Skip to content

ClamAV 1.1.1

Compare
Choose a tag to compare
@micahsnyder micahsnyder released this 16 Aug 16:11
· 238 commits to main since this release

ClamAV 1.1.1 is a critical patch release with the following fixes:

  • CVE-2023-20197
    Fixed a possible denial of service vulnerability in the HFS+ file parser.
    This issue affects versions 1.1.0, 1.0.1 through 1.0.0, 0.105.2 through 0.105.0,
    0.104.4 through 0.104.0, and 0.103.8 through 0.103.0.
    Thank you to Steve Smith for reporting this issue.

  • Fixed a build issue when using the Rust nightly toolchain, which was
    affecting the oss-fuzz build environment used for regression tests.

    • GitHub pull request: #997
  • Fixed a build issue on Windows when using Rust version 1.70 or newer.

    • GitHub pull request: #994
  • CMake build system improvement to support compiling with OpenSSL 3.x on
    macOS with the Xcode toolchain.

    The official ClamAV installers and packages are now built with OpenSSL 3.1.1
    or newer.

    • GitHub pull request: #972
  • Removed a warning message showing the HTTP response codes during the
    Freshclam database update process.

    • GitHub pull request: #939

Special thanks to the following people for code contributions and bug reports:

  • Steve Smith