L4126-L4129 of libclamav/scanners.c:
```
if (CL_SUCCESS != fmap_get_MD5(ctx->fmap, &hash)) {
cli_dbgmsg("cli_magic_scan: Failed to get a hash for the current
fmap.\n");
goto done;
}
```
seems like hard-coded into the scanner, so workaround:
1. (haven't backported and tried) use the patch
https://github.com/Cisco-Talos/clamav/pull/959 to "claim" all the md5 usage as
in non-cryptographic contexts
2. build clamav 1.5 from source
Personally I dislike the idea of 1 since the md5 usage here **IS**
indeed in cryptographic contexts (replying on the collision resistance
property of hash)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2106024
Title:
Backport fix for Ubuntu 22.04 FIPS-enabled environments
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/2106024/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
