Thanks for sharing the link. Yup this CVE is no fun. It is what it is. The patch versions to fix the issue are available, and we simply need to draw attention to it so people upgrade.
Regards, Micah Micah Snyder ClamAV Development Talos Cisco Systems, Inc. ________________________________ From: clamav-devel <clamav-devel-boun...@lists.clamav.net> on behalf of Turritopsis Dohrnii Teo En Ming <tdtemc...@gmail.com> Sent: Monday, February 20, 2023 5:09 AM To: clamav-devel@lists.clamav.net <clamav-devel@lists.clamav.net> Cc: c...@teo-en-ming-corp.com <c...@teo-en-ming-corp.com> Subject: [Clamav-devel] CVE-2023-20032 and CVE-2023-20052 Latest security flaws in Cisco's open source ClamAV antivirus engine Subject: CVE-2023-20032 and CVE-2023-20052 Latest security flaws in Cisco's open source ClamAV antivirus engine Good day from Singapore, I have just come across this article at The Register. Thought of sharing it. Article: Antivirus apps are there to protect you – Cisco's ClamAV has a heckuva flaw Link: https://www.theregister.com/2023/02/17/cisco_clamav_critical_flaw/ Thank you. Regards, Mr. Turritopsis Dohrnii Teo En Ming Targeted Individual in Singapore Blogs: https://tdtemcerts.blogspot.com https://tdtemcerts.wordpress.com _______________________________________________ clamav-devel mailing list clamav-devel@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-devel Please submit your patches to our Github: https://github.com/Cisco-Talos/clamav-devel/pulls Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-devel mailing list clamav-devel@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-devel Please submit your patches to our Github: https://github.com/Cisco-Talos/clamav-devel/pulls Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
