SUSE-SU-2015:0291-1

Source
https://www.suse.com/support/update/announcement/2015/suse-su-20150291-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:0291-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2015:0291-1
Related
Published
2015-02-06T10:49:40Z
Modified
2015-02-06T10:49:40Z
Summary
Security update for clamav
Details

clamav was updated to version 0.98.6 to fix four security issues.

These security issues were fixed: - CVE-2015-1462: ClamAV allowed remote attackers to have unspecified impact via a crafted upx packer file, related to a heap out of bounds condition (bnc#916214). - CVE-2015-1463: ClamAV allowed remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an incorrect compiler optimization (bnc#916215). - CVE-2014-9328: ClamAV allowed remote attackers to have unspecified impact via a crafted upack packer file, related to a heap out of bounds condition (bnc#915512). - CVE-2015-1461: ClamAV allowed remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a heap out of bounds condition (bnc#916217).

References

Affected packages

SUSE:Linux Enterprise Desktop 12 / clamav

Package

Name
clamav
Purl
purl:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Desktop%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.98.6-10.1

Ecosystem specific

{
    "binaries": [
        {
            "clamav": "0.98.6-10.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 / clamav

Package

Name
clamav
Purl
purl:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Server%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.98.6-10.1

Ecosystem specific

{
    "binaries": [
        {
            "clamav": "0.98.6-10.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 / clamav

Package

Name
clamav
Purl
purl:rpm/suse/clamav&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.98.6-10.1

Ecosystem specific

{
    "binaries": [
        {
            "clamav": "0.98.6-10.1"
        }
    ]
}