oval:org.mitre.oval:def:28679
Definition Id: oval:org.mitre.oval:def:28679 | |||
Oval ID: | oval:org.mitre.oval:def:28679 | ||
Title: | SUSE-SU-2014:1574-1 -- Security update for clamav (important) | ||
Description: | clamav was updated to version 0.98.5 to fix three security issues and several non-security issues. These security issues have been fixed: * Crash when scanning maliciously crafted yoda's crypter files (CVE-2013-6497). * Heap-based buffer overflow when scanning crypted PE files (CVE-2014-9050). * Crash when using 'clamscan -a'. These non-security issues have been fixed: * Support for the XDP file format and extracting, decoding, and scanning PDF files within XDP files. * Addition of shared library support for LLVM versions 3.1 - 3.5 for the purpose of just-in-time(JIT) compilation of ClamAV bytecode signatures. * Enhancements to the clambc command line utility to assist ClamAV bytecode signature authors by providing introspection into compiled bytecode programs. * Resolution of many of the warning messages from ClamAV compilation. * Improved detection of malicious PE files. * ClamAV 0.98.5 now works with OpenSSL in FIPS compliant mode (bnc#904207). * Fix server socket setup code in clamd (bnc#903489). * Change updateclamconf to prefer the state of the old config file even for commented-out options (bnc#903719). * Fix infinite loop in clamdscan when clamd is not running. * Fix buffer underruns when handling multi-part MIME email attachments. * Fix configuration of OpenSSL on various platforms. * Fix linking issues with libclamunrar. Security Issues: * CVE-2013-6497 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6497> * CVE-2014-9050 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1574-1 CVE-2013-6497 CVE-2014-9050 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 11 | Product(s): | clamav |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17270 | |||
Oval ID: | oval:org.mitre.oval:def:17270 | ||
Title: | SUSE Linux Enterprise Server 11.x is installed | ||
Description: | SUSE Linux Enterprise Server 11.x is installed. | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:novell:suse_linux:11::server | Version: | 5 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:28679 |
Definition Id: oval:org.mitre.oval:def:1368 | |||
Oval ID: | oval:org.mitre.oval:def:1368 | ||
Title: | SUSE Linux Enterprise Server 10 is installed | ||
Description: | SUSE Linux Enterprise Server 10 is installed. | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:novell:suse_linux:10::server | Version: | 6 |
Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:28679 |
Definition Id: oval:org.mitre.oval:def:25140 | |||
Oval ID: | oval:org.mitre.oval:def:25140 | ||
Title: | SUSE Linux Enterprise Desktop 11.x is installed | ||
Description: | SUSE Linux Enterprise Desktop 11.x is installed. | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:suse:suse_linux:11::desktop | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:28679 |