Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
ClamAV Vunerability??
« previous
next »
Print
Pages: [
1
]
Author
Topic: ClamAV Vunerability?? (Read 579 times)
spetrillo
Hero Member
Posts: 721
Karma: 8
ClamAV Vunerability??
«
on:
May 13, 2024, 08:31:57 pm »
Is this an issue and is there a fix??
***GOT REQUEST TO AUDIT SECURITY***
Currently running OPNsense 24.1.6 at Mon May 13 13:30:44 CDT 2024
vulnxml file up-to-date
clamav-1.3.0_2,1 is vulnerable:
clamav -- Possible crash in the HTML file parser that could cause a denial-of-service (DoS) condition
CVE: CVE-2024-20380
WWW:
https://vuxml.FreeBSD.org/freebsd/ecafc4af-fe8a-11ee-890c-08002784c58d.html
1 problem(s) in 1 installed package(s) found.
***DONE***
Logged
franco
Administrator
Hero Member
Posts: 17675
Karma: 1613
Re: ClamAV Vunerability??
«
Reply #1 on:
May 13, 2024, 08:34:44 pm »
Don't know. You want me to click the link to find out?
Cheers,
Franco
Logged
spetrillo
Hero Member
Posts: 721
Karma: 8
Re: ClamAV Vunerability??
«
Reply #2 on:
May 13, 2024, 08:50:00 pm »
Looks like it's a new vulnerability. I was really asking if ppl were aware of the vulnerability.
Logged
franco
Administrator
Hero Member
Posts: 17675
Karma: 1613
Re: ClamAV Vunerability??
«
Reply #3 on:
May 13, 2024, 10:18:01 pm »
Appears to be a hit-and-miss in the ports tree shortly after 24.1.6 was done:
https://github.com/opnsense/ports/commit/1a10ccddb8
But that also means 24.1.7 will fix it by updating to the patched version on Wednesday.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
ClamAV Vunerability??