Well, that can take a little figuring out since the package is maintained by SUSE. A package can receive "backports" to fix vulnerabilities (and new features) so they don't have to update to a new version and re-certify everything still works and won't break other packages.
SUSE does publish info with their updates: https://www.suse.com/support/update/announcement/2019/suse-su-20190897-1/ *Usually* package maintainers are pretty quick to publish updates for security vulnerabilities. > Running on SUSE sles 12 sp2 servers. > > rpm -qa | grep clamav > clamav-0.100.3-33.21.1.x86_64 > > This is what i call the engine. The actual version af clamav proccess > active on my server. > > I just want to know how to figure out if this build has known > vulnerabillities. > > Like "can it be forced to crash by inserting infection patterns" or "can > it be forced to loop in a scan cycle, so scan newer completes". > > And If there is known issues. How to fix or mittigate. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
