@@ -5,7 +5,40 @@ differ slightly from third-party binary packages.
55
66## 1.3.1
77
8- ClamAV 1.3.1 is a critical patch release with the following fix:
8+ ClamAV 1.3.1 is a critical patch release with the following fixes:
9+
10+ - [ CVE-2024 -20380] ( https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20380 ) :
11+ Fixed a possible crash in the HTML file parser that could cause a
12+ denial-of-service (DoS) condition.
13+
14+ This issue affects version 1.3.0 only and does not affect prior versions.
15+
16+ Thank you to Błażej Pawłowski for identifying this issue.
17+ - [ GitHub pull request] ( https://github.com/Cisco-Talos/clamav/pull/1242 )
18+
19+ - Updated select Rust dependencies to the latest versions.
20+ This resolved Cargo audit complaints and included PNG parser bug fixes.
21+ - [ GitHub pull request] ( https://github.com/Cisco-Talos/clamav/pull/1227 )
22+
23+ - Fixed a bug causing some text to be truncated when converting from UTF-16.
24+ - [ GitHub pull request] ( https://github.com/Cisco-Talos/clamav/pull/1230 )
25+
26+ - Fixed assorted complaints identified by Coverity static analysis.
27+ - [ GitHub pull request] ( https://github.com/Cisco-Talos/clamav/pull/1235 )
28+
29+ - Fixed a bug causing CVDs downloaded by the ` DatabaseCustomURL ` Freshclam
30+ config option to be pruned and then re-downloaded with every update.
31+ - [ GitHub pull request] ( https://github.com/Cisco-Talos/clamav/pull/1238 )
32+
33+ - Added the new 'valhalla' database name to the list of optional databases in
34+ preparation for future work.
35+ - [ GitHub pull request] ( https://github.com/Cisco-Talos/clamav/pull/1238 )
36+
37+ - Added symbols to the ` libclamav.map ` file to enable additional build
38+ configurations.
39+
40+ Patch courtesy of Neil Wilson.
41+ - [ GitHub pull request] ( https://github.com/Cisco-Talos/clamav/pull/1244 )
942
1043## 1.3.0
1144
0 commit comments