Denial of Service in ClamAV (Aktualisierung)
ID: | USN-4280-2 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 12.04 ESM, Ubuntu 14.04 ESM |
Datum: | Di, 18. Februar 2020, 19:01 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3123 |
Applikationen: | Clam Antivirus |
Update von: | Denial of Service in ClamAV |
Originalnachricht |
|
--===============1872695503145974258== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="VrqPEDrXMn8OVzN4" Content-Disposition: inline --VrqPEDrXMn8OVzN4 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline ========================================================================== Ubuntu Security Notice USN-4280-2 February 18, 2020 clamav vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: ClamAV could be made to crash if it opened a specially crafted file. Software Description: - clamav: Anti-virus utility for Unix Details: USN-4280-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled memory when the Data-Loss-Prevention (DLP) feature was enabled. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: clamav 0.102.2+dfsg-0ubuntu0.14.04.1+esm1 Ubuntu 12.04 ESM: clamav 0.102.2+dfsg-0ubuntu0.12.04.1 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary References: https://usn.ubuntu.com/4280-2 https://usn.ubuntu.com/4280-1 CVE-2020-3123 --VrqPEDrXMn8OVzN4 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl5MChYACgkQRbznW4QL H2msjw/9HN2cHbWFytCW+vbz3R1F3TmcT4T9WTFDcj+4mMEVv52NTQtiPonDJKVq Y8ydzg4SLJJoBBm3COMq8/S23aRXEVg+/x7GGNLMlGZu/a6JG24EItWhyA93zVv1 Uvywh/Fr/DbJ72kTMWhsZwwphvPHNOVLr8W92Z7FLw4l5clbUy5HAMFJMpcd3LnZ XxRa6ijUwlQYN5pJFaicNTr0L0wkWerLIrxJx8k4F8NwYIp5vS0bZiyYr0pth3em PxWrtsjPMtWXZ0VoBxfRpYADsNfhDnlp+WyU42Ikhy/2N7mLG41qetNNUoMZ5tN/ ekolM0mJn9lp4nDdt3CIQWwxyi6WavegEWzp+/toJFlTwOrQVv50mCMZbXfzN3aj Pcwf8yFbV1RfVvDPwUiMHsJ/UIWSfsKh946XUOhHaB59Ji0c/WmklgZTc3oKi+NG 5Gog6nNwkfoTF4aFf1DVk96bToamCKFrS86LaZxgYorMRiTkdjcMXoctiCJiCOrL FXiE3c0LxdKMl+FLdipWXFlrppHiPVnWFY+PFXaIY8IGGcgZsb5ER5mlHC0noQvm +wrc5Fv29XhIAzCGeBRxDIH1//ooMWOyPqQHY2Bf7t0puygV2iGUqhAeazy3MPDa sn1PRZ1CodUs01HcaOEIFBvxocr1KtXo3srcVf/ukj533kCO/3k= =Dl0N -----END PGP SIGNATURE----- --VrqPEDrXMn8OVzN4-- --===============1872695503145974258== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce |