Login
Newsletter
Werbung
Sicherheit: Pufferüberlauf in clamav
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in clamav
ID: MDVSA-2008:229
Distribution: Mandriva
Plattformen: Mandriva Corporate 3.0, Mandriva Corporate 4.0, Mandriva 2008.0, Mandriva 2008.1, Mandriva 2009.0
Datum: Fr, 14. November 2008, 22:50
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5050
Applikationen: Clam Antivirus

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1226699414-14940-3221


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2008:229
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : clamav
 Date    : November 14, 2008
 Affected: 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________

 Problem Description:

 An off-by-one error was found in ClamAV versions prior to 0.94.1 that
 could allow remote attackers to cause a denial of service or possibly
 execute arbitrary code via a crafted VBA project file (CVE-2008-5050).
 
 Other bugs have also been corrected in 0.94.1 which is being provided
 with this update.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5050
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 4a120c7624cd31abdef8406545e30910 
 2008.0/i586/clamav-0.94.1-2.1mdv2008.0.i586.rpm
 4f612c8fc5080e892130cf2aa30e51a2 
 2008.0/i586/clamav-db-0.94.1-2.1mdv2008.0.i586.rpm
 1044a1caf1d247fe25deddb22a603597 
 2008.0/i586/clamd-0.94.1-2.1mdv2008.0.i586.rpm
 bd02ba446db1634c1945c3fd41a3cf89 
 2008.0/i586/libclamav5-0.94.1-2.1mdv2008.0.i586.rpm
 6bbd77167ef0a624a4d275c4ee5aab63 
 2008.0/i586/libclamav-devel-0.94.1-2.1mdv2008.0.i586.rpm 
 0dde713543b21f5ca52c4d58383ecaf3 
 2008.0/SRPMS/clamav-0.94.1-2.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 a2f94de161f6038ac0d003afc4ecb45e 
 2008.0/x86_64/clamav-0.94.1-2.1mdv2008.0.x86_64.rpm
 458891795f311e5fe9a9572acdc4fad5 
 2008.0/x86_64/clamav-db-0.94.1-2.1mdv2008.0.x86_64.rpm
 b98de6d8e521716d5098629c4b4bff95 
 2008.0/x86_64/clamd-0.94.1-2.1mdv2008.0.x86_64.rpm
 886066f300513623cecd727db5da9c33 
 2008.0/x86_64/lib64clamav5-0.94.1-2.1mdv2008.0.x86_64.rpm
 3de51e959737c3a0982bf705af4fbec1 
 2008.0/x86_64/lib64clamav-devel-0.94.1-2.1mdv2008.0.x86_64.rpm 
 0dde713543b21f5ca52c4d58383ecaf3 
 2008.0/SRPMS/clamav-0.94.1-2.1mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 3ed90df7ea9d02f7ff232eb7529f8ba6 
 2008.1/i586/clamav-0.94.1-2mdv2008.1.i586.rpm
 bc3234eca85d90fad74aedcf9d08d6f9 
 2008.1/i586/clamav-db-0.94.1-2mdv2008.1.i586.rpm
 b5936ac8b57b0260b57fa3da2b4a813c  2008.1/i586/clamd-0.94.1-2mdv2008.1.i586.rpm
 241e648dc995c03cc62a101cf00f2632 
 2008.1/i586/libclamav5-0.94.1-2mdv2008.1.i586.rpm
 3570a761d50b6d6cf034f9c8c5333e33 
 2008.1/i586/libclamav-devel-0.94.1-2mdv2008.1.i586.rpm 
 6c34e5fd82d33489eec50c08666a9285 
 2008.1/SRPMS/clamav-0.94.1-2mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 bda76080176f91cb58db40227aad8c61 
 2008.1/x86_64/clamav-0.94.1-2mdv2008.1.x86_64.rpm
 dd9050e863bfe2455831180e90fd4928 
 2008.1/x86_64/clamav-db-0.94.1-2mdv2008.1.x86_64.rpm
 dbd0cbdf2bcf8a3a1d8788749a977a62 
 2008.1/x86_64/clamd-0.94.1-2mdv2008.1.x86_64.rpm
 918367efa9d6da46851bdb9a2b50a719 
 2008.1/x86_64/lib64clamav5-0.94.1-2mdv2008.1.x86_64.rpm
 e708a11bf4df78af44022b245ef0a1d0 
 2008.1/x86_64/lib64clamav-devel-0.94.1-2mdv2008.1.x86_64.rpm 
 6c34e5fd82d33489eec50c08666a9285 
 2008.1/SRPMS/clamav-0.94.1-2mdv2008.1.src.rpm

