Control: tags -1 security Control: severity -1 grave On Fri, Jan 26, 2018 at 09:35:25AM +0000, Rob N wrote: > Package: clamav > Version: 0.99.2+dfsg-0+deb8u2 > Severity: important > > 0.99.3 has been released, see > http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html. > > This fixed a number of overflow bugs, each of which has assigned CVE numbers > due to the potential for denial of service. > > We've have started seeing unexpected clamd crashes on a high-traffic mail > system today, though I've been unable to isolate a test case. It's seems like > too much of a coincidence that these crashes start happening the day after a > security release was announced. We've implemented mitigations but an updated > package would be even better.
Indeed. There are tons of reports of ClamAV installations suddently getting wedged, see http://lists.clamav.net/pipermail/clamav-users/2018-January/thread.html#5658 . It is a bit unclear whether 0.99.3 does fix this issue (which seems to be caused by a recent signature update), but other news sites claim that at least CVE-2017-12376 is getting actively exploited. Bernhard
