Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 912370 (CVE-2023-20197, CVE-2023-20212) - <app-antivirus/clamav-{0.103.9, 1.0.2, 1.1.1}: Multiple vulnerabilities
Summary: <app-antivirus/clamav-{0.103.9, 1.0.2, 1.1.1}: Multiple vulnerabilities
Status: CONFIRMED
Alias: CVE-2023-20197, CVE-2023-20212
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://blog.clamav.net/2023/07/2023-...
Whiteboard: B3 [stable?]
Keywords:
Depends on:
Blocks:
 
Reported: 2023-08-16 20:17 UTC by Thomas Raschbacher
Modified: 2023-09-14 04:48 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Raschbacher gentoo-dev 2023-08-16 20:17:37 UTC 
https://blog.clamav.net/2023/07/2023-08-16-releases.html
I bumped the 1.0.x and 1.1.x releases.
the Old LTS Release 0.103.9 is maintained by mjo, but I'm sure he'll bump it soon (he knows his patches best)
Comment 1 Larry the Git Cow gentoo-dev 2023-08-16 20:49:50 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2d14ba5ad6ab23baeaad63bfeb186709952a3ee6

commit 2d14ba5ad6ab23baeaad63bfeb186709952a3ee6
Author:     Michael Orlitzky <mjo@gentoo.org>
AuthorDate: 2023-08-16 20:20:03 +0000
Commit:     Michael Orlitzky <mjo@gentoo.org>
CommitDate: 2023-08-16 20:46:38 +0000

    app-antivirus/clamav: add 0.103.9
    
    Upstreamed C standard portability patches and fixes CVE-2023-20197.
    
    Bug: https://bugs.gentoo.org/912370
    Signed-off-by: Michael Orlitzky <mjo@gentoo.org>

 app-antivirus/clamav/Manifest              |   1 +
 app-antivirus/clamav/clamav-0.103.9.ebuild | 239 +++++++++++++++++++++++++++++
 2 files changed, 240 insertions(+)