Clam AntiVirus: Multiple vulnerabilities — GLSA 201009-06

Multiple vulnerabilities have been reported in Clam AntiVirus.

Affected Packages

app-antivirus/clamav on all architectures
Affected versions < 0.96.1
Unaffected versions >= 0.96.1

Background

Clam AntiVirus (short: ClamAV) is an anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways.

Description

Multiple vulnerabilities were discovered in Clam AntiVirus. For further information, please consult the CVE entries referenced below.

Impact

A remote attacker could possibly bypass virus detection or cause a Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All Clam AntiVirus users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.96.1"

References

Release Date
September 07, 2010

Latest Revision
September 07, 2010: 01

Severity
normal

Exploitable
remote

Bugzilla entries