ALAS-2015-486


Amazon Linux AMI Security Advisory: ALAS-2015-486
Advisory Release Date: 2015-03-04 16:11 Pacific
Severity: Medium
References: CVE-2014-9328 

Issue Overview:

ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."


Affected Packages:

clamav


Issue Correction:
Run yum update clamav to update your system.

New Packages:
i686:
    clamav-update-0.98.6-1.11.amzn1.i686
    clamav-db-0.98.6-1.11.amzn1.i686
    clamav-server-0.98.6-1.11.amzn1.i686
    clamav-debuginfo-0.98.6-1.11.amzn1.i686
    clamav-lib-0.98.6-1.11.amzn1.i686
    clamd-0.98.6-1.11.amzn1.i686
    clamav-0.98.6-1.11.amzn1.i686
    clamav-devel-0.98.6-1.11.amzn1.i686
    clamav-milter-0.98.6-1.11.amzn1.i686

noarch:
    clamav-scanner-0.98.6-1.11.amzn1.noarch
    clamav-milter-sysvinit-0.98.6-1.11.amzn1.noarch
    clamav-data-0.98.6-1.11.amzn1.noarch
    clamav-scanner-sysvinit-0.98.6-1.11.amzn1.noarch
    clamav-filesystem-0.98.6-1.11.amzn1.noarch
    clamav-data-empty-0.98.6-1.11.amzn1.noarch
    clamav-server-sysvinit-0.98.6-1.11.amzn1.noarch

src:
    clamav-0.98.6-1.11.amzn1.src

x86_64:
    clamav-lib-0.98.6-1.11.amzn1.x86_64
    clamav-server-0.98.6-1.11.amzn1.x86_64
    clamav-debuginfo-0.98.6-1.11.amzn1.x86_64
    clamav-milter-0.98.6-1.11.amzn1.x86_64
    clamav-0.98.6-1.11.amzn1.x86_64
    clamav-update-0.98.6-1.11.amzn1.x86_64
    clamav-db-0.98.6-1.11.amzn1.x86_64
    clamd-0.98.6-1.11.amzn1.x86_64
    clamav-devel-0.98.6-1.11.amzn1.x86_64