Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in clamav
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in clamav
ID: MDVSA-2008:003
Distribution: Mandriva
Plattformen: Mandriva Corporate 3.0, Mandriva Corporate 4.0, Mandriva 2007.0, Mandriva 2007.1, Mandriva 2008.0
Datum: Mi, 9. Januar 2008, 08:21
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6335
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6336
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6337
Applikationen: Clam Antivirus

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1199863222-4794-8114


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDVSA-2008:003
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : clamav
 Date    : January 8, 2008
 Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 An integer overflow vulnerability was reported by iDefense with clamav
 when parsing Portable Executable (PE) files packed in he MEW format.
 This could be exploited to cause a heap-based buffer overflow
 (CVE-2007-6335).
 
 Toeroek Edwin reported an off-by-one error when decompressing MS-ZIP
 compressed CAB files (CVE-2007-6336).
 
 As well, an unspecified vulnerability related to the bzip2
 decompression algorithm was also discovered (CVE-2007-6337).
 
 Other bugs have also been corrected in 0.92 which is being provided
 with this update.  Because this new version has increased the major
 of the libclamav library, updated dependent packages are also being
 provided.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6335
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6336
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6337
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 fc1ed2d6d7e2fa61e004fd494422e22f 
 2007.0/i586/clamav-0.92-1.2mdv2007.0.i586.rpm
 0a7dfdfcdc80018d86f8bae73765eb92 
 2007.0/i586/clamav-db-0.92-1.2mdv2007.0.i586.rpm
 ab2486ddadf2802c9e78430abb4e58fb 
 2007.0/i586/clamav-milter-0.92-1.2mdv2007.0.i586.rpm
 d2194bbac627a8acafd970db80e20412  2007.0/i586/clamd-0.92-1.2mdv2007.0.i586.rpm
 399a07092d1d78854d632dbe9817d6a5 
 2007.0/i586/clamdmon-0.92-1.2mdv2007.0.i586.rpm
 47decdf9abd2202411c491e894c79929 
 2007.0/i586/klamav-0.41-1.2mdv2007.0.i586.rpm
 1d943cf9dee68ffa180a71d858a70380 
 2007.0/i586/libclamav-devel-0.92-1.2mdv2007.0.i586.rpm
 d989f8d8b42469a13a6d5fc2688bc9b2 
 2007.0/i586/libclamav3-0.92-1.2mdv2007.0.i586.rpm 
 62bfa2e660093513501a33789363d460 
 2007.0/SRPMS/clamav-0.92-1.2mdv2007.0.src.rpm
 55e28787b08fb04beff3116e7f8d6493 
 2007.0/SRPMS/klamav-0.41-1.2mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 95f5232dc3753516030e8535729ab255 
 2007.0/x86_64/clamav-0.92-1.2mdv2007.0.x86_64.rpm
 e7cebecea23dd203d52d179bf4d134cf 
 2007.0/x86_64/clamav-db-0.92-1.2mdv2007.0.x86_64.rpm
 ef628aa8fe5942d46aa744732506deed 
 2007.0/x86_64/clamav-milter-0.92-1.2mdv2007.0.x86_64.rpm
 183e54911edb0cc44973a8fd536637b0 
 2007.0/x86_64/clamd-0.92-1.2mdv2007.0.x86_64.rpm
 b4518d6bb8613c99a790fe7f38b137c8 
 2007.0/x86_64/clamdmon-0.92-1.2mdv2007.0.x86_64.rpm
 42f54d20f5532e816129b31cf60413a9 
 2007.0/x86_64/klamav-0.41-1.2mdv2007.0.x86_64.rpm
 a50b759ceb63183e37f5763b4d1bd717 
 2007.0/x86_64/lib64clamav-devel-0.92-1.2mdv2007.0.x86_64.rpm
 dafdf9a64ead071f9f04bdf2d4a58e6e 
 2007.0/x86_64/lib64clamav3-0.92-1.2mdv2007.0.x86_64.rpm 
 62bfa2e660093513501a33789363d460 
 2007.0/SRPMS/clamav-0.92-1.2mdv2007.0.src.rpm
 55e28787b08fb04beff3116e7f8d6493 
 2007.0/SRPMS/klamav-0.41-1.2mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 98d49b30e7a6b938af5aaef9a472a25c 
 2007.1/i586/clamav-0.92-1.2mdv2007.1.i586.rpm
 9bfdaad1a14b3565be36864193ce9840 
 2007.1/i586/clamav-db-0.92-1.2mdv2007.1.i586.rpm
 4ad6c52459606908986826259d17fa4e 
 2007.1/i586/clamav-milter-0.92-1.2mdv2007.1.i586.rpm
 bfe81d6d31909889f4a1f9822c6f3c87  2007.1/i586/clamd-0.92-1.2mdv2007.1.i586.rpm
 77591c75d6176061fa120ad5b5329846 
 2007.1/i586/clamdmon-0.92-1.2mdv2007.1.i586.rpm
 66939dc58639cc283cd4809719379100 
 2007.1/i586/klamav-0.41-2.1mdv2007.1.i586.rpm
 cf7e4f222f7b1992174c52fc9fa5e5e2 
 2007.1/i586/libclamav-devel-0.92-1.2mdv2007.1.i586.rpm
 405f62a1609dc6c8ea527bf2479030c1 
 2007.1/i586/libclamav3-0.92-1.2mdv2007.1.i586.rpm 
 b07c73a90d19f1a9d4c34cb586a51d0b 
 2007.1/SRPMS/clamav-0.92-1.2mdv2007.1.src.rpm
 45f42d28eb80611716a514aeed60b147 
 2007.1/SRPMS/klamav-0.41-2.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 0ce7b6c2cc03b1a06812eaa8666a69d7 
 2007.1/x86_64/clamav-0.92-1.2mdv2007.1.x86_64.rpm
 1d5785bb027b8f554d736b6b480755c2 
 2007.1/x86_64/clamav-db-0.92-1.2mdv2007.1.x86_64.rpm
 721eeabf6bc31ac026af9a8971a010ee 
 2007.1/x86_64/clamav-milter-0.92-1.2mdv2007.1.x86_64.rpm
 9d275b05f19ab0fbf8a294345aaf2d46 
 2007.1/x86_64/clamd-0.92-1.2mdv2007.1.x86_64.rpm
 a20c0c41cdd1fb2a68e157eb7b9c6c37 
 2007.1/x86_64/clamdmon-0.92-1.2mdv2007.1.x86_64.rpm
 18d5c2a141e17b054b87d98534c18820 
 2007.1/x86_64/klamav-0.41-2.1mdv2007.1.x86_64.rpm
 bfc5e7ef4a1445d2f529dbd57aec9440 
 2007.1/x86_64/lib64clamav-devel-0.92-1.2mdv2007.1.x86_64.rpm
 1284fd4541adfb80164a40a17bd367c4 
 2007.1/x86_64/lib64clamav3-0.92-1.2mdv2007.1.x86_64.rpm 
 b07c73a90d19f1a9d4c34cb586a51d0b 
 2007.1/SRPMS/clamav-0.92-1.2mdv2007.1.src.rpm
 45f42d28eb80611716a514aeed60b147 
 2007.1/SRPMS/klamav-0.41-2.1mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 6845c3727edd9c4cd40ab453433b23de 
 2008.0/i586/clamav-0.92-1.2mdv2008.0.i586.rpm
 be3ee6e6a5507432295ab884b28dd963 
 2008.0/i586/clamav-db-0.92-1.2mdv2008.0.i586.rpm
 b75df65dda486cbff50a07dfc5f67053 
 2008.0/i586/clamav-milter-0.92-1.2mdv2008.0.i586.rpm
 d6c5d54b74df8ad54c8c0166a5dfca5a  2008.0/i586/clamd-0.92-1.2mdv2008.0.i586.rpm
 99690d8f46e628ced3d7511c3961d8c8 
 2008.0/i586/clamdmon-0.92-1.2mdv2008.0.i586.rpm
 a761c21b0b0132567e45e005f4b46d59 
 2008.0/i586/klamav-0.41.1-2.1mdv2008.0.i586.rpm
 1eca36b7674292f957de5c7809ef7c8f 
 2008.0/i586/libclamav-devel-0.92-1.2mdv2008.0.i586.rpm
 3b593a73a49128450d7dd0b55d379c87 
 2008.0/i586/libclamav3-0.92-1.2mdv2008.0.i586.rpm 
 51dc9ab3b42c323547d03de5db226a84 
 2008.0/SRPMS/clamav-0.92-1.2mdv2008.0.src.rpm
 4257ab503f00c056db9e2d2ec5be92d7 
 2008.0/SRPMS/klamav-0.41.1-2.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 cde28a6c10e4e649fdc2e76a3c058190 
 2008.0/x86_64/clamav-0.92-1.2mdv2008.0.x86_64.rpm
 cddc66f6bf586632b3b6372a55dd01d9 
 2008.0/x86_64/clamav-db-0.92-1.2mdv2008.0.x86_64.rpm
 0f55d2cd2560725241a599eaf4473b16 
 2008.0/x86_64/clamav-milter-0.92-1.2mdv2008.0.x86_64.rpm
 91c0c8d9a951437a31dce3de060e948e 
 2008.0/x86_64/clamd-0.92-1.2mdv2008.0.x86_64.rpm
 835e414799fd885acb37697e7a94a0ac 
 2008.0/x86_64/clamdmon-0.92-1.2mdv2008.0.x86_64.rpm
 c4bb62543906bd0685ef3dedbd1d1eed 
 2008.0/x86_64/klamav-0.41.1-2.1mdv2008.0.x86_64.rpm
 013062a449726abcdb0e6ac69c0932d1 
 2008.0/x86_64/lib64clamav-devel-0.92-1.2mdv2008.0.x86_64.rpm
 f6b532ea61bf4213123804b00b7e0d40 
 2008.0/x86_64/lib64clamav3-0.92-1.2mdv2008.0.x86_64.rpm 
 51dc9ab3b42c323547d03de5db226a84 
 2008.0/SRPMS/clamav-0.92-1.2mdv2008.0.src.rpm
 4257ab503f00c056db9e2d2ec5be92d7 
 2008.0/SRPMS/klamav-0.41.1-2.1mdv2008.0.src.rpm

