-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 26 May 2022 10:17:16 +0200 Source: clamav Architecture: source Version: 0.103.6+dfsg-0+deb11u1 Distribution: bullseye Urgency: medium Maintainer: ClamAV Team <pkg-clamav-devel@lists.alioth.debian.org> Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Changes: clamav (0.103.6+dfsg-0+deb11u1) bullseye; urgency=medium . * Import 0.103.6 - CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file parser). - CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan verdict cache check). - CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file parser). - CVE-2022-20785 (Possible memory leak in the HTML file parser/ Javascript normalizer). - CVE-2022-20792 (Possible multi-byte heap buffer overflow write vulnerability in the signature database load module. - Update symbol file. Checksums-Sha1: f16fcb12aadac2c44fa64c07550cb2a0335d744b 2983 clamav_0.103.6+dfsg-0+deb11u1.dsc 6212705bf2cb168a55f76ae4cab31fa40909aed8 7135300 clamav_0.103.6+dfsg.orig.tar.xz d5dd967c177ff11162cbb2cd8b014e8f9ea0b246 220324 clamav_0.103.6+dfsg-0+deb11u1.debian.tar.xz Checksums-Sha256: 7bac8b2b2ddd9c031206a44d5b6ee82bcc62359684703f7f5c7afb4e60f9b5f8 2983 clamav_0.103.6+dfsg-0+deb11u1.dsc b1c740636772259addbca9901a27bb92213970eaba820db472b3cfe328b5a0b2 7135300 clamav_0.103.6+dfsg.orig.tar.xz da63c0a057b757e5ed4bb6cd57d0ed6adcb0a94ac02307e3ef7fb05a7559414d 220324 clamav_0.103.6+dfsg-0+deb11u1.debian.tar.xz Files: df93ab1680ff7128b14fabe8406aaf0e 2983 utils optional clamav_0.103.6+dfsg-0+deb11u1.dsc ef852aa3917ceb5647361da21c8830a3 7135300 utils optional clamav_0.103.6+dfsg.orig.tar.xz 5ad6fa5d154585228d6c1c66694ed212 220324 utils optional clamav_0.103.6+dfsg-0+deb11u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEZCVGlf/wqkRmzBnme5boFiqM9dEFAmKPPxcACgkQe5boFiqM 9dFxKg//SoO8HTH6r8pZWLt650AARpv12VfBMFCveLAf9qnaDf81csep24qkGB+w OGBZVUfGEplTDlRJeTL1R3ImLBbPlj+k+t0bSH3Fyk3BOQR4OGtOgwf1dWQzi24e 1X8yvfDVJVlQP+SkGRRrQUIaTWGwbOo2kmvf7bgOjJeD53bXDxNwPdv0FzYJLJzm WDFQGUNE72q3vr7vBfQv/91SXMPjt/FP1gz++IV5BxvEhj26A98iVLAtmeL+KCL3 iVn8r0K74bDjdCgIuVRNB926Y2Uf1oPbuKx1XZMBoZFZ4Xo/AZ6f6gfrGTOceCHg fnYhwzw40XmCDv/Aw9A1tmUNobUwNPAuDgQs3O67f12YcP+Npy+1vcdihwUPS4DA v7aQ6+dDCBgGQYzT1WKec6BB2RfBwfIqgBty2XiXPMJfHlHkOAXy3lDANzz5vSzi 5uleFDz+Q15x2bKvYfpGm8dX8ThYycYZeHiHZjRKrIMMykGGZDBhGAlFHGowM6Eu bLMQ+gg834dEZ+GzJoPDv9vI7Q4XLEaUSkspAhLHwzRiFi3jj/sgpVxNwh/sgUgN bvlDlnZWzuDK//IzFHd5IDuUspLlxvzj9buLA2agc5G5gCpN4LhfSfYOEz9pPWwA bl6EEpRRzpaS8ceYi51H2ldp9BHafwSzrTtrucNWCk8aGoO3tD8= =Regu -----END PGP SIGNATURE-----