Project

General

Profile

Actions

Bug #13410

open

ClamAV 0.104.2 is subject to several vulnerabilies

Added by Steve Wheeler about 2 months ago. Updated about 1 month ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Squid
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
22.05
Affected Version:
2.6.0
Affected Plus Version:
22.05
Affected Architecture:
All

Description

The current ClamAV pkg: clamav-0.104.2,1 is subject to a number of new vulnerabilites:
https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html

CVE-2022-20770
CVE-2022-20771
CVE-2022-20785
CVE-2022-20796

The new pkg version needs to be pulled in and Squid bumped to make available as an update.

Actions #1

Updated by Kris Phillips about 1 month ago

The latest is on Freshports. We should probably bump the pfSense squid package up a version and pull in the updated dependency.

https://www.freshports.org/security/clamav/

Actions

Also available in: Atom PDF