ClamAV outdated and susceptible to DOS attack
21 Aug
2023
21 Aug
'23
6:57 p.m.
Hi, I'm not sure whether this is right mailing list. If not, please point me to the right one. ClamAV has released patched versions 1.1.1 and 1.0.2 almost a week ago deploying critical patches. Both address CVE-2023-20197 which has a CVSS 3.x score of 7.5. The latter also tackles CVE-2023-20212, also having CVSS 3.x score of 7.5. Seeing that ClamAV has been flagged out-of-date in the package repo on 2023-05-02, I'm wondering when this will be updated - or if there's anything I could do to update the ClamAV package myself. Kind regards, Dirk Räder dirk@raeder.cc
493
Age (days ago)
493
Last active (days ago)
0 comments
1 participants
participants (1)
-
Dirk Räder