Errata overview
Errata ID 442
Date 2018-08-15
Source package clamav
Fixed in version 0.100.1+dfsg-0+deb8u0A~
This update addresses the following issues:
* Remote denial of service due to an out-of-bounds read when ClamAV scans
  Portable Document Format (.pdf) files (CVE-2018-0202)
* Remote denial of service due to HWP integer overflow with a resultant
  infinite loop via a crafted Hangul Word Processor (HWP) file
* Remote denial of service due to ClamAV lacking a PDF object length check,
  resulting in an unreasonably long time to parse a relatively small file
* Out of bounds heap memory read vulnerability in XAR parser, that can result
  in leaking of memory, may help in developing exploit chains. This attack
  appears to be exploitable in case the victim scans a crafted XAR file
Additional notes
CVE ID CVE-2018-0202
UCS Bug number #47474