{"affected":[{"ecosystem_specific":{"binaries":[{"clamav":"0.103.2-lp152.6.6.1","clamav-devel":"0.103.2-lp152.6.6.1","libclamav9":"0.103.2-lp152.6.6.1","libfreshclam2":"0.103.2-lp152.6.6.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.2","name":"clamav","purl":"pkg:rpm/opensuse/clamav&distro=openSUSE%20Leap%2015.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.103.2-lp152.6.6.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for clamav fixes the following issues:\n\n- CVE-2021-1252: Fix for Excel XLM parser infinite loop. (bsc#1184532)\n- CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. (bsc#1184533)\n- CVE-2021-1405: Fix for mail parser NULL-dereference crash. (bsc#1184534)\n- Fix errors when scanning files > 4G (bsc#1181256)\n- Update clamav.keyring\n- Update to 0.103.2\n\nThis update was imported from the SUSE:SLE-15:Update update project.","id":"openSUSE-SU-2021:0555-1","modified":"2021-04-15T06:11:23Z","published":"2021-04-15T06:11:23Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Y6VSAMGIC5SWPJK6HWIGRENALM6YMT46/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181256"},{"type":"REPORT","url":"https://bugzilla.suse.com/1184532"},{"type":"REPORT","url":"https://bugzilla.suse.com/1184533"},{"type":"REPORT","url":"https://bugzilla.suse.com/1184534"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-1252"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-1404"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-1405"}],"related":["CVE-2021-1252","CVE-2021-1404","CVE-2021-1405"],"summary":"Security update for clamav","upstream":["CVE-2021-1252","CVE-2021-1404","CVE-2021-1405"]}