Ubuntu
clamav package

CVE-2022-20698 ClamAV update

Bug #1957996 reported by Andrew Aitchison on 2022-01-14

260

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	clamav (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html
reports a security bug - CVE-2022-20698 - which is fixed in clamav 0.103.5 and 0.104.2
Please update clamav.

Thank you,

CVE References

2022-20698

Andrew Aitchison (werdnakendal) on 2022-01-14

information type:

Private Security → Public Security

Revision history for this message

Andrew Aitchison (werdnakendal) wrote on 2022-01-14:

libclamunrar should ideally be updated in sync with this, see
https://bugs.launchpad.net/ubuntu/+source/libclamunrar/+bug/1798089

Revision history for this message

Utkarsh Gupta (utkarsh) wrote on 2022-01-18:

Hello,

ClamAV 0.103.5+dfsg-1 is available in Jammy since 13th January, fixing the CVE in question, therefore, I am marking this as Fix Released for Jammy. Thank you!

Changed in clamav (Ubuntu):
status:	New → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuclamav package