drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in ClamAV
| Name: |
Mehrere Probleme in ClamAV |
|
| ID: |
USN-1031-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 10.10 |
|
| Datum: |
Fr, 10. Dezember 2010, 08:46 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4261
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4479 |
|
| Applikationen: |
Clam Antivirus |
|
Originalnachricht |
--===============3593155977178194999==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="zS7rBR6csb6tI2e1"
Content-Disposition: inline
--zS7rBR6csb6tI2e1
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
===========================================================
Ubuntu Security Notice USN-1031-1 December 10, 2010
clamav vulnerabilities
CVE-2010-4260, CVE-2010-4261, CVE-2010-4479
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 10.04 LTS
Ubuntu 10.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 10.04 LTS:
libclamav6 0.96.3+dfsg-2ubuntu1.0.10.04.2
Ubuntu 10.10:
libclamav6 0.96.3+dfsg-2ubuntu1.2
In general, a standard system update will make all the necessary changes.
Details follow:
Arkadiusz Miskiewicz and others discovered that the PDF processing
code in libclamav improperly validated input. This could allow a
remote attacker to craft a PDF document that could crash clamav or
possibly execute arbitrary code. (CVE-2010-4260, CVE-2010-4479)
It was discovered that an off-by-one error in the icon_cb function
in pe_icons.c in libclamav could allow an attacker to corrupt
memory, causing clamav to crash or possibly execute arbitrary code.
(CVE-2010-4261)
In the default installation, attackers would be isolated by the
clamav AppArmor profile.
Updated packages for Ubuntu 10.04 LTS:
Source archives:
clamav_0.96.3+dfsg-2ubuntu1.0.10.04.2.diff.gz
Size/MD5: 284066 72a7c4ff80f395c5dc8e4e7acd6fcd39
clamav_0.96.3+dfsg-2ubuntu1.0.10.04.2.dsc
Size/MD5: 2323 d1d47147356bfaf610c993b8a9ed0530
clamav_0.96.3+dfsg.orig.tar.gz
Size/MD5: 40572329 730c1af9badcee2bce4bbaf1cf8ea20a
Architecture independent packages:
clamav-base_0.96.3+dfsg-2ubuntu1.0.10.04.2_all.deb
Size/MD5: 297088 745b7132479daa4dbdc5ca6cc023e0b2
clamav-docs_0.96.3+dfsg-2ubuntu1.0.10.04.2_all.deb
Size/MD5: 1295426 b03dae836f5cdf461c3a5f6a98a7363f
clamav-testfiles_0.96.3+dfsg-2ubuntu1.0.10.04.2_all.deb
Size/MD5: 5257088 aa5604ebd0f1e4646ce5d9e056513d11
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
clamav-daemon_0.96.3+dfsg-2ubuntu1.0.10.04.2_amd64.deb
Size/MD5: 424096 28c2f45042aafbf487e59ce679327bb3
clamav-dbg_0.96.3+dfsg-2ubuntu1.0.10.04.2_amd64.deb
Size/MD5: 22343058 abe9dff9f24f9f9b6b9f9faf5be2936b
clamav-freshclam_0.96.3+dfsg-2ubuntu1.0.10.04.2_amd64.deb
