On May 2017, the Debian project announced that it would not be accepting any new packages for the clamav package in the next release of its software distribution: Due to the lack of activity and support over the last few releases, the Debian maintainers have come to the conclusion that it is time to end-of-life (EoL) the clamav package. This means that it will not be included in the next release of Debian, version 9.0 (stretch). A large number of users depend on this package and without a package there to install, Debian users will have to look elsewhere for a solution.
What is clamav?
Clamav is a popular antivirus package that has been around for some time. It offers a free, open source service and is used by many business and home users alike. Clamav has been in Debian since the early days, when it was included as part of the distro.
In its defense against viruses, clamav runs on a host-based scanner and uses the signatures database to scan files before they are run by the system. There are also live scanners that can run on file systems during normal system operation to stop viruses from spreading further.
What is CVE-2022?
This is an entry in the Common Vulnerabilities and Exposures (CVE) database. It is a report about a potential security flaw in a specific software package. The CVE-2022-20796 entry was discovered on May 2017 and the Debian project announced that it would not be accepting any new packages for the clamav package in the next release of its software distribution:
On May 2017, the Debian project announced that it would not be accepting any new packages for the clamav package in the next release of its software distribution: Due to the lack of activity and support over the last few releases, the Debian maintainers have come to the conclusion that it is time to end-of-life (EoL) the clamav package. This means that it will not be included in the next release of Debian, version 9.0 (stretch). A large number of users depend on this package and without a package there to install, Debian users will have to look elsewhere for a solution.
What Is ClamAV?
ClamAV is a free and open-source (GPLv3) antivirus software for Microsoft Windows, Linux and macOS. The project was created by Igor Golovin of Kaspersky Lab in 1998. It provides email scanning, file scanning and network traffic analysis capabilities. ClamAV is one of the most popular antivirus software packages in use today on Unix systems.
How to get the fix for CVE-2022-20796
If you are a Debian user, follow these steps to get the clamav package:
- Download the clamav source package from its website.
- Unpack and configure the package according to the instructions in the file README.Debian.
- Build and install the software: $ sudo dpkg -i *.deb
- Post-install, run this command to ensure that clamav is installed properly: $ sudo ldconfig
Timeline
Published on: 05/04/2022 17:15:00 UTC
Last modified on: 07/01/2022 18:56:00 UTC
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-vL9x58p4
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/
- https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-20796