[ubuntu-studio-devel] Antivirus, code / app content scanning.
ralf.mardorf at alice-dsl.net
Thu Oct 6 22:36:25 UTC 2016
On Fri, 7 Oct 2016 00:26:09 +0200, Ralf Mardorf wrote:
>there's a news page
"USN-3093-1: ClamAV vulnerabilities - 28th September 2016
It was discovered that ClamAV incorrectly handled certain malformed
files. A remote attacker could use this issue to cause ClamAV to crash,
resulting in a denial of service, or possibly execute arbitrary code.
In the default installation, attackers would be isolated by the ClamAV
CVE-2016-1371 CVE-2016-1372 CVE-2016-1405"
...IIUC as long as apparmor is used, it's still safe, OTOH the anti
virus software, good for absolutely nothing for the Linux install, just
good to protect e.g. Windows users, when using e.g. a Linux mail
server, only adds the risk of additional vulnerabilities ;).
More information about the ubuntu-studio-devel