Size/MD5: 313300 e88ecbee6c0f900b5854b2c1ca9b0771
clamav_0.96.3+dfsg-2ubuntu1.0.10.04.2_amd64.deb
Size/MD5: 335490 6d0081c84e0f46ee73bbf452309c03a3
libclamav-dev_0.96.3+dfsg-2ubuntu1.0.10.04.2_amd64.deb
Size/MD5: 217914 11b54c1f926069a93149ce28b7cf5325
libclamav6_0.96.3+dfsg-2ubuntu1.0.10.04.2_amd64.deb
Size/MD5: 3898290 0bd7e669232378b4b83a8bfdd0c8d716
clamav-milter_0.96.3+dfsg-2ubuntu1.0.10.04.2_amd64.deb
Size/MD5: 345108 843a766d2909777cc88ccbf03468a6fa
i386 architecture (x86 compatible Intel/AMD):
clamav-daemon_0.96.3+dfsg-2ubuntu1.0.10.04.2_i386.deb
Size/MD5: 410854 416f5d73612e5d37fbb904bb80dffb49
clamav-dbg_0.96.3+dfsg-2ubuntu1.0.10.04.2_i386.deb
Size/MD5: 22043342 aa53f5f25b3a28b22315e17544bd7a6d
clamav-freshclam_0.96.3+dfsg-2ubuntu1.0.10.04.2_i386.deb
Size/MD5: 308344 d090653db3483820420e465513b7d858
clamav_0.96.3+dfsg-2ubuntu1.0.10.04.2_i386.deb
Size/MD5: 327348 4cdcc06e3cfb9c241c7d6f560963116b
libclamav-dev_0.96.3+dfsg-2ubuntu1.0.10.04.2_i386.deb
Size/MD5: 218084 752cc79037d5f08df096c528bc7eb8b6
libclamav6_0.96.3+dfsg-2ubuntu1.0.10.04.2_i386.deb
Size/MD5: 3751526 c6dc2280d050c37f1f82ce62ba612cac
clamav-milter_0.96.3+dfsg-2ubuntu1.0.10.04.2_i386.deb
Size/MD5: 338432 7156843fc6e5b7087d1fba58177ee81f
armel architecture (ARM Architecture):
clamav-daemon_0.96.3+dfsg-2ubuntu1.0.10.04.2_armel.deb
Size/MD5: 406882 b19ca9fc2963a4fe76940587ca7f8442
clamav-dbg_0.96.3+dfsg-2ubuntu1.0.10.04.2_armel.deb
Size/MD5: 1495938 235245876f8a1fd659ad3696e0b8cff0
clamav-freshclam_0.96.3+dfsg-2ubuntu1.0.10.04.2_armel.deb
Size/MD5: 309068 4901391a555ca3b99facd67598e3ef63
clamav_0.96.3+dfsg-2ubuntu1.0.10.04.2_armel.deb
Size/MD5: 325884 8a8c68c7bef2a417c05140649aabb9e7
libclamav-dev_0.96.3+dfsg-2ubuntu1.0.10.04.2_armel.deb
Size/MD5: 217988 af08d9ccb28d785bd3067cee79f2d342
libclamav6_0.96.3+dfsg-2ubuntu1.0.10.04.2_armel.deb
Size/MD5: 692904 0a11d55c4b11b7c4b6fde5b7ae283f96
clamav-milter_0.96.3+dfsg-2ubuntu1.0.10.04.2_armel.deb
Size/MD5: 338696 3956ef9d6b6a60777ac474f39594f5b7
powerpc architecture (Apple Macintosh G3/G4/G5):
clamav-daemon_0.96.3+dfsg-2ubuntu1.0.10.04.2_powerpc.deb
Size/MD5: 424978 52b56412f9313f830a49e6730f7bb4f1
clamav-dbg_0.96.3+dfsg-2ubuntu1.0.10.04.2_powerpc.deb
Size/MD5: 21946304 dadb3d6e3edd3d878c23043e0b3584d8
clamav-freshclam_0.96.3+dfsg-2ubuntu1.0.10.04.2_powerpc.deb
Size/MD5: 312588 525bf79e6f80fa681de6e53a177fe4c8
clamav_0.96.3+dfsg-2ubuntu1.0.10.04.2_powerpc.deb
Size/MD5: 332978 b5e3e48ab070066931c15f0f9843b71c
libclamav-dev_0.96.3+dfsg-2ubuntu1.0.10.04.2_powerpc.deb
Size/MD5: 217914 7dd955a186cb8879aa479dd624b9f83a
libclamav6_0.96.3+dfsg-2ubuntu1.0.10.04.2_powerpc.deb
Size/MD5: 3694500 19f57c2f9c3330de8403f95ed26bd89a
clamav-milter_0.96.3+dfsg-2ubuntu1.0.10.04.2_powerpc.deb
Size/MD5: 346032 4dcf3621752746f0683e88cfae681f98
sparc architecture (Sun SPARC/UltraSPARC):
clamav-daemon_0.96.3+dfsg-2ubuntu1.0.10.04.2_sparc.deb
Size/MD5: 417504 47562db771ffce66d1e33b023815529b
clamav-dbg_0.96.3+dfsg-2ubuntu1.0.10.04.2_sparc.deb
Size/MD5: 1521812 7e2834b60264a9944b54182dd66d2644
clamav-freshclam_0.96.3+dfsg-2ubuntu1.0.10.04.2_sparc.deb
Size/MD5: 310268 09362fd78f8dd8aa40bf8d638f7e953c
clamav_0.96.3+dfsg-2ubuntu1.0.10.04.2_sparc.deb
Size/MD5: 330544 243c260c46b4786b22a831feca6c22a6
libclamav-dev_0.96.3+dfsg-2ubuntu1.0.10.04.2_sparc.deb
Size/MD5: 217912 140f98988be6715168cf7f5422ab6f76
libclamav6_0.96.3+dfsg-2ubuntu1.0.10.04.2_sparc.deb
Size/MD5: 772802 dd43c6b2029227a726eb3f5ab90e944a
clamav-milter_0.96.3+dfsg-2ubuntu1.0.10.04.2_sparc.deb
Size/MD5: 343194 6e4b332cb4162cd29895a4b5171d2abd
Updated packages for Ubuntu 10.10:
Source archives:
clamav_0.96.3+dfsg-2ubuntu1.2.diff.gz
Size/MD5: 291139 9ce8ad8427f113d6e329a3c3812d68c0
clamav_0.96.3+dfsg-2ubuntu1.2.dsc
Size/MD5: 2291 337c8ca91f8956bb01144d4bf3f13609
clamav_0.96.3+dfsg.orig.tar.gz
Size/MD5: 40572329 730c1af9badcee2bce4bbaf1cf8ea20a
Architecture independent packages:
clamav-base_0.96.3+dfsg-2ubuntu1.2_all.deb
Size/MD5: 299354 0702fd8ea1c31955e8fc797ae87c46b2
clamav-docs_0.96.3+dfsg-2ubuntu1.2_all.deb
Size/MD5: 1288682 882a0315fe510542baab00e77d557a78
clamav-testfiles_0.96.3+dfsg-2ubuntu1.2_all.deb
Size/MD5: 5257128 6e78e746dcee221c2e95bc4dfa05f362
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
clamav-daemon_0.96.3+dfsg-2ubuntu1.2_amd64.deb
Size/MD5: 423112 f64bda3984cd1f8b760f5da57d3bca92
clamav-dbg_0.96.3+dfsg-2ubuntu1.2_amd64.deb
Size/MD5: 22417984 963e7c2edb60496ca072725e539e5b41
clamav-freshclam_0.96.3+dfsg-2ubuntu1.2_amd64.deb
Size/MD5: 311226 0a361a85a35b6650d00fbe84c5a7580a
clamav_0.96.3+dfsg-2ubuntu1.2_amd64.deb
Size/MD5: 334098 32f9b98511150530ad007a7c93c40386
libclamav-dev_0.96.3+dfsg-2ubuntu1.2_amd64.deb
Size/MD5: 217926 e1c3ab677049300717250e3908666cd1
libclamav6_0.96.3+dfsg-2ubuntu1.2_amd64.deb
Size/MD5: 3922972 35138e4e10a58348be364e5b19ea5df9
clamav-milter_0.96.3+dfsg-2ubuntu1.2_amd64.deb
Size/MD5: 342886 de12b75256683c846f2919c696c71887
i386 architecture (x86 compatible Intel/AMD):
clamav-daemon_0.96.3+dfsg-2ubuntu1.2_i386.deb
Size/MD5: 410320 a7060679083c339a102a767ed2a3d9f7
clamav-dbg_0.96.3+dfsg-2ubuntu1.2_i386.deb
Size/MD5: 21960252 d96e86f0a3d8cddd55cfc3bea3ef3daf
clamav-freshclam_0.96.3+dfsg-2ubuntu1.2_i386.deb
Size/MD5: 310040 a482134aedc49b9a7eff0186fb6035cd
clamav_0.96.3+dfsg-2ubuntu1.2_i386.deb
Size/MD5: 327554 f969082370c05ca79fcaf44062adebee
libclamav-dev_0.96.3+dfsg-2ubuntu1.2_i386.deb
