[SUA 199-1] Updated clamav version

To: debian-stable-announce@lists.debian.org
Subject: [SUA 199-1] Updated clamav version
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Fri, 23 Apr 2021 14:37:10 +0100
Message-id: <[🔎] 503166734e75e8b871e5dc670f91f75c77c65f9f.camel@adam-barratt.org.uk>
Mail-followup-to: debian-release@lists.debian.org
Reply-to: debian-release@lists.debian.org

----------------------------------------------------------------------------
Debian Stable Updates Announcement SUA 199-1         https://www.debian.org/
debian-release@lists.debian.org                    Sebastian Andrzej Siewior
April 23rd, 2021
----------------------------------------------------------------------------

Package              : clamav
Version              : 0.103.2+dfsg-0+deb10u1
Importance           : medium

ClamAV is an AntiVirus toolkit for Unix.

Upstream published version 0.103.2.

This is a bug-fix release. Changes since 0.102.4 currently in buster
include the removal of the "safe browsing" signature database, and
fixes for security issues.

The new version also introduces the ability for the ClamAV daemon to
reload its databases in a non-blocking manner. This means that scanning
can continue to operate while the new databae is made active, but as a
side effect both the old and new databases must be held in memory at the
same time, causing a temporary increase in memory requirements. If this
increase causes an issue for your environment, the previous non-blocking
behaviour may be restored by setting "ConcurrentDatabaseReload no" in
your clamd.conf.

CVE-2021-1405

    A vulnerability in the email parsing module could allow an
    unauthenticated, remote attacker to cause a denial of service
    condition on an affected device

If you use clamav, we recommend that you install this update.

Upgrade Instructions
--------------------

You can get the updated packages by adding the stable-updates archive
for your distribution to your /etc/apt/sources.list:

 deb https://deb.debian.org/debian buster-updates main
 deb-src https://deb.debian.org/debian buster-updates main

You can also use any of the Debian archive mirrors.  See
https://www.debian.org/mirrors/list for the full list of mirrors.

For further information about stable-updates, please refer to
https://lists.debian.org/debian-devel-announce/2011/03/msg00010.html

If you encounter any issues, please don't hesitate to get in touch with
the Debian Release Team at debian-release@lists.debian.org

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Prev by Date: [SUA 198-1] Updated apt version
Previous by thread: [SUA 198-1] Updated apt version
Index(es):
- Date
- Thread