ClamAV 0.103.5 has been released on January 12: https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html It fixes a security issue and other bugs. Fedora has issued an advisory for this today (January 16): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CKHVIDDT45SUTNVD3ODK2FDXJFJ3ETJH/ Mageia 8 is also affected.
Whiteboard: (none) => MGA8TOOCC: (none) => nicolas.salgueroStatus comment: (none) => Fixed upstream in 0.103.5
Assigning rather than CC'ing NicolasS, the main committer of this SRPM.
Assignee: bugsquad => nicolas.salgueroCC: nicolas.salguero => (none)
Suggested advisory: ======================== The updated packages fix a security vulnerability: A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition. (CVE-2022-20698) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20698 https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CKHVIDDT45SUTNVD3ODK2FDXJFJ3ETJH/ ======================== Updated packages in core/updates_testing: ======================== clamav-0.103.5-1.mga8 clamav-db-0.103.5-1.mga8 clamav-milter-0.103.5-1.mga8 clamd-0.103.5-1.mga8 lib(64)clamav9-0.103.5-1.mga8 lib(64)clamav-devel-0.103.5-1.mga8 from SRPM: clamav-0.103.5-1.mga8.src.rpm
Status: NEW => ASSIGNEDStatus comment: Fixed upstream in 0.103.5 => (none)Version: Cauldron => 8Assignee: nicolas.salguero => qa-bugsCVE: (none) => CVE-2022-20698Whiteboard: MGA8TOO => (none)
CC: (none) => nicolas.salguero
MGA8-64 Plasma on Lenovo B50 in Dutch No installation issues. Ref bug 29663 for tests # freshclam Current working dir is /var/lib/clamav/ Loaded freshclam.dat: version: 1 uuid: 744e501c-975d-4059-97aa-a11076e25aef ClamAV update process started at Tue Jan 18 14:33:16 2022 Current working dir is /var/lib/clamav/ Querying current.cvd.clamav.net TTL: 1800 etc ..... till check_for_new_database_version: Local copy of bytecode found: bytecode.cvd. query_remote_database_version: bytecode.cvd version from DNS: 333 bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) fc_update_database: bytecode.cvd already up-to-date. $ clamscan /home/tester8/.ICEauthority: Empty file /home/tester8/.xscreensaver: OK /home/tester8/.Xauthority: OK etc....till ----------- SCAN SUMMARY ----------- Known viruses: 8603993 Engine version: 0.103.5 Scanned directories: 1 Scanned files: 27 Infected files: 0 Data scanned: 0.08 MB Data read: 202.71 MB (ratio 0.00:1) Time: 19.316 sec (0 m 19 s) Start Date: 2022:01:18 14:33:58 End Date: 2022:01:18 14:34:18 # systemctl -l status clamav-daemon ● clamav-daemon.service - Clam AntiVirus userspace daemon Loaded: loaded (/usr/lib/systemd/system/clamav-daemon.service; disabled; vendor preset: disabled) Active: inactive (dead) TriggeredBy: ● clamav-daemon.socket Docs: man:clamd(8) man:clamd.conf(5) https://docs.clamav.net/ jan 18 14:34:51 mach5.hviaene.thuis systemd[1]: /usr/lib/systemd/system/clamav-daemon.service:13: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and cons> jan 18 14:34:51 mach5.hviaene.thuis systemd[1]: /usr/lib/systemd/system/clamav-daemon.service:13: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and cons> jan 18 14:34:51 mach5.hviaene.thuis systemd[1]: /usr/lib/systemd/system/clamav-daemon.service:13: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and cons> jan 18 14:36:22 mach5.hviaene.thuis systemd[1]: /usr/lib/systemd/system/clamav-daemon.service:13: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and cons> jan 18 14:36:22 mach5.hviaene.thuis systemd[1]: /usr/lib/systemd/system/clamav-daemon.service:13: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and cons> # systemctl start clamav-daemon # systemctl -l status clamav-daemon ● clamav-daemon.service - Clam AntiVirus userspace daemon Loaded: loaded (/usr/lib/systemd/system/clamav-daemon.service; disabled; vendor preset: disabled) Active: active (running) since Tue 2022-01-18 14:36:45 CET; 3s ago TriggeredBy: ● clamav-daemon.socket Docs: man:clamd(8) man:clamd.conf(5) https://docs.clamav.net/ Main PID: 7859 (clamd) Tasks: 1 (limit: 9397) Memory: 552.6M CPU: 3.544s CGroup: /system.slice/clamav-daemon.service └─7859 /usr/sbin/clamd --foreground=true jan 18 14:36:45 mach5.hviaene.thuis systemd[1]: Started Clam AntiVirus userspace daemon. So all looks OK to me.
Whiteboard: (none) => MGA8-64-OKCC: (none) => herman.viaene
Validating. Advisory in Comment 2.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0024.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED