Amazon Linux 1 Security Advisory: ALAS-2019-1213
Advisory Release Date: 2019-05-16 23:16 Pacific
Advisory Updated Date: 2019-05-20 19:09 Pacific
An out-of-bounds heap read condition may occur when scanning PDF documents. The defect is a failure to correctly keep track of the number of bytes remaining in a buffer when indexing file data. (CVE-2019-1787)
An out-of-bounds heap read condition may occur when scanning PE files (i.e. Windows EXE and DLL files) that have been packed using Aspack as a result of inadequate bound-checking. (CVE-2019-1789)
An out-of-bounds heap write condition may occur when scanning OLE2 files such as Microsoft Office 97-2003 documents. The invalid write happens when an invalid pointer is mistakenly used to initialize a 32bit integer to zero. This is likely to crash the application. (CVE-2019-1788)
Affected Packages:
clamav
Issue Correction:
Run yum update clamav to update your system.
i686:
clamav-lib-0.101.2-1.38.amzn1.i686
clamav-update-0.101.2-1.38.amzn1.i686
clamav-debuginfo-0.101.2-1.38.amzn1.i686
clamav-0.101.2-1.38.amzn1.i686
clamd-0.101.2-1.38.amzn1.i686
clamav-db-0.101.2-1.38.amzn1.i686
clamav-devel-0.101.2-1.38.amzn1.i686
clamav-milter-0.101.2-1.38.amzn1.i686
noarch:
clamav-data-0.101.2-1.38.amzn1.noarch
clamav-filesystem-0.101.2-1.38.amzn1.noarch
src:
clamav-0.101.2-1.38.amzn1.src
x86_64:
clamav-lib-0.101.2-1.38.amzn1.x86_64
clamav-devel-0.101.2-1.38.amzn1.x86_64
clamav-db-0.101.2-1.38.amzn1.x86_64
clamav-debuginfo-0.101.2-1.38.amzn1.x86_64
clamd-0.101.2-1.38.amzn1.x86_64
clamav-0.101.2-1.38.amzn1.x86_64
clamav-milter-0.101.2-1.38.amzn1.x86_64
clamav-update-0.101.2-1.38.amzn1.x86_64