Login
Newsletter
Werbung
Sicherheit: Denial of Service in clamav
Aktuelle Meldungen Distributionen
Name: Denial of Service in clamav
ID: MDKSA-2007:150
Distribution: Mandriva
Plattformen: Mandriva Corporate 3.0, Mandriva Corporate 4.0, Mandriva 2007.0, Mandriva 2007.1
Datum: Do, 26. Juli 2007, 01:42
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3725
Applikationen: Clam Antivirus

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1185406944-7034-162


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:150
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : clamav
 Date    : July 25, 2007
 Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 A vulnerability in the RAR VM in ClamAV allowed user-assisted remote
 attackers to cause a crash via a crafted RAR archive which resulted
 in a NULL pointer dereference.
 
 Other bugs have also been corrected in 0.91.1 which is being provided
 with this update.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3725
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 a1d7123d64b17de98db72e05959657e0 
 2007.0/i586/clamav-0.91.1-1.1mdv2007.0.i586.rpm
 4e814bbff65dc4129f398f72b6d62640 
 2007.0/i586/clamav-db-0.91.1-1.1mdv2007.0.i586.rpm
 c6267bcae66562a2458cf9ad5d6de8f4 
 2007.0/i586/clamav-milter-0.91.1-1.1mdv2007.0.i586.rpm
 1f263279bf4cd5460786fe0759c0ec96 
 2007.0/i586/clamd-0.91.1-1.1mdv2007.0.i586.rpm
 0b14d3e33ba65c556cbea0dd4b55a51c 
 2007.0/i586/clamdmon-0.91.1-1.1mdv2007.0.i586.rpm
 2bd3ff262e1f1b5d261e2aa986d23ad5 
 2007.0/i586/libclamav2-0.91.1-1.1mdv2007.0.i586.rpm
 b9b0dac5eccf1000b8301187bcad99b2 
 2007.0/i586/libclamav2-devel-0.91.1-1.1mdv2007.0.i586.rpm 
 d1b697088a726c293ee54cc25b660308 
 2007.0/SRPMS/clamav-0.91.1-1.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 c0b6dc4ec4ab20dba0129966d42cd75e 
 2007.0/x86_64/clamav-0.91.1-1.1mdv2007.0.x86_64.rpm
 8c28b0917575a5b0f2306f6c30d35df8 
 2007.0/x86_64/clamav-db-0.91.1-1.1mdv2007.0.x86_64.rpm
 fbf470d9921d86b6cfbf0b75a8723f71 
 2007.0/x86_64/clamav-milter-0.91.1-1.1mdv2007.0.x86_64.rpm
 9dbff52f73edb4b10efa681b2c3b6b38 
 2007.0/x86_64/clamd-0.91.1-1.1mdv2007.0.x86_64.rpm
 60f9f0b6e869e4931ea6a5e1521d079b 
 2007.0/x86_64/clamdmon-0.91.1-1.1mdv2007.0.x86_64.rpm
 4de72c8d9cd714e0b1b7d9d1aadcb131 
 2007.0/x86_64/lib64clamav2-0.91.1-1.1mdv2007.0.x86_64.rpm
 63dc325ae89be61dca20128ae021a812 
 2007.0/x86_64/lib64clamav2-devel-0.91.1-1.1mdv2007.0.x86_64.rpm 
 d1b697088a726c293ee54cc25b660308 
 2007.0/SRPMS/clamav-0.91.1-1.1mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 5044c759d6cad93402ddd5350262f5fb 
 2007.1/i586/clamav-0.91.1-1.1mdv2007.1.i586.rpm
 9fdbb064de5d4752bf29b68edf86c9b7 
 2007.1/i586/clamav-db-0.91.1-1.1mdv2007.1.i586.rpm
 0bb59e9542365b9bd1faf3cdb041e1d1 
 2007.1/i586/clamav-milter-0.91.1-1.1mdv2007.1.i586.rpm
 2f95a4750b57cd52a8f8fe30ff62ad85 
 2007.1/i586/clamd-0.91.1-1.1mdv2007.1.i586.rpm
 33548bc49879899559d5700f7ec0add2 
 2007.1/i586/clamdmon-0.91.1-1.1mdv2007.1.i586.rpm
 4dc6d180ee9e306fa5eb3a1dfe81aa9e 
 2007.1/i586/libclamav2-0.91.1-1.1mdv2007.1.i586.rpm
 f2e5333e7c60c9cbc7b70f3994a867c3 
 2007.1/i586/libclamav2-devel-0.91.1-1.1mdv2007.1.i586.rpm 
 fdb6ea9465c87b3206051df922e509d0 
 2007.1/SRPMS/clamav-0.91.1-1.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 15b628de57bf9b067dfe17e4050eae06 
 2007.1/x86_64/clamav-0.91.1-1.1mdv2007.1.x86_64.rpm
 f53ae231e7591079b7a9f88c948527d5 
 2007.1/x86_64/clamav-db-0.91.1-1.1mdv2007.1.x86_64.rpm
 be2c036992c7ebd82ffdc45e4679c83c 
 2007.1/x86_64/clamav-milter-0.91.1-1.1mdv2007.1.x86_64.rpm
 cabcdcf73a9e49ead2db583e1a55af71 
 2007.1/x86_64/clamd-0.91.1-1.1mdv2007.1.x86_64.rpm
 8f8e068f16c979be31d688069c76b797 
 2007.1/x86_64/clamdmon-0.91.1-1.1mdv2007.1.x86_64.rpm
 c37ebfab59ca964727252852af351988 
 2007.1/x86_64/lib64clamav2-0.91.1-1.1mdv2007.1.x86_64.rpm
 744eaf423e847ad4ed1204cfde0bac22 
 2007.1/x86_64/lib64clamav2-devel-0.91.1-1.1mdv2007.1.x86_64.rpm 
 fdb6ea9465c87b3206051df922e509d0 
 2007.1/SRPMS/clamav-0.91.1-1.1mdv2007.1.src.rpm

