Login
Newsletter
Werbung

Sicherheit: Denial of Service in ClamAV (Aktualisierung)
Aktuelle Meldungen Distributionen
Name: Denial of Service in ClamAV (Aktualisierung)
ID: USN-4230-2
Distribution: Ubuntu
Plattformen: Ubuntu 12.04 ESM, Ubuntu 14.04 ESM
Datum: Do, 23. Januar 2020, 22:39
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15961
Applikationen: Clam Antivirus
Update von: Denial of Service in ClamAV

Originalnachricht


--===============6323948033192765743==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="ABTtc+pdwF7KHXCz"
Content-Disposition: inline


--ABTtc+pdwF7KHXCz
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-4230-2
January 23, 2020

clamav vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM

Summary:

ClamAV could be made to crash if it opened a specially crafted file.

Software Description:
- clamav: Anti-virus utility for Unix

Details:

USN-4230-1 fixed a vulnerability in ClamAV. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that ClamAV incorrectly handled certain MIME messages. A
remote attacker could possibly use this issue to cause ClamAV to crash,
resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
clamav 0.102.1+dfsg-0ubuntu0.14.04.1+esm1

Ubuntu 12.04 ESM:
clamav 0.102.1+dfsg-0ubuntu0.12.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/4230-2
https://usn.ubuntu.com/4230-1
CVE-2019-15961

--ABTtc+pdwF7KHXCz
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl4p7iMACgkQRbznW4QL
H2mZkA/9Eli3ptuya54wKw9P8mzoKH89yHWnvKMK6KNTw0Zt/yV0OqXaB79cOmEe
0RRnevFCvY0Yt1WdwrWQRLZJeFMCqfFaqy4/RJ3ItuR1OGQ4mhDfKH6VgM4j0BWY
PK0EKmhPFmyHdTJltQejIW3GbT01EfRJlXrLY27c2ax12ym4Ossa6hzphsOLfixz
THqi++veGnFiZIOeNGfp1Dr9Wb9vCZA2U1zeQPPNCAgVpD2GGQWrWlfO0tYhxMmd
0oAgRoZAlk6HzTu9WXpCboPTuEy/wq2pIvTno5k/XlxFQuYp6cFo+Ysxhl8h01so
wU01JgkM5ds+zQcUJzVgAWSjiVaEnyLuOFHyL7HSSjqqEBkkGuMoviAuBM1pHR1Z
chKBR9fIqZs8sCXH2HMjm0GO5MWuDfUj1SFeJMRNE8Dgrc6RfdZizzvgVIEzlfZe
z/IRAO8j+uGDXgEEnjYKdGaxhi4c8xrAHj7aDoO0FU/+LxcfqjpiX0gOgeTG4y6D
DXHxkCPIzF8G/bacu0jLBAWwnQ5KEiiywqI7pR0l7Y5eXDvajYSybvecSY8gYRho
YXc93dslkxXbd0qFus8u8o8nBk+lRXqZKSd4VMqJu6pOOd2zNIy0VoQMDby1dQXo
TKCfsxWrDa1l3iqDMTlq9sJ0X5CnIT2IToQYDwC5IyEYgAgKz2M=
=iF0R
-----END PGP SIGNATURE-----

--ABTtc+pdwF7KHXCz--


--===============6323948033192765743==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Pro-Linux
Pro-Linux @Twitter
Neue Nachrichten
Werbung