 Corporate 3.0:
 3f2a48e871c6c4a3b0a57d0eaa622a37 
 corporate/3.0/i586/clamav-0.92-0.2.C30mdk.i586.rpm
 ce3f09c9cbbd81bd2f5b035bf29a5b46 
 corporate/3.0/i586/clamav-db-0.92-0.2.C30mdk.i586.rpm
 e60f7417cdeddb012eb8b1f5713d63a3 
 corporate/3.0/i586/clamav-milter-0.92-0.2.C30mdk.i586.rpm
 74f1aee20b5031b0ac067d188f7168fb 
 corporate/3.0/i586/clamd-0.92-0.2.C30mdk.i586.rpm
 3bb0b303bef626dc9543310c6fb25696 
 corporate/3.0/i586/clamdmon-0.92-0.2.C30mdk.i586.rpm
 9f6845a740d65133e4ddfc4b3f97c11a 
 corporate/3.0/i586/libclamav-devel-0.92-0.2.C30mdk.i586.rpm
 5364bdfc013ade1199cd9e95f1587b20 
 corporate/3.0/i586/libclamav3-0.92-0.2.C30mdk.i586.rpm 
 3706e74c9205d888150c74a5310741e0 
 corporate/3.0/SRPMS/clamav-0.92-0.2.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 c07a6b3b930907d623ac66abb1b3a599 
 corporate/3.0/x86_64/clamav-0.92-0.2.C30mdk.x86_64.rpm
 dc5a98c4378b9fd58e9c4dcc149d9708 
 corporate/3.0/x86_64/clamav-db-0.92-0.2.C30mdk.x86_64.rpm
 93bc3c83d173c8fa6b5f8fba96df8847 
 corporate/3.0/x86_64/clamav-milter-0.92-0.2.C30mdk.x86_64.rpm
 3038d4e399a7ee4dd07739e91a10a675 
 corporate/3.0/x86_64/clamd-0.92-0.2.C30mdk.x86_64.rpm
 ed758355a6d8b53bf3a5a5d84124c789 
 corporate/3.0/x86_64/clamdmon-0.92-0.2.C30mdk.x86_64.rpm
 9546306ca59838c1b35fac61a12297b3 
 corporate/3.0/x86_64/lib64clamav-devel-0.92-0.2.C30mdk.x86_64.rpm
 5817803ca6185e173127889ae7640589 
 corporate/3.0/x86_64/lib64clamav3-0.92-0.2.C30mdk.x86_64.rpm 
 3706e74c9205d888150c74a5310741e0 
 corporate/3.0/SRPMS/clamav-0.92-0.2.C30mdk.src.rpm

