Mandriva Linux Security Advisory 2012-094 - This is a bugfix release that upgrades clamav to the latest version The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. The Microsoft CHM file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry.
9d3c70ef74c52e6171f0b59d36ffcd805402309bc35d4dd9220758ef6d22659b