Clamav 0.101.3 fixes a denial of service vulnerability: https://blog.clamav.net/2019/08/clamav-01013-security-patch-release-and.html Recently someone has created some ZIP files that use overlapping file segments to create enormous compression ratios: https://www.bamsoftware.com/hacks/zipbomb/ Passing these files to clamscan or clamdscan will cause enormous CPU usage. While this is "only" DoS it can practically take a server down that is scanning incoming mails with clamav. Please update.
Though it looks like the fix is incomplete: https://bugzilla.clamav.net/show_bug.cgi?id=12356 Probably we should still bump to 0.101.3, but expect a new release soon.
arm stable
arm64 stable
Repository is clean, all done!