 Corporate 3.0:
 3d676fd4f9e9ded80498b13ee9703447 
 corporate/3.0/i586/clamav-0.91.1-0.1.C30mdk.i586.rpm
 b9b12ef53061ccf1f695c2fffe6a04bb 
 corporate/3.0/i586/clamav-db-0.91.1-0.1.C30mdk.i586.rpm
 24da7dc91cbe989c78c7bdf6dba9e900 
 corporate/3.0/i586/clamav-milter-0.91.1-0.1.C30mdk.i586.rpm
 bc9fdfa2c9a6c356f7f14f186d2e57d9 
 corporate/3.0/i586/clamd-0.91.1-0.1.C30mdk.i586.rpm
 3e930ebd2759f14da53b0f2f4d8cf7da 
 corporate/3.0/i586/clamdmon-0.91.1-0.1.C30mdk.i586.rpm
 5897ace4abdc86cff7c7f9b073c4a046 
 corporate/3.0/i586/libclamav2-0.91.1-0.1.C30mdk.i586.rpm
 56909a444cdc2b2c60f4c07d8d829034 
 corporate/3.0/i586/libclamav2-devel-0.91.1-0.1.C30mdk.i586.rpm 
 b1c34cc12fb36c73c469dcfbf4bcaa4e 
 corporate/3.0/SRPMS/clamav-0.91.1-0.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 1d9868884be1e6222e4161458bb66c26 
 corporate/3.0/x86_64/clamav-0.91.1-0.1.C30mdk.x86_64.rpm
 7cfa0abb1592069c41b7a9e413c9c087 
 corporate/3.0/x86_64/clamav-db-0.91.1-0.1.C30mdk.x86_64.rpm
 eebc3cadf53dd91a4ce07e24f52dc769 
 corporate/3.0/x86_64/clamav-milter-0.91.1-0.1.C30mdk.x86_64.rpm
 51c2d25c6a9daaf22e4de6664f59214b 
 corporate/3.0/x86_64/clamd-0.91.1-0.1.C30mdk.x86_64.rpm
 7204fe1ba0c6bf928e5acf49be41162f 
 corporate/3.0/x86_64/clamdmon-0.91.1-0.1.C30mdk.x86_64.rpm
 0a35b0352337135ef77792872c1b2f3c 
 corporate/3.0/x86_64/lib64clamav2-0.91.1-0.1.C30mdk.x86_64.rpm
 ac762dda202af6e7c334aeb4281478c8 
 corporate/3.0/x86_64/lib64clamav2-devel-0.91.1-0.1.C30mdk.x86_64.rpm 
 b1c34cc12fb36c73c469dcfbf4bcaa4e 
 corporate/3.0/SRPMS/clamav-0.91.1-0.1.C30mdk.src.rpm

 Corporate 4.0:
 07b49366a22bd05a2a2bb04301e4f7ea 
 corporate/4.0/i586/clamav-0.91.1-0.1.20060mlcs4.i586.rpm
 ef63aaea4109ca3a3f1fd2faafef6cc7 
 corporate/4.0/i586/clamav-db-0.91.1-0.1.20060mlcs4.i586.rpm
 b05e11e5f7ede181d6160976f52c8fb0 
 corporate/4.0/i586/clamav-milter-0.91.1-0.1.20060mlcs4.i586.rpm
 153c8daee5528351b1dc9488d462f39d 
 corporate/4.0/i586/clamd-0.91.1-0.1.20060mlcs4.i586.rpm
 51b0ece4e3aea78fc412595687817edf 
 corporate/4.0/i586/clamdmon-0.91.1-0.1.20060mlcs4.i586.rpm
 8fbd33f837d05be535798d580105d4d8 
 corporate/4.0/i586/libclamav2-0.91.1-0.1.20060mlcs4.i586.rpm
 ad7330c0fdfc2a372d462991701c3462 
 corporate/4.0/i586/libclamav2-devel-0.91.1-0.1.20060mlcs4.i586.rpm 
 3e04440a073f6c606289c90280cf3c7c 
 corporate/4.0/SRPMS/clamav-0.91.1-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 c4bbd2429700fbe41ae69d9926b40569 
 corporate/4.0/x86_64/clamav-0.91.1-0.1.20060mlcs4.x86_64.rpm
 4bba7834c9a14cf2098f3993389d78af 
 corporate/4.0/x86_64/clamav-db-0.91.1-0.1.20060mlcs4.x86_64.rpm
 b185a885f6c1038fcc6332a0d4edd5bb 
 corporate/4.0/x86_64/clamav-milter-0.91.1-0.1.20060mlcs4.x86_64.rpm
 a3a66b6dcd5834b765339d4e821608dd 
 corporate/4.0/x86_64/clamd-0.91.1-0.1.20060mlcs4.x86_64.rpm
 9f2edd76e48cd6c77e8fd847beb8710d 
 corporate/4.0/x86_64/clamdmon-0.91.1-0.1.20060mlcs4.x86_64.rpm
 b446eebd29ba07eaea893bb68c9932ba 
 corporate/4.0/x86_64/lib64clamav2-0.91.1-0.1.20060mlcs4.x86_64.rpm
 f4735af15e3e15bc26bc188743c3856e 
 corporate/4.0/x86_64/lib64clamav2-devel-0.91.1-0.1.20060mlcs4.x86_64.rpm 
 3e04440a073f6c606289c90280cf3c7c 
 corporate/4.0/SRPMS/clamav-0.91.1-0.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGp7IGmqjQ0CJFipgRAhriAKC+4jhYAgFtzMrinpv0xgx9iGYYFgCdFSQW
TQG7/bzoIJGeWikzMQr+KsA=
=kAPB
-----END PGP SIGNATURE-----


------------=_1185406944-7034-162
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1185406944-7034-162--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung