ClamAV 0.103.1 free antivirus package update

A free anti-virus package has been released ClamAV 0.103.1 , which, in addition to bug fixes, offers several changes:

  • A new scan option has been added to warn about the transfer of corrupted graphic files, through which they can potentially try to exploit vulnerabilities in graphic libraries. Format validation is implemented for JPEG, TIFF, PNG and GIF files, and is enabled via the AlertBrokenMedia setting in clamd.conf or the “–alert-broken-media” command line option in clamscan.
  • Added new types CL_TYPE_TIFF and CL_TYPE_JPEG for defining GIF and PNG files. BMP and JPEG 2000 types continue to be defined as CL_TYPE_GRAPHICS because they do not support parsing.
  • An error has been encountered in the PNG image parsing code that may lead to stack exhaustion when scanning PNG files.
  • Dynamic configuration support (DCONF) has been added for TIFF format, which allows to disable format validation through the signature base. For JPEG, PNG and GIF, a similar option was added earlier.
/Media reports.