Bug 691546

Summary:	<app-antivirus/clamav-0.101.4: multiple vulnerabilities
Product:	Gentoo Security	Reporter:	Hanno Böck <hanno>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	minor	CC:	ab4bd, antivirus
Priority:	Normal	Flags:	stable-bot: sanity-check+
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html
Whiteboard:	B3 [noglsa]
Package list:	app-antivirus/clamav-0.101.4	Runtime testing required:	---

Description Hanno Böck gentoo-dev

2019-08-06 07:28:45 UTC

Clamav 0.101.3 fixes a denial of service vulnerability:
https://blog.clamav.net/2019/08/clamav-01013-security-patch-release-and.html

Recently someone has created some ZIP files that use overlapping file segments to create enormous compression ratios:
https://www.bamsoftware.com/hacks/zipbomb/

Passing these files to clamscan or clamdscan will cause enormous CPU usage.

While this is "only" DoS it can practically take a server down that is scanning incoming mails with clamav.

Please update.

Comment 1 Hanno Böck gentoo-dev

2019-08-06 08:42:47 UTC

Though it looks like the fix is incomplete:
https://bugzilla.clamav.net/show_bug.cgi?id=12356

Probably we should still bump to 0.101.3, but expect a new release soon.

Comment 2 Mikle Kolyada (RETIRED) archtester

2019-11-01 10:04:08 UTC

arm stable

Comment 3 Aaron Bauman (RETIRED) gentoo-dev

2019-11-07 00:10:42 UTC

arm64 stable

Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev

2020-03-19 20:50:13 UTC

Repository is clean, all done!