git: e1438a229a01 - main - security/vuxml: Document possbile denial-of-service vulnerability in clamav

The branch main has been updated by yasu:

URL: https://cgit.FreeBSD.org/ports/commit/?id=e1438a229a01171c4c4c4dd5b40d9c86c661f1ae

commit e1438a229a01171c4c4c4dd5b40d9c86c661f1ae
Author:     Yasuhiro Kimura <yasu@FreeBSD.org>
AuthorDate: 2025-01-23 02:18:07 +0000
Commit:     Yasuhiro Kimura <yasu@FreeBSD.org>
CommitDate: 2025-01-23 03:40:39 +0000

    security/vuxml: Document possbile denial-of-service vulnerability in clamav
---
 security/vuxml/vuln/2025.xml | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml
index a45b6b9e5526..f4ac0548d0d0 100644
--- a/security/vuxml/vuln/2025.xml
+++ b/security/vuxml/vuln/2025.xml
@@ -1,3 +1,37 @@
+  <vuln vid="1e109b60-d92e-11ef-a661-08002784c58d">
+    <topic>clamav -- Possbile denial-of-service vulnerability</topic>
+    <affects>
+      <package>
+	<name>clamav</name>
+	<range><ge>1.0.0,1</ge><lt>1.4.2,1</lt></range>
+      </package>
+      <package>
+	<name>clamav-lts</name>
+	<range><ge>1.0.0,1</ge><lt>1.0.8,1</lt></range>
+      </package>
+    </affects>
+    <description>
+	<body xmlns="http://www.w3.org/1999/xhtml">
+	<p>The ClamAV project reports:</p>
+	<blockquote cite="https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html">
+	  <p>
+	    A possible buffer overflow read bug is found in the OLE2
+	    file parser that could cause a denial-of-service (DoS)
+	    condition.
+	  </p>
+	</blockquote>
+	</body>
+    </description>
+    <references>
+      <cvename>CVE-2025-20128</cvename>
+      <url>https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html</url>
+    </references>
+    <dates>
+      <discovery>2025-01-22</discovery>
+      <entry>2025-01-23</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="7d17676d-4828-4a43-85d6-1ee14362de6e">
     <topic>electron32 -- Type Confusion in V8</topic>
     <affects>