Advisories ยป MGASA-2017-0291

Updated clamav packages fix security vulnerabilities

Publication date: 21 Aug 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-6418 , CVE-2017-6420

Description

It was discovered that ClamAV incorrectly handled parsing certain e-mail
messages. A remote attacker could possibly use this issue to cause
ClamAV to crash, resulting in a denial of service (CVE-2017-6418).

It was discovered that ClamAV incorrectly handled parsing certain PE
files with WWPack compression. A remote attacker could possibly use this
issue to cause ClamAV to crash, resulting in a denial of service
(CVE-2017-6420).
                

References

SRPMS

6/core

5/core