The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


[USN-684-1] ClamAV vulnerability


<< Previous INDEX Search src / Print Next >>
Date: Tue, 2 Dec 2008 14:20:25 -0800
From: Kees Cook <kees@ubuntu.com.>
To: [email protected]
Subject: [USN-684-1] ClamAV vulnerability
Message-ID: <20081202222025.GH25309@outflux.net.>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
        protocol="application/pgp-signature"; boundary="zx4FCpZtqtKETZ7O"
Content-Disposition: inline
Organization: Ubuntu
X-MIMEDefang-Filter: outflux$Revision: 1.316 $
X-HELO: www.outflux.net
X-Scanned-By: MIMEDefang 2.63 on 10.2.0.1
X-Virus-Scanned: antivirus-gw at tyumen.ru


--zx4FCpZtqtKETZ7O
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline


Ubuntu Security Notice USN-684-1 December 02, 2008 clamav vulnerability https://bugs.launchpad.net/bugs/304017
A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: libclamav5 0.94.dfsg.2-1ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Ilja van Sprundel discovered that ClamAV did not handle recursive JPEG information. If a remote attacker sent a specially crafted JPEG file, ClamAV would crash, leading to a denial of service. Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.1.diff.gz Size/MD5: 159258 35b619fff489b7fdbfacd86170572cfa http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.1.dsc Size/MD5: 1545 d35181ceb4a8b93aa8ef3d80f424a52e http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2.orig.tar.gz Size/MD5: 22073819 7b45b0c54b887b23cb49e4bff807cf58 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-base_0.94.dfsg.2-1ubuntu0.1_all.deb Size/MD5: 19497162 d2d7052e4859a66f9556a33839be072b http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-docs_0.94.dfsg.2-1ubuntu0.1_all.deb Size/MD5: 1077346 0c0e57cf0a6d5004611621c81d158b3e http://security.ubuntu.com/ubuntu/pool/universe/c/clamav/clamav-testfiles_0.94.dfsg.2-1ubuntu0.1_all.deb Size/MD5: 208058 8dd86c35b97cfa0c111ec6a99f90d7b4 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.1_amd64.deb Size/MD5: 239628 465bacd5ebfec386196f83b90c59b1d5 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.1_amd64.deb Size/MD5: 914866 309f142bd797da5b06bae9f3273c729a http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_amd64.deb Size/MD5: 255448 b28942a9a6ecd5b09eea78f22f56658c http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.1_amd64.deb Size/MD5: 235612 d7fc1fbc5112f2b8b4bb81f26f8495bd http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.1_amd64.deb Size/MD5: 573860 1a499485cdee3a5ed728fdb115d4708e http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.1_amd64.deb Size/MD5: 538626 f1ec69b8d9bc15cf1b6ab9b483b37568 http://security.ubuntu.com/ubuntu/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.1_amd64.deb Size/MD5: 232722 4abb421ae13f2c04ccf7e975d68344f1 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.1_i386.deb Size/MD5: 233172 1e14e971a76712c4a38d3250e3f84a4f http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.1_i386.deb Size/MD5: 849368 dc7e8747a2f1b40db10fd3dfa80d6d8f http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_i386.deb Size/MD5: 253682 2dfbb18dbe45b97fe537e440c86079f0 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.1_i386.deb Size/MD5: 232686 f5fc69f35bb5206e6f3f1802eab27b87 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.1_i386.deb Size/MD5: 541856 cc9e3b0f262968372c5cdf8b62606280 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.1_i386.deb Size/MD5: 524410 2d1f9e712a3ef57c99434469a584f38d http://security.ubuntu.com/ubuntu/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.1_i386.deb Size/MD5: 229260 280079fa42c8ff6a18a8fd1406956f3c lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.1_lpia.deb Size/MD5: 232694 509ca94dd8ba239e70df349015eab8b6 http://ports.ubuntu.com/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.1_lpia.deb Size/MD5: 866262 636afb92077246666719c22544dda5bd http://ports.ubuntu.com/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_lpia.deb Size/MD5: 253738 0581fb06ce78fd9a2d1e2d81cfa95e87 http://ports.ubuntu.com/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.1_lpia.deb Size/MD5: 232232 7e301b68901a3435da4768b2845bf61d http://ports.ubuntu.com/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.1_lpia.deb Size/MD5: 543754 bd8453f227ae9bebcec4fb41b9e9d427 http://ports.ubuntu.com/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.1_lpia.deb Size/MD5: 527060 b903aa2ec89a2b3c327e170f3b23e021 http://ports.ubuntu.com/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.1_lpia.deb Size/MD5: 229286 d2af0a51fa4beb6eb3045f2dfa3abe9e powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.1_powerpc.deb Size/MD5: 242896 a8a6f8ef5d43b0856cb250879b6d741d http://ports.ubuntu.com/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.1_powerpc.deb Size/MD5: 903632 275eb13f4b9caa6ab4089aa0d8e97b24 http://ports.ubuntu.com/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_powerpc.deb Size/MD5: 258198 2109d15b9bcb4cedeb380ac295c26364 http://ports.ubuntu.com/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.1_powerpc.deb Size/MD5: 240246 c373dfb0ec6bd9539575aad28310a5ae http://ports.ubuntu.com/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.1_powerpc.deb Size/MD5: 613886 8a59e0abf3597d1c13ffa47ee0700b48 http://ports.ubuntu.com/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.1_powerpc.deb Size/MD5: 554872 992aa23fb6ed82684c8325743e366947 http://ports.ubuntu.com/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.1_powerpc.deb Size/MD5: 232832 36d93e39e3f1f74dde643bc78e38c4a7 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.1_sparc.deb Size/MD5: 232694 22f99a7b96cf3ab8749316cb3256b168 http://ports.ubuntu.com/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.1_sparc.deb Size/MD5: 836388 a2eb3d95d9a6254db4d7375844f18f57 http://ports.ubuntu.com/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_sparc.deb Size/MD5: 252954 b21baca5066e5e27a8b8154cc17b9d2c http://ports.ubuntu.com/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.1_sparc.deb Size/MD5: 233100 3c0b967b8a11e701698a1099a171ee82 http://ports.ubuntu.com/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.1_sparc.deb Size/MD5: 577734 05eb85bfb1a2ac3b223eba160167c7e2 http://ports.ubuntu.com/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.1_sparc.deb Size/MD5: 543454 09533df800dafec77af220c81897cb0e http://ports.ubuntu.com/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.1_sparc.deb Size/MD5: 230206 5abbd9810492e866183bb1033a284b18 --zx4FCpZtqtKETZ7O Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Kees Cook <kees@outflux.net.> iEYEARECAAYFAkk1tKkACgkQH/9LqRcGPm22ZACgnhO3wB4ZTW/AgqT8yElelAEQ Xo8AoI64nEkkXbL3REwNr6j8+LjSjZjx =NfCK -----END PGP SIGNATURE----- --zx4FCpZtqtKETZ7O--

<< Previous INDEX Search src / Print Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру