---------------------------------------------------------------------------- Debian Stable Updates Announcement SUA 199-1 https://www.debian.org/ debian-release@lists.debian.org Sebastian Andrzej Siewior April 23rd, 2021 ---------------------------------------------------------------------------- Package : clamav Version : 0.103.2+dfsg-0+deb10u1 Importance : medium ClamAV is an AntiVirus toolkit for Unix. Upstream published version 0.103.2. This is a bug-fix release. Changes since 0.102.4 currently in buster include the removal of the "safe browsing" signature database, and fixes for security issues. The new version also introduces the ability for the ClamAV daemon to reload its databases in a non-blocking manner. This means that scanning can continue to operate while the new databae is made active, but as a side effect both the old and new databases must be held in memory at the same time, causing a temporary increase in memory requirements. If this increase causes an issue for your environment, the previous non-blocking behaviour may be restored by setting "ConcurrentDatabaseReload no" in your clamd.conf. CVE-2021-1405 A vulnerability in the email parsing module could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device If you use clamav, we recommend that you install this update. Upgrade Instructions -------------------- You can get the updated packages by adding the stable-updates archive for your distribution to your /etc/apt/sources.list: deb https://deb.debian.org/debian buster-updates main deb-src https://deb.debian.org/debian buster-updates main You can also use any of the Debian archive mirrors. See https://www.debian.org/mirrors/list for the full list of mirrors. For further information about stable-updates, please refer to https://lists.debian.org/debian-devel-announce/2011/03/msg00010.html If you encounter any issues, please don't hesitate to get in touch with the Debian Release Team at debian-release@lists.debian.org
Attachment:
signature.asc
Description: This is a digitally signed message part