Mailing List Archive

ClamAV critical vulnerability
Does anybody know if the 0.104.2 version of clamav for AIX addresses
CVE-2023-20032?

I’m confused on the 3 different types of versions that they state it affects

1.0.0 and earlier
0.105.1 and earlier
0.103.7 and earlier
Re: ClamAV critical vulnerability [ In reply to ]
On 02.03.23 13:27, Michael Kyriacou via clamav-users wrote:
>Does anybody know if the 0.104.2 version of clamav for AIX addresses
>CVE-2023-20032?

https://lists.clamav.net/pipermail/clamav-announce/2023/000070.html

ClamAV 0.104 has reached end-of-life according to the ClamAV End of Life
(EOL) policy<https://docs.clamav.net/faq/faq-eol.html> and will not be
patched. Anyone using ClamAV 0.104 must switch to a supported version.
All users should update as soon as possible to patch for two remote code
execution vulnerabilities that we recently discovered and patched.

>I’m confused on the 3 different types of versions that they state it affects
>
>1.0.0 and earlier
>0.105.1 and earlier
>0.103.7 and earlier


--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
42.7 percent of all statistics are made up on the spot.
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat