Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package clamav for openSUSE:Factory checked in at 2025-01-23 18:03:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/clamav (Old) and /work/SRC/openSUSE:Factory/.clamav.new.5589 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "clamav" Thu Jan 23 18:03:00 2025 rev:129 rq:1239891 version:1.4.2 Changes: -------- --- /work/SRC/openSUSE:Factory/clamav/clamav.changes 2025-01-17 18:44:09.633826474 +0100 +++ /work/SRC/openSUSE:Factory/.clamav.new.5589/clamav.changes 2025-01-23 18:03:44.115979404 +0100 @@ -1,0 +2,8 @@ +Wed Jan 22 17:50:49 UTC 2025 - Reinhard Max <m...@suse.com> + +- New version 1.4.2: + * CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow + read bug in the OLE2 file parser that could cause a + denial-of-service (DoS) condition. + +------------------------------------------------------------------- @@ -199,0 +208 @@ + (bsc#1103032: CVE-2018-14679) @@ -205 +214 @@ -- Update to 0.103.7 +- Update to 0.103.7 (bsc#1202986) @@ -258 +267 @@ - (the clamscan --gen-json option) is enabled. + (the clamscan --gen-json option) is enabled. (bsc#1194731) @@ -525 +534 @@ - clamdscan, and clamonacc. + clamdscan, and clamonacc. (bsc#1174255) @@ -538 +547 @@ - parser in versions affected by the vulnerability. + parser in versions affected by the vulnerability. (bsc#1174250) @@ -552 +561 @@ - a crash. + a crash. (bsc#1171981) @@ -833,3 +842,3 @@ - * CVE-2012-6706 - * CVE-2017-6419 - * CVE-2017-11423 + * CVE-2012-6706 (bsc#1045315) + * CVE-2017-6419 (bsc#1052449) + * CVE-2017-11423 (bsc#1049423) @@ -837 +846 @@ - * CVE-2018-0202 + * CVE-2018-0202 (bsc#1083915) @@ -1001 +1010 @@ -- Update to version 0.99.1 +- Update to version 0.99.1 (bsc#969814) @@ -1183,0 +1193 @@ + (bnc#906770, CVE-2014-9050) Old: ---- clamav-1.4.1.tar.gz clamav-1.4.1.tar.gz.sig New: ---- clamav-1.4.2.tar.gz clamav-1.4.2.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ clamav.spec ++++++ --- /var/tmp/diff_new_pack.WfjTxb/_old 2025-01-23 18:03:45.140021672 +0100 +++ /var/tmp/diff_new_pack.WfjTxb/_new 2025-01-23 18:03:45.144021837 +0100 @@ -33,7 +33,7 @@ %global confdir %_prefix%_sysconfdir Name: clamav -Version: 1.4.1 +Version: 1.4.2 Release: 0 Summary: Antivirus Toolkit License: GPL-2.0-only ++++++ clamav-1.4.1.tar.gz -> clamav-1.4.2.tar.gz ++++++ /work/SRC/openSUSE:Factory/clamav/clamav-1.4.1.tar.gz /work/SRC/openSUSE:Factory/.clamav.new.5589/clamav-1.4.2.tar.gz differ: char 5, line 1
