The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


[USN-754-1] ClamAV vulnerabilities


<< Previous INDEX Search src / Print Next >>
Date: Tue, 7 Apr 2009 14:32:12 -0500
From: Jamie Strandboge <jamie@canonical.com.>
To: [email protected]
Subject: [USN-754-1] ClamAV vulnerabilities
Message-ID: <20090407193212.GB10312@severus.strandboge.com.>
Reply-To: Jamie Strandboge <jamie@canonical.com.>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
        protocol="application/pgp-signature"; boundary="QTprm0S8XgL7H0Dt"
Content-Disposition: inline
User-Agent: Mutt/1.5.18 (2008-05-17)
X-Virus-Scanned: antivirus-gw at tyumen.ru


--QTprm0S8XgL7H0Dt
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline


Ubuntu Security Notice USN-754-1 April 07, 2009 clamav vulnerabilities https://launchpad.net/bugs/354190
A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: libclamav5 0.94.dfsg.2-1ubuntu0.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that ClamAV did not properly verify its input when processing TAR archives. A remote attacker could send a specially crafted TAR file and cause a denial of service via infinite loop. It was discovered that ClamAV did not properly validate Portable Executable (PE) files. A remote attacker could send a crafted PE file and cause a denial of service (divide by zero). Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.2.diff.gz Size/MD5: 159494 569d83469ec4c0c095e086b96ff93a3e http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.2.dsc Size/MD5: 1507 50f4ad487c539c33097493adde678bbc http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2.orig.tar.gz Size/MD5: 22073819 7b45b0c54b887b23cb49e4bff807cf58 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-base_0.94.dfsg.2-1ubuntu0.2_all.deb Size/MD5: 19497370 29b64e7342a2da826028fcd2d211c180 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-docs_0.94.dfsg.2-1ubuntu0.2_all.deb Size/MD5: 1077536 9dade9b20e2af72ab729f822a45ae620 http://security.ubuntu.com/ubuntu/pool/universe/c/clamav/clamav-testfiles_0.94.dfsg.2-1ubuntu0.2_all.deb Size/MD5: 208252 185ffe0740b4452c30ff71f15f3acecd amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.2_amd64.deb Size/MD5: 239812 d419a6a86bfed53b8c65de72018cf2be http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.2_amd64.deb Size/MD5: 915298 f142f24d6536475da4f2e4c61c29668f http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.2_amd64.deb Size/MD5: 255646 d059cb2af281f852f6d4631dbf23d956 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.2_amd64.deb Size/MD5: 235798 b42f6048c8c8c0a325ffafb6adc743a8 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.2_amd64.deb Size/MD5: 574076 58ed72c648459676b3ca0b80bf292c72 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.2_amd64.deb Size/MD5: 538786 baf0e94e72890b13a55e5a85240adcdd http://security.ubuntu.com/ubuntu/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.2_amd64.deb Size/MD5: 232880 aae5790414af14016065fc641c5d0103 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.2_i386.deb Size/MD5: 233350 8dab9e16b38722e0915b2c0bff509d57 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.2_i386.deb Size/MD5: 849252 20380bf3aa97e511e8d5846b48cce4e3 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.2_i386.deb Size/MD5: 253896 168c66b29f99e32e310c95232a335caf http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.2_i386.deb Size/MD5: 232884 ff274f6cfb81c7317e8dc6185e3b99e2 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.2_i386.deb Size/MD5: 542018 90aa265556942f7e385ff8efd1d90378 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.2_i386.deb Size/MD5: 524704 5a5769d3dcafc905cf2566b455a66055 http://security.ubuntu.com/ubuntu/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.2_i386.deb Size/MD5: 229422 24ca2a59a498fcd1f0facd82a230382e lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.2_lpia.deb Size/MD5: 232896 a7c1b915398100aae59e78196d88993d http://ports.ubuntu.com/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.2_lpia.deb Size/MD5: 866776 a0028dcb322e704271d64887c27298c3 http://ports.ubuntu.com/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.2_lpia.deb Size/MD5: 253922 e3eb70eb180f016131aa58b42c07d30f http://ports.ubuntu.com/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.2_lpia.deb Size/MD5: 232420 9684e4007d9b666997f952c412bc6bad http://ports.ubuntu.com/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.2_lpia.deb Size/MD5: 544010 15cebc737098bee5f8f29cea2f2ce926 http://ports.ubuntu.com/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.2_lpia.deb Size/MD5: 527298 94c4332c8aafbd271ccf852e6e39f81f http://ports.ubuntu.com/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.2_lpia.deb Size/MD5: 229436 82e0002dafa432c7ba9cf3599f06c8a6 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.2_powerpc.deb Size/MD5: 243080 12f136c1c63f192fcd10ba1be9ee9388 http://ports.ubuntu.com/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.2_powerpc.deb Size/MD5: 903752 c1b8337a7907aff23b2d906a96d7ed2e http://ports.ubuntu.com/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.2_powerpc.deb Size/MD5: 258406 b0b4ccab674564620c7d5cfb3ff1bf4b http://ports.ubuntu.com/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.2_powerpc.deb Size/MD5: 240432 d701e42128b81fc59d097bd0bd630d5d http://ports.ubuntu.com/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.2_powerpc.deb Size/MD5: 614092 53784edb59531d11ad1061fed69f1416 http://ports.ubuntu.com/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.2_powerpc.deb Size/MD5: 555154 1367903a35abb12629e888a349e09c1f http://ports.ubuntu.com/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.2_powerpc.deb Size/MD5: 232982 78c674f2eb6be9553d6095c51a9b94fb sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.2_sparc.deb Size/MD5: 232896 c7efef059d819f94201ce83033ac18b1 http://ports.ubuntu.com/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.2_sparc.deb Size/MD5: 836434 fbe2ff2c6d676fc07b7c2ed6622dd111 http://ports.ubuntu.com/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.2_sparc.deb Size/MD5: 253176 9fa78256318e53cb80ae25083d9542e6 http://ports.ubuntu.com/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.2_sparc.deb Size/MD5: 233292 7e71e6dae6924f5ec8ee5073307c6157 http://ports.ubuntu.com/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.2_sparc.deb Size/MD5: 577972 c314d733cc7d2e1e7126306621051a32 http://ports.ubuntu.com/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.2_sparc.deb Size/MD5: 543722 47a3c931269cec8100eb3996dfa3c2fd http://ports.ubuntu.com/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.2_sparc.deb Size/MD5: 230372 53641460c0f848902ed9d300443fbadd --QTprm0S8XgL7H0Dt Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAknbqjwACgkQW0JvuRdL8BoC8ACfeOQIuk+7cfEQBeGqGdTPWH0W 9koAoIxNN8SUtJLR1AH0HVgIjgd8aPDB =gsdZ -----END PGP SIGNATURE----- --QTprm0S8XgL7H0Dt--

<< Previous INDEX Search src / Print Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру