Login
Newsletter
Werbung

Sicherheit: Zwei Probleme in ClamAV (Aktualisierung)
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in ClamAV (Aktualisierung)
ID: USN-3722-4
Distribution: Ubuntu
Plattformen: Ubuntu 12.04 ESM
Datum: Fr, 27. Juli 2018, 00:22
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0361
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0360
Applikationen: Clam Antivirus
Update von: Zwei Probleme in ClamAV

Originalnachricht


--===============2344191546124038672==
Content-Type: multipart/signed; micalg="pgp-sha256";
protocol="application/pgp-signature";
boundary="=-ByuJ25knzW1q8ClzR6nE"


--=-ByuJ25knzW1q8ClzR6nE
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-3722-4
July 26, 2018

clamav regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

USN-3722-1 introduced a regression in ClamAV.

Software Description:
- clamav: Anti-virus utility for Unix

Details:

USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version
removed some configuration options which caused the daemon to fail to
start in environments where the ClamAV configuration file was manually
edited. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that ClamAV incorrectly handled parsing certain HWP
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0360)

It was discovered that ClamAV incorrectly handled parsing certain PDF
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0361)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
clamav 0.100.1+dfsg-1ubuntu0.12.04.2

In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/usn/usn-3722-4
https://usn.ubuntu.com/usn/usn-3722-1
https://launchpad.net/bugs/1783632
--=-ByuJ25knzW1q8ClzR6nE
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAABCAAGBQJbWgzaAAoJEEW851uECx9pzH0P/jnzux7nIG0afHIaG60G3akl
eGAjQd0Q8Ek1vRN4g6+Ugj15aNCdREpVwC7La+/uqRsltBd/2SVOq3OG+9ARq7lD
77/9UyzfAuJfrA3bHnbusQ8XN7ITbaa3Hv+qELf/KFGq8xmd7joi7AAfdQmVPVpP
f1yDvL7tNy1zmtP60ooQ8yvmKQtNimAwBgwEjsFYMOH7w51SFsWNO/SSYq46ejJ2
nZS+4/ZEIrcF9IP7ziSozB9XoChkTlRBRwgLcqX3k1nrF0QEftchgXopBQsT/+Sy
nvOIix8ioWE9FWpNuf+3E/PUILiz7UtKW/kBxIGpgimMvnlXBSyc5fxQWrfGjOPS
jn3EM8P6Z1ew/bCWrYZAIwcF6Yw+C0Amh8g0LubJ+3CLmiLEjH6N9srVfGdGN1oB
vYGAW4yEZ6Z5tTMFmCxNA9cblhOIw3bgRc2dbCuszw98PqbQaNLJSDR6cPzR5phF
dmaezEBzYUj6jlDnQNdXmOkD5RUu43ADVIeiLI2hFWngvoNUCvcCzu84Rk1AiNZH
PQ1wISccsZz3a2+890ddzP679URwgtx/5TLT2t3NOOc4R16G979ZahUVgmxtDe1y
9FojOINNWHrX+yJl5wo41Zuts6XL3e+PElBc0hJhz/498rgdEPejRAiciQbhTXSH
QpU/IMtE7f6lQ11/m7UO
=SBiE
-----END PGP SIGNATURE-----

--=-ByuJ25knzW1q8ClzR6nE--



--===============2344191546124038672==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK

--===============2344191546124038672==--
Pro-Linux
Unterstützer werden
Neue Nachrichten
Werbung