Size/MD5: 217872 8f719985193939a25b03473bfbbcb952
libclamav6_0.96.3+dfsg-2ubuntu1.2_i386.deb
Size/MD5: 3725056 58b1925563125ea7eddb29731d27374a
clamav-milter_0.96.3+dfsg-2ubuntu1.2_i386.deb
Size/MD5: 340596 10c0a5c04be3d339c5301df687cb7487
armel architecture (ARM Architecture):
clamav-daemon_0.96.3+dfsg-2ubuntu1.2_armel.deb
Size/MD5: 416402 e22a834a33f2d363598865896256c192
clamav-dbg_0.96.3+dfsg-2ubuntu1.2_armel.deb
Size/MD5: 1530710 01fd1a616c74c7612913b3cc8a875395
clamav-freshclam_0.96.3+dfsg-2ubuntu1.2_armel.deb
Size/MD5: 308092 4a743b08c9a1c8ad4ec79a6455334486
clamav_0.96.3+dfsg-2ubuntu1.2_armel.deb
Size/MD5: 328372 0ca2551f95b67a8af4c285e36b1efc50
libclamav-dev_0.96.3+dfsg-2ubuntu1.2_armel.deb
Size/MD5: 217954 db4b7c26334bc6f9a48af201f3c8ce53
libclamav6_0.96.3+dfsg-2ubuntu1.2_armel.deb
Size/MD5: 762684 87f79650eea51f5bca7953b4108f44c7
clamav-milter_0.96.3+dfsg-2ubuntu1.2_armel.deb
Size/MD5: 341370 f941f44011e8220f1a1369e575ca8511
powerpc architecture (Apple Macintosh G3/G4/G5):
clamav-daemon_0.96.3+dfsg-2ubuntu1.2_powerpc.deb
Size/MD5: 423734 a3cba413ddba7c8c869ef1052695d72f
clamav-dbg_0.96.3+dfsg-2ubuntu1.2_powerpc.deb
Size/MD5: 21943056 c945d37dfdc2f90cfdd3afa9e13770ff
clamav-freshclam_0.96.3+dfsg-2ubuntu1.2_powerpc.deb
Size/MD5: 312116 f75d13c70a666b6c50c94f11d8fc5fc7
clamav_0.96.3+dfsg-2ubuntu1.2_powerpc.deb
Size/MD5: 332152 9875d25fd10e30aa1caa97274fc6490c
libclamav-dev_0.96.3+dfsg-2ubuntu1.2_powerpc.deb
Size/MD5: 217878 dd01a33de40da567649a02f9bee20135
libclamav6_0.96.3+dfsg-2ubuntu1.2_powerpc.deb
Size/MD5: 3689510 ff8cd6d3eb28b66036db5ada5629cd7e
clamav-milter_0.96.3+dfsg-2ubuntu1.2_powerpc.deb
Size/MD5: 345698 af4e9a8d36665dce94083e6c499ffdb3
--zS7rBR6csb6tI2e1
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBCgAGBQJNAYWyAAoJEC8Jno0AXoH0/M4P/jMEFvhffu+H6QU9IG/fiEpJ
70HZMHv2zYGVEJKqxPjyHOAN0KqtDFjSS1ufVC3sOuS5UURQ8Kjq1ACLorP7ViGe
8R6FJ3drB5DsVBE1Sge68qeMIFPU5cYWlersGve29Z18jvJ5dqZlndZ6pwsIHW/2
oJAcNoXDLP3XYlF7Oype/jdOqABnHlv/fn+3GPOcq0ZCpun4YWBHalMe7w857zca
cY6fcqoIoRYHAYk1YFBoeUAFal32NgoVYfIIpc1D6WpKaWkIYcnI64OiGE+lc6q3
SZg+7eDufzaytTTFRDldlXKcBa2D0ynNff9S4edIVKt3odvoq3Wx1oVPL48mYfWA
EI1bZF34cRPk7INFdQfKI2tyrcvuV9zi/rz7SV3Xa00kuRTaKszmPposGgAlL7+z
qhFlS+Hj4pu6qqczdKpzMei41kubceHuM6kiOX/Plf2nnl5+QxA5uUoK1Qmrut9F
29vDvZDs3hpGvrVi+Gxl1HISjS0Y+HCb0p88Vcd4QofxouVrTe493LzBcIvtmsQ2
eeoC+4Ab7ZWJ325Ky2RJCKlev3GziGu822cswALvCeXi0N6zlzR4ZWYQRy0y+Coj
m6Lp3tRGJCu0cNUpebKIJ8reB1p8nS+YvLyNSsAi1MfCGKbHwoK0UqNcUxhOBTHx
3CVWNOyAbRX5ZiEJI9m0
=NPAj
-----END PGP SIGNATURE-----
--zS7rBR6csb6tI2e1--
--===============3593155977178194999==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============3593155977178194999==--
|
|
|
|
