drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in ClamAV (Aktualisierung)
Name: |
Zwei Probleme in ClamAV (Aktualisierung) |
|
ID: |
USN-3722-4 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 ESM |
|
Datum: |
Fr, 27. Juli 2018, 00:22 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0361
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0360 |
|
Applikationen: |
Clam Antivirus |
|
Update von: |
Zwei Probleme in ClamAV |
|
Originalnachricht |
--===============2344191546124038672== Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-ByuJ25knzW1q8ClzR6nE"
--=-ByuJ25knzW1q8ClzR6nE Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3722-4 July 26, 2018
clamav regression ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
USN-3722-1 introduced a regression in ClamAV.
Software Description: - clamav: Anti-virus utility for Unix
Details:
USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version removed some configuration options which caused the daemon to fail to start in environments where the ClamAV configuration file was manually edited. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that ClamAV incorrectly handled parsing certain HWP files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. (CVE-2018-0360)
It was discovered that ClamAV incorrectly handled parsing certain PDF files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. (CVE-2018-0361)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESM: clamav 0.100.1+dfsg-1ubuntu0.12.04.2
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3722-4 https://usn.ubuntu.com/usn/usn-3722-1 https://launchpad.net/bugs/1783632 --=-ByuJ25knzW1q8ClzR6nE Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAABCAAGBQJbWgzaAAoJEEW851uECx9pzH0P/jnzux7nIG0afHIaG60G3akl eGAjQd0Q8Ek1vRN4g6+Ugj15aNCdREpVwC7La+/uqRsltBd/2SVOq3OG+9ARq7lD 77/9UyzfAuJfrA3bHnbusQ8XN7ITbaa3Hv+qELf/KFGq8xmd7joi7AAfdQmVPVpP f1yDvL7tNy1zmtP60ooQ8yvmKQtNimAwBgwEjsFYMOH7w51SFsWNO/SSYq46ejJ2 nZS+4/ZEIrcF9IP7ziSozB9XoChkTlRBRwgLcqX3k1nrF0QEftchgXopBQsT/+Sy nvOIix8ioWE9FWpNuf+3E/PUILiz7UtKW/kBxIGpgimMvnlXBSyc5fxQWrfGjOPS jn3EM8P6Z1ew/bCWrYZAIwcF6Yw+C0Amh8g0LubJ+3CLmiLEjH6N9srVfGdGN1oB vYGAW4yEZ6Z5tTMFmCxNA9cblhOIw3bgRc2dbCuszw98PqbQaNLJSDR6cPzR5phF dmaezEBzYUj6jlDnQNdXmOkD5RUu43ADVIeiLI2hFWngvoNUCvcCzu84Rk1AiNZH PQ1wISccsZz3a2+890ddzP679URwgtx/5TLT2t3NOOc4R16G979ZahUVgmxtDe1y 9FojOINNWHrX+yJl5wo41Zuts6XL3e+PElBc0hJhz/498rgdEPejRAiciQbhTXSH QpU/IMtE7f6lQ11/m7UO =SBiE -----END PGP SIGNATURE-----
--=-ByuJ25knzW1q8ClzR6nE--
--===============2344191546124038672== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============2344191546124038672==--
|
|
|
|