[CentOS] CVE-2017-12376

Fri Jan 26 16:02:57 UTC 2018
Richard <lists-centos at listmail.innovate.net>


> Date: Friday, January 26, 2018 09:54:24 -0500
> From: Jonathan Billings <billings at negate.org>
>
> On Fri, Jan 26, 2018 at 03:33:24PM +0100, Walter H. wrote:
>> On 26.01.2018 15:09, Johnny Hughes wrote:
>> > On 01/26/2018 05:55 AM, Walter H. wrote:
>> > > Hello,
>> > > 
>> > > are there updates for this CVE with ClamAV f. CentOS 6 in
>> > > progress?
>> > > 
>> > The CentOS Project does not release ClamAV.  What repo are you
>> > getting it from?  I see that it does exist in EPEL.
>> > 
>> from EPEL repo
> 
> This is where you file bugs:
> 
> https://apps.fedoraproject.org/packages/clamav/bugs/all
> 
> CentOS doesn't maintain clamav.


The ClamAV people just announced the release of production 0.99.3. It
addresses CVE-2017- 12374-12380. See <http://blog.clamav.net/> for
their details, and as indicated, the epel people for timing of their
packaging and release of this.