ClamAV: Multiple vulnerabilities Multiple vulnerabilities have been found in ClamAV, the worst of which may allow execution of arbitrary code. clamav 2018-01-26 2018-01-26 645794 remote 0.99.3 0.99.3

ClamAV is a GPL virus scanner.

Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details.

A remote attacker could cause ClamAV to scan a specially crafted file, possibly resulting in execution of arbitrary code with the privileges of the process or cause a Denial of Service condition.

There is no known workaround at this time.

All ClamAV users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.99.3" CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380 whissi whissi