Skip to content

ClamAV 1.4.2

Latest
Latest
Compare
Choose a tag to compare
@val-ms val-ms released this 22 Jan 17:08
· 37 commits to main since this release
clamav-1.4.2
98882f5
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

ClamAV 1.4.2 is a patch release with the following fixes:

  • CVE-2025-20128:
    Fixed a possible buffer overflow read bug in the OLE2 file parser that could
    cause a denial-of-service (DoS) condition.

    This issue was introduced in version 1.0.0 and affects all currently
    supported versions. It will be fixed in:

    • 1.4.2
    • 1.0.8

    Thank you to OSS-Fuzz for identifying this issue.

Assets 22
Loading