Browse code
ClamAV 0.98.7 README.
Steven Morgan authored on 2015/04/08 04:00:51Showing 1 changed files
| ... | ... |
@@ -8,19 +8,40 @@ here may not be available in binary packages. |
| 8 | 8 |
ClamAV 0.98.7 is here! This release contains new scanning features |
| 9 | 9 |
and bug fixes. |
| 10 | 10 |
|
| 11 |
- - Improvement to PDF processing: encryption handling, escape |
|
| 12 |
- sequence handling, file property collection. |
|
| 13 |
- - fix infinite loop on crafted y0da cryptor file. Identified and patch |
|
| 14 |
- suggested by Sebastian Andrzej Siewior. CVE-2015-2221. |
|
| 15 |
- - fix crash on crafted petite packed file. Reported and patch |
|
| 11 |
+ - Improvements to PDF processing: decryption, escape sequence |
|
| 12 |
+ handling, and file property collection. |
|
| 13 |
+ - Scanning/analysis of additional Microsoft Office XML based formats. |
|
| 14 |
+ - Fix infinite loop condition on crafted y0da cryptor file. Identified |
|
| 15 |
+ and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221. |
|
| 16 |
+ - Fix crash on crafted petite packed file. Reported and patch |
|
| 16 | 17 |
supplied by Sebastian Andrzej Siewior. CVE-2015-2222. |
| 17 |
- - fix false negatives on files within iso9660 containers. This issue |
|
| 18 |
+ - Fix false negatives on files within iso9660 containers. This issue |
|
| 18 | 19 |
was reported by Minzhuan Gong. |
| 19 |
- - fix a couple crashes on crafted upack packed file. Identified and |
|
| 20 |
+ - Fix a couple crashes on crafted upack packed file. Identified and |
|
| 20 | 21 |
patches supplied by Sebastian Andrzej Siewior. |
| 21 |
- - fix a crash during algorithimic detection on crafted PE file. |
|
| 22 |
+ - Fix a crash during algorithmic detection on crafted PE file. |
|
| 22 | 23 |
Identified and patch supplied by Sebastian Andrzej Siewior. |
| 24 |
+ - Fix an infinite loop condition on a crafted "xz" archive file. |
|
| 25 |
+ This was reported by Dimitri Kirchner and Goulven Guiheux. |
|
| 26 |
+ CVE-2015-2668. |
|
| 27 |
+ - Fix compilation error after ./configure --disable-pthreads. |
|
| 28 |
+ Reported and fix suggested by John E. Krokes. |
|
| 29 |
+ - Apply upstream patch for possible heap overflow in Henry Spencer's |
|
| 30 |
+ regex library. CVE-2015-2305. |
|
| 31 |
+ - Fix crash in upx decoder with crafted file. Discovered and patch |
|
| 32 |
+ supplied by Sebastian Andrzej Siewior. CVE-2015-2170. |
|
| 33 |
+ - Fix segfault scanning certain HTML files. Reported with sample by |
|
| 34 |
+ Kai Risku. |
|
| 35 |
+ |
|
| 36 |
+As always, we appreciate the contibutions of the ClamAV community members |
|
| 37 |
+for their code and sample submissions! |
|
| 23 | 38 |
|
| 39 |
+Sebastian Andrzej Siewior |
|
| 40 |
+Minzhaun Gong |
|
| 41 |
+Dimitri Kirchne |
|
| 42 |
+Goulven Guiheux |
|
| 43 |
+John E. Krokes |
|
| 44 |
+Kai Risku |
|
| 24 | 45 |
|
| 25 | 46 |
0.98.6 |
| 26 | 47 |
------ |