 Mandriva Linux 2009.0:
 0f778e49185ed0c79196a556ad610fb4 
 2009.0/i586/clamav-0.94.1-2mdv2009.0.i586.rpm
 036d1122a7278cca7e72659fcae305f8 
 2009.0/i586/clamav-db-0.94.1-2mdv2009.0.i586.rpm
 f232743d8963dfc84dfff8941970b147  2009.0/i586/clamd-0.94.1-2mdv2009.0.i586.rpm
 f44183b1c32fd70418735a8251498ed8 
 2009.0/i586/libclamav5-0.94.1-2mdv2009.0.i586.rpm
 344b38ebe0c65e6d6abaab3706e7c2d6 
 2009.0/i586/libclamav-devel-0.94.1-2mdv2009.0.i586.rpm 
 0558907f32571f4ba2820353c01b95cf 
 2009.0/SRPMS/clamav-0.94.1-2mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 1e7408051f4aacc418f8f6be9943f4e6 
 2009.0/x86_64/clamav-0.94.1-2mdv2009.0.x86_64.rpm
 07114ef73bda272c2f3ba3694250dcb5 
 2009.0/x86_64/clamav-db-0.94.1-2mdv2009.0.x86_64.rpm
 097d65cfa28451572df549a8f6035d7b 
 2009.0/x86_64/clamd-0.94.1-2mdv2009.0.x86_64.rpm
 a6414357665c15a5ba457745fcc5198d 
 2009.0/x86_64/lib64clamav5-0.94.1-2mdv2009.0.x86_64.rpm
 1f3462333c4382bec424711706943641 
 2009.0/x86_64/lib64clamav-devel-0.94.1-2mdv2009.0.x86_64.rpm 
 0558907f32571f4ba2820353c01b95cf 
 2009.0/SRPMS/clamav-0.94.1-2mdv2009.0.src.rpm

 Corporate 3.0:
 6a4bc1edc194b63ac516342c9a8fd662 
 corporate/3.0/i586/clamav-0.94.1-1.1.C30mdk.i586.rpm
 73a6316315af4df3bfcd9ab3013e7d38 
 corporate/3.0/i586/clamav-db-0.94.1-1.1.C30mdk.i586.rpm
 dac04c7ef47d707ed6d6f1a93ed771e5 
 corporate/3.0/i586/clamd-0.94.1-1.1.C30mdk.i586.rpm
 f27a634805c01f4b630c6e54de41cea6 
 corporate/3.0/i586/libclamav5-0.94.1-1.1.C30mdk.i586.rpm
 be4c0ab9842a4ca264b19f2cd457c825 
 corporate/3.0/i586/libclamav-devel-0.94.1-1.1.C30mdk.i586.rpm 
 adddb2c28c6336400adde155122fdeb5 
 corporate/3.0/SRPMS/clamav-0.94.1-1.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 553fca8ee2b24b098ffe7a69ebf6f7d1 
 corporate/3.0/x86_64/clamav-0.94.1-1.1.C30mdk.x86_64.rpm
 29d4426e96a6d6b17b2c33761578b86d 
 corporate/3.0/x86_64/clamav-db-0.94.1-1.1.C30mdk.x86_64.rpm
 65ec3b8aec99fcd5e38664862d2279ba 
 corporate/3.0/x86_64/clamd-0.94.1-1.1.C30mdk.x86_64.rpm
 d8bdcd787cf07bdf0899e9cc178bf012 
 corporate/3.0/x86_64/lib64clamav5-0.94.1-1.1.C30mdk.x86_64.rpm
 2c575bc6d82897ae866e2031c3729d99 
 corporate/3.0/x86_64/lib64clamav-devel-0.94.1-1.1.C30mdk.x86_64.rpm 
 adddb2c28c6336400adde155122fdeb5 
 corporate/3.0/SRPMS/clamav-0.94.1-1.1.C30mdk.src.rpm

 Corporate 4.0:
 7462d619f941c799bc58448b13122271 
 corporate/4.0/i586/clamav-0.94.1-1.1.20060mlcs4.i586.rpm
 7c69f00769c6f285e42a9bae29745758 
 corporate/4.0/i586/clamav-db-0.94.1-1.1.20060mlcs4.i586.rpm
 27991558a673913188cf8d968d1b594b 
 corporate/4.0/i586/clamd-0.94.1-1.1.20060mlcs4.i586.rpm
 e32cc6209d42050be9b87eb9e7b50cc6 
 corporate/4.0/i586/libclamav5-0.94.1-1.1.20060mlcs4.i586.rpm
 43a820ed215d1bc3f55c91c9a35668ac 
 corporate/4.0/i586/libclamav-devel-0.94.1-1.1.20060mlcs4.i586.rpm 
 c8c748cb4ff626c87ec4ec620873516b 
 corporate/4.0/SRPMS/clamav-0.94.1-1.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 acfcee4b7b662b20cbb7339c6874ff4a 
 corporate/4.0/x86_64/clamav-0.94.1-1.1.20060mlcs4.x86_64.rpm
 e92cb46b6d371f73eff43b476dcd54f4 
 corporate/4.0/x86_64/clamav-db-0.94.1-1.1.20060mlcs4.x86_64.rpm
 ec10430998e66eb4480b57d2fb6498cb 
 corporate/4.0/x86_64/clamd-0.94.1-1.1.20060mlcs4.x86_64.rpm
 fdf5c8befc3d9d1998374f50cb5422e2 
 corporate/4.0/x86_64/lib64clamav5-0.94.1-1.1.20060mlcs4.x86_64.rpm
 e8c7a76407422da2d981c78ceb08d025 
 corporate/4.0/x86_64/lib64clamav-devel-0.94.1-1.1.20060mlcs4.x86_64.rpm 
 c8c748cb4ff626c87ec4ec620873516b 
 corporate/4.0/SRPMS/clamav-0.94.1-1.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJHcTemqjQ0CJFipgRAlpVAJ0b6pm8UdqWIdKxPfFjTf5TWFsW1wCfdjSr
OpG3ud3BqpP/lBGsycPNuWY=
=AY8S
-----END PGP SIGNATURE-----


------------=_1226699414-14940-3221
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1226699414-14940-3221--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung