-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3328-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 20, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : clamav Version : 0.103.8+dfsg-0+deb10u1 CVE ID : CVE-2023-20032 CVE-2023-20052 Two vulnerabilities have been found in the ClamAV antivirus toolkit, which could result in arbitrary code execution or information disclosure when parsing maliciously crafted HFS+ or DMG files. For Debian 10 buster, these problems have been fixed in version 0.103.8+dfsg-0+deb10u1. We recommend that you upgrade your clamav packages. For the detailed security status of clamav please refer to its security tracker page at: https://security-tracker.debian.org/tracker/clamav Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmPzszoACgkQnUbEiOQ2 gwJP0A//bZ6bSegTVHGqOFxYV8ORQZp+tYhhceRwj9BV5z6gZWinD4P54uQ2v4U7 WmPpxo0wVfXt+7i/UH8Hf1AWw0wEnAzI+mnw/bjvk2n2Q3xayCjW+ab2x1Omk8+w W14TX7kdvBwz2bzkoq8t2IeG11++wrSpgFy6/SkYJZnRrlsVtzBXTpQyK22PbecE LPcB+F0EznnwDeAzFbcykkx1xw+0RBM3OrFVn6lBS9nqXZ/vI+xbrXPshjnaNwBW EQ3aHRbw7diE7IHh+FvfNMDoZgVb39AfDac+paGlLuoctQmaiE5gTfWGCWA89Rza VJzjHvicm439cGi5RsM6M7jRTu/RGo+7C1/QgUmWCI5y4H2jDBPSFBhooWcc27/T XNNACwBZjaQNu5EOZ1B+oka6eIMNf4lpaOHio9kxjy6WOU2GMA/nnRtA9utbrbKT F6IPhUrTcs9uBOkjgunGvxuKQO56x2ZCUvxI9GxzICvIiKIscyLc8aRTDU4YooAE ea3L/qQQrH6AdwlS/622bRIn/xJfULz4Jirmn7YNuY+/j2czhIHwoB6AJJhfDENn sIffGwNw6ExjRKfhAmz+u/mQuLd93oRl+lgcsST7Uisg2eNR3t1uaXZxAcc1mt0G i7+5G4sTS8YUOnyB3REyc5zaVwNS6l5Nuc3f6wHp8a9FMt0pxRo= =cfUo -----END PGP SIGNATURE-----
