Skip to content

ClamAV 1.0.8
Compare
Choose a tag to compare
@val-ms val-ms released this 22 Jan 16:58
· 346 commits to main since this release
clamav-1.0.8
9a2c642
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

ClamAV 1.0.8 is a patch release with the following fixes:

  • CVE-2025-20128:
    Fixed a possible buffer overflow read bug in the OLE2 file parser that could
    cause a denial-of-service (DoS) condition.

    This issue was introduced in version 1.0.0 and affects all currently
    supported versions. It will be fixed in:

    • 1.4.2
    • 1.0.8

    Thank you to OSS-Fuzz for identifying this issue.

  • ClamOnAcc: Fixed an infinite loop when a watched directory does not exist.
    This is a backport of a fix from ClamAV 1.3.0.

Assets 18
Loading