On Tue, Aug 6, 2019 at 5:23 PM Henrik Hoeg Thomsen1 via clamav-users < clamav-users@lists.clamav.net> wrote:
> Running on SUSE sles 12 sp2 servers. > > > rpm -qa | grep clamav > clamav-0.100.3-33.21.1.x86_64 > > This is what i call the engine. The actual version af clamav proccess > active on my server. > > I just want to know how to figure out if this build has known > vulnerabillities. > > Short version: ask suse or whoever build your package. The CVE page should list most recent issue first, and the linked bugzilla will show which version has the fix. However distros (e.g. suse, redhat) often backport security fixes, so it's possible that your particular build already has it. The distro should have somekind of changelog for that package. For example, https://www.suse.com/support/update/announcement/2019/suse-su-20190897-1/ -- Fajar
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
