Ubuntu Security Notice USN-6636-1

==========================================================================Ubuntu Security Notice USN-6636-1February 14, 2024clamav vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 23.10Summary:Several security issues were fixed in ClamAV.Software Description:- clamav: Anti-virus utility for UnixDetails:It was discovered that ClamAV incorrectly handled parsing certain OLE2files. A remote attacker could possibly use this issue to cause ClamAV tocrash, resulting in a denial of service. (CVE-2024-20290)Amit Schendel discovered that the ClamAV ClamD service incorrectly handledthe VirusEvent feature. An attacker able to connect to ClamD could possiblyuse this issue to execute arbitrary code. (CVE-2024-20328)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 23.10:   clamav                          1.0.5+dfsg-0ubuntu0.23.10.1This update uses a new upstream release, which includes additional bugfixes. In general, a standard system update will make all the necessarychanges.References:   https://ubuntu.com/security/notices/USN-6636-1   CVE-2024-20290, CVE-2024-20328Package Information:   https://launchpad.net/ubuntu/+source/clamav/1.0.5+dfsg-0ubuntu0.23.10.1