/security/cve/CVE-2015-1463
Affected packages
SUSE:Linux Enterprise Desktop 12 / clamav
Package
- Name
- clamav
- Purl
- purl:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Desktop%2012
SUSE:Linux Enterprise Server 12 / clamav
Package
- Name
- clamav
- Purl
- purl:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Server%2012