Description of problem: CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue. CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue. Versions 0.103.8, 0.105.2 and 1.0.1 available for fix. We would really need the new version for EPEL-7.
sorry forgot to add a link to the source: https://blog.clamav.net/2023/02/clamav-01038-01052-and-101-patch.html
Seems that fixed versionfor EPEL-8 and higher are available. What is with EPEL-7?
FEDORA-EPEL-2023-5cb6798308 has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-5cb6798308
for EPEL-7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-466d8ae059
FEDORA-EPEL-2023-5cb6798308 has been pushed to the Fedora EPEL 8 stable repository. If problem still persists, please make note of it in this bug report.