Bug 1214347 (CVE-2023-20212)

Summary: VUL-0: CVE-2023-20212: clamav: possible denial of service vulnerability in the AutoIt file parser
Product: [Novell Products] SUSE Security Incidents Reporter: Alexander Bergmann <abergmann>
Component: IncidentsAssignee: Reinhard Max <max>
Status: RESOLVED INVALID QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: abergmann
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/375628/
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Alexander Bergmann 2023-08-17 06:43:47 UTC 
CVE-2023-20212 

Fixed a possible denial of service vulnerability in the AutoIt file parser. This issue affects versions 1.0.1 and 1.0.0. This issue does not affect version 1.1.0.

References:
https://blog.clamav.net/2023/07/2023-08-16-releases.html
Comment 1 Alexander Bergmann 2023-08-17 07:05:08 UTC 
Not affecting any code-stream:

SUSE:SLE-12:Update/clamav      0.103.8
SUSE:SLE-12-SP5:Update/clamav  0.103.8
SUSE:SLE-15:Update/clamav      0.103.8

openSUSE:Factory/clamav        0.103.8
security/clamav                0.103.9