- New version 1.4.1:
  * [CVE-2024-20506, bsc#1230162]: Changed the logging module to
    disable following symlinks on Linux and Unix systems so as to
    prevent an attacker with existing access to the 'clamd' or
    'freshclam' services from using a symlink to corrupt system
    files.
  * [CVE-2024-20505, bsc#1230161]: Fixed a possible out-of-bounds
    read bug in the PDF file parser that could cause a
    denial-of-service (DoS) condition.
  * https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html
- New version 1.4.0:
  * Added support for extracting ALZ archives.
  * Added support for extracting LHA/LZH archives.
  * Added the ability to disable image fuzzy hashing, if needed.
    For context, image fuzzy hashing is a detection mechanism
    useful for identifying malware by matching images included with
    the malware or phishing email/document.
  * https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html

- New version 1.3.2:
  * CVE-2024-20506: Changed the logging module to disable following
    symlinks on Linux and Unix systems so as to prevent an attacker
    with existing access to the 'clamd' or 'freshclam' services from
    using a symlink to corrupt system files.
  * CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF
    file parser that could cause a denial-of-service condition.
  * Removed unused Python modules from freshclam tests including
    deprecated 'cgi' module that is expected to cause test failures in
    Python 3.13.
  * Fix unit test caused by expiring signing certificate.

• Files Changed
• Browse Source

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Update to 0.103.7
  - Zip parser: tolerate 2-byte overlap in file entries
  - Fix bug with logical signature Intermediates feature
  - Update to UnRAR v6.1.7
  - Patch UnRAR: allow skipping files in solid archives
  - Patch UnRAR: limit dict winsize to 1GB

• Files Changed
• Browse Source

• Browse Source