Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 912370 (CVE-2023-20197, CVE-2023-20212)

Summary: <app-antivirus/clamav-{0.103.9, 1.0.2, 1.1.1}: Multiple vulnerabilities
Product: Gentoo Security Reporter: Thomas Raschbacher <lordvan>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: CONFIRMED ---    
Severity: minor CC: antivirus, mjo
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://blog.clamav.net/2023/07/2023-08-16-releases.html
Whiteboard: B3 [stable?]
Package list:
Runtime testing required: ---

Description Thomas Raschbacher gentoo-dev 2023-08-16 20:17:37 UTC
https://blog.clamav.net/2023/07/2023-08-16-releases.html
I bumped the 1.0.x and 1.1.x releases.
the Old LTS Release 0.103.9 is maintained by mjo, but I'm sure he'll bump it soon (he knows his patches best)
Comment 1 Larry the Git Cow gentoo-dev 2023-08-16 20:49:50 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2d14ba5ad6ab23baeaad63bfeb186709952a3ee6

commit 2d14ba5ad6ab23baeaad63bfeb186709952a3ee6
Author:     Michael Orlitzky <mjo@gentoo.org>
AuthorDate: 2023-08-16 20:20:03 +0000
Commit:     Michael Orlitzky <mjo@gentoo.org>
CommitDate: 2023-08-16 20:46:38 +0000

    app-antivirus/clamav: add 0.103.9
    
    Upstreamed C standard portability patches and fixes CVE-2023-20197.
    
    Bug: https://bugs.gentoo.org/912370
    Signed-off-by: Michael Orlitzky <mjo@gentoo.org>

 app-antivirus/clamav/Manifest              |   1 +
 app-antivirus/clamav/clamav-0.103.9.ebuild | 239 +++++++++++++++++++++++++++++
 2 files changed, 240 insertions(+)