| Package | clamav |
|---|---|
| Version | 0.103.8+dfsg-0+deb8u1 (jessie), 0.103.8+dfsg-0+deb9u1 (stretch) |
| Related CVEs | CVE-2023-20032 CVE-2023-20052 |
Two vulnerabilities have been found in the ClamAV antivirus toolkit, which could result in arbitrary code execution or information disclosure when parsing maliciously crafted HFS+ or DMG files.
For Debian 8 jessie, these problems have been fixed in version 0.103.8+dfsg-0+deb8u1.
For Debian 9 stretch, these problems have been fixed in version 0.103.8+dfsg-0+deb9u1.
We recommend that you upgrade your clamav packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.