File _patchinfo of Package patchinfo.24145

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.24145

<patchinfo incident="24145">
  <issue tracker="cve" id="2022-20771"/>
  <issue tracker="cve" id="2022-20796"/>
  <issue tracker="cve" id="2022-20792"/>
  <issue tracker="cve" id="2022-20770"/>
  <issue tracker="cve" id="2022-20785"/>
  <issue tracker="bnc" id="1199242">VUL-0: CVE-2022-20770: clamav: Unauthenticated, remote attacker to cause a denial of service</issue>
  <issue tracker="bnc" id="1199244">VUL-0: CVE-2022-20771: clamav: Infinite loop in tiff parser can cause denial of service</issue>
  <issue tracker="bnc" id="1199245">VUL-0: CVE-2022-20785: clamav: Memory leak in HTML file parser</issue>
  <issue tracker="bnc" id="1199274">VUL-0: CVE-2022-20792: clamav: multi-byte heap buffer overflow in signature database load module</issue>
  <issue tracker="bnc" id="1199246">VUL-0: CVE-2022-20796: clamav:  NULL-pointer dereference crash in the scan verdict cache check</issue>
  <packager>rmax</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for clamav</summary>
  <description>This update for clamav fixes the following issues:

- CVE-2022-20770: Fixed a possible infinite loop vulnerability in the CHM file parser (bsc#1199242).
- CVE-2022-20796: Fixed a possible NULL-pointer dereference crash in the scan verdict cache check (bsc#1199246).
- CVE-2022-20771: Fixed a possible infinite loop vulnerability in the TIFF file parser (bsc#1199244).
- CVE-2022-20785: Fixed a possible memory leak in the HTML file parser / Javascript normalizer (bsc#1199245).
- CVE-2022-20792: Fixed a possible multi-byte heap buffer overflow write vulnerability in the signature database load module (bsc#1199274).
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.24145

Places