Bugzilla – Bug 1214342
VUL-0: CVE-2023-20197: clamav: fixed a possible denial of service vulnerability in the HFS+ file parser
Last modified: 2023-09-11 07:48:58 UTC
CVE-2023-20197: Fixed a possible denial of service vulnerability in the HFS+ file parser. This issue affects versions 1.1.0, 1.0.1 through 1.0.0, 0.105.2 through 0.105.0, 0.104.4 through 0.104.0, and 0.103.8 through 0.103.0.
Affected code-streams: SUSE:SLE-12:Update/clamav 0.103.8 SUSE:SLE-12-SP5:Update/clamav 0.103.8 SUSE:SLE-15:Update/clamav 0.103.8 openSUSE:Factory/clamav 0.103.8 Already on the latest version: security/clamav 0.103.9
What info do I need to provide?
(In reply to Arjen de Korte from comment #3) > What info do I need to provide? Oops, my fault, I meant to set NEEDINFO to Alex.
SUSE-SU-2023:3435-1: An update that solves one vulnerability can now be installed. Category: security (important) Bug References: 1214342 CVE References: CVE-2023-20197 Sources used: SUSE Linux Enterprise High Performance Computing 12 SP5 (src): clamav-0.103.9-3.27.1 SUSE Linux Enterprise Server 12 SP5 (src): clamav-0.103.9-3.27.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): clamav-0.103.9-3.27.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:3456-1: An update that solves one vulnerability can now be installed. Category: security (important) Bug References: 1214342 CVE References: CVE-2023-20197 Sources used: openSUSE Leap 15.4 (src): clamav-0.103.9-150000.3.47.1 openSUSE Leap 15.5 (src): clamav-0.103.9-150000.3.47.1 Basesystem Module 15-SP4 (src): clamav-0.103.9-150000.3.47.1 Basesystem Module 15-SP5 (src): clamav-0.103.9-150000.3.47.1 SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): clamav-0.103.9-150000.3.47.1 SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): clamav-0.103.9-150000.3.47.1 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): clamav-0.103.9-150000.3.47.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): clamav-0.103.9-150000.3.47.1 SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): clamav-0.103.9-150000.3.47.1 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): clamav-0.103.9-150000.3.47.1 SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): clamav-0.103.9-150000.3.47.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): clamav-0.103.9-150000.3.47.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): clamav-0.103.9-150000.3.47.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): clamav-0.103.9-150000.3.47.1 SUSE Manager Proxy 4.2 (src): clamav-0.103.9-150000.3.47.1 SUSE Manager Retail Branch Server 4.2 (src): clamav-0.103.9-150000.3.47.1 SUSE Manager Server 4.2 (src): clamav-0.103.9-150000.3.47.1 SUSE Enterprise Storage 7.1 (src): clamav-0.103.9-150000.3.47.1 SUSE Enterprise Storage 7 (src): clamav-0.103.9-150000.3.47.1 SUSE CaaS Platform 4.0 (src): clamav-0.103.9-150000.3.47.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.