Project

General

Profile

Actions

Bug #13410

open

ClamAV 0.104.2 is subject to several vulnerabilies

Added by Steve Wheeler over 2 years ago. Updated over 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Squid
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
2.6.0
Affected Plus Version:
22.05
Affected Architecture:
All

Description

The current ClamAV pkg: clamav-0.104.2,1 is subject to a number of new vulnerabilites:
https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html

CVE-2022-20770
CVE-2022-20771
CVE-2022-20785
CVE-2022-20796

The new pkg version needs to be pulled in and Squid bumped to make available as an update.

Actions #1

Updated by Kris Phillips over 2 years ago

The latest is on Freshports. We should probably bump the pfSense squid package up a version and pull in the updated dependency.

https://www.freshports.org/security/clamav/

Actions #2

Updated by Jim Pingle over 1 year ago

  • Target version deleted (2.7.0)
  • Plus Target Version deleted (22.05)
Actions

Also available in: Atom PDF