SUSE-SU-2015:0188-1: moderate: Security update for clamav

Mon Feb 2 02:05:19 MST 2015

   SUSE Security Update: Security update for clamav
______________________________________________________________________________

Announcement ID:    SUSE-SU-2015:0188-1
Rating:             moderate
References:         #903489 #903719 #904207 #906077 #906770 #908731 
                    #914505 
Cross-References:   CVE-2013-6497 CVE-2014-9050
Affected Products:
                    SUSE Linux Enterprise Server 12
                    SUSE Linux Enterprise Desktop 12
______________________________________________________________________________

   An update that solves two vulnerabilities and has 5 fixes
   is now available.

Description:

   Clamav was updated to version 0.98.5:

   * Support for the XDP file format and extracting, decoding, and scanning
     PDF files within XDP files.

   * Addition of shared library support for LLVM versions 3.1 - 3.5 for the
     purpose of just-in-time(JIT) compilation of ClamAV bytecode signatures.
   * Enhancements to the clambc command line utility to assist ClamAV
     bytecode signature authors by providing introspection into compiled
     bytecode programs.
   * Resolution of many of the warning messages from ClamAV compilation.
   * Improved detection of malicious PE files (bnc#906770, CVE-2014-9050)
   * Security fix for ClamAV crash when using 'clamscan -a'.
   * Security fix for ClamAV crash when scanning maliciously crafted yoda's
     crypter files (bnc#906077, CVE-2013-6497).
   * ClamAV 0.98.5 now works with OpenSSL in FIPS compliant mode (bnc#904207).
   * Fix server socket setup code in clamd (bnc#903489).

   - Change updateclamconf to prefer the state of the old config file even
     for commented-out options (bnc#903719) (bnc#908731).

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12:

      zypper in -t patch SUSE-SLE-SERVER-12-2015-49

   - SUSE Linux Enterprise Desktop 12:

      zypper in -t patch SUSE-SLE-DESKTOP-12-2015-49

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):

      clamav-0.98.5-6.1
      clamav-debuginfo-0.98.5-6.1
      clamav-debugsource-0.98.5-6.1

   - SUSE Linux Enterprise Desktop 12 (x86_64):

      clamav-0.98.5-6.1
      clamav-debuginfo-0.98.5-6.1
      clamav-debugsource-0.98.5-6.1

References:

   http://support.novell.com/security/cve/CVE-2013-6497.html
   http://support.novell.com/security/cve/CVE-2014-9050.html
   https://bugzilla.suse.com/show_bug.cgi?id=903489
   https://bugzilla.suse.com/show_bug.cgi?id=903719
   https://bugzilla.suse.com/show_bug.cgi?id=904207
   https://bugzilla.suse.com/show_bug.cgi?id=906077
   https://bugzilla.suse.com/show_bug.cgi?id=906770
   https://bugzilla.suse.com/show_bug.cgi?id=908731
   https://bugzilla.suse.com/show_bug.cgi?id=914505