 Corporate 4.0:
 09bc97f6d0c3a507537dd5df5d5a2e9e 
 corporate/4.0/i586/c-icap-client-210205-5.2.20060mlcs4.i586.rpm
 c162b402dd359cef918fca6a4ee55dc4 
 corporate/4.0/i586/c-icap-modules-210205-5.2.20060mlcs4.i586.rpm
 4ef1e16aa796f03a35e4fde3b2e73c29 
 corporate/4.0/i586/c-icap-server-210205-5.2.20060mlcs4.i586.rpm
 b300a7fc384f7425c10b5498c703f2c9 
 corporate/4.0/i586/clamav-0.92-0.2.20060mlcs4.i586.rpm
 2445d34f9632fa547ae0a1884152e7f2 
 corporate/4.0/i586/clamav-db-0.92-0.2.20060mlcs4.i586.rpm
 4fbf33fa8581f1e9149064bf98286d76 
 corporate/4.0/i586/clamav-milter-0.92-0.2.20060mlcs4.i586.rpm
 d7975bcedccf63ad68fa1003c39ea38f 
 corporate/4.0/i586/clamd-0.92-0.2.20060mlcs4.i586.rpm
 1a36e1a5f049193ebc4183116b0efba1 
 corporate/4.0/i586/clamdmon-0.92-0.2.20060mlcs4.i586.rpm
 d65e1dc78894367ec8778cdd4b3dcaab 
 corporate/4.0/i586/libc-icap0-210205-5.2.20060mlcs4.i586.rpm
 557e71c20126d3e8e2b3761d618e81b2 
 corporate/4.0/i586/libc-icap0-devel-210205-5.2.20060mlcs4.i586.rpm
 7547cb16781ef5864049bdbe3be066ca 
 corporate/4.0/i586/libclamav-devel-0.92-0.2.20060mlcs4.i586.rpm
 8670164705db11dab33cf01aecee05b5 
 corporate/4.0/i586/libclamav3-0.92-0.2.20060mlcs4.i586.rpm
 4bdc08d830df3e0b8ddc2eada232a83d 
 corporate/4.0/i586/php-clamav-0.12a-8.2.20060mlcs4.i586.rpm 
 ab588a94a6ae104f6a379dd164fdbb9b 
 corporate/4.0/SRPMS/c-icap-210205-5.2.20060mlcs4.src.rpm
 f62afc45435fb35b7a24b5a1a9827099 
 corporate/4.0/SRPMS/clamav-0.92-0.2.20060mlcs4.src.rpm
 1fdbb8cab6b50d1648dcc162f1e9aad8 
 corporate/4.0/SRPMS/php-clamav-0.12a-8.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 f84c1bd0a6e0794991262915dd73682c 
 corporate/4.0/x86_64/c-icap-client-210205-5.2.20060mlcs4.x86_64.rpm
 1a4cea375f8278d8fa74e578e05b99f8 
 corporate/4.0/x86_64/c-icap-modules-210205-5.2.20060mlcs4.x86_64.rpm
 c86cf3a99cb02b60686cfafebdabc427 
 corporate/4.0/x86_64/c-icap-server-210205-5.2.20060mlcs4.x86_64.rpm
 ac36226fb9c603e53c6b8ae0cc834106 
 corporate/4.0/x86_64/clamav-0.92-0.2.20060mlcs4.x86_64.rpm
 8b6b8043edb52c9510e634a6f5549ffc 
 corporate/4.0/x86_64/clamav-db-0.92-0.2.20060mlcs4.x86_64.rpm
 80313735603168fa6d4d1cee550b4461 
 corporate/4.0/x86_64/clamav-milter-0.92-0.2.20060mlcs4.x86_64.rpm
 5edc55a2746cdbfbc9dab0c138cd7904 
 corporate/4.0/x86_64/clamd-0.92-0.2.20060mlcs4.x86_64.rpm
 bf4df46b323a4184726b02b8551fbb74 
 corporate/4.0/x86_64/clamdmon-0.92-0.2.20060mlcs4.x86_64.rpm
 3bd7ab884f9e1dce5d127ded6b81cddc 
 corporate/4.0/x86_64/lib64c-icap0-210205-5.2.20060mlcs4.x86_64.rpm
 6f688ee2b22016964b46dc81c8a075a0 
 corporate/4.0/x86_64/lib64c-icap0-devel-210205-5.2.20060mlcs4.x86_64.rpm
 a8f718d57e5533e8df7c47cd26f5b2a4 
 corporate/4.0/x86_64/lib64clamav-devel-0.92-0.2.20060mlcs4.x86_64.rpm
 a7e2bca01fdf9ec52bb277b85260a6f4 
 corporate/4.0/x86_64/lib64clamav3-0.92-0.2.20060mlcs4.x86_64.rpm
 a0eff3d2addb10828672f26d1ef9aebf 
 corporate/4.0/x86_64/php-clamav-0.12a-8.2.20060mlcs4.x86_64.rpm 
 ab588a94a6ae104f6a379dd164fdbb9b 
 corporate/4.0/SRPMS/c-icap-210205-5.2.20060mlcs4.src.rpm
 f62afc45435fb35b7a24b5a1a9827099 
 corporate/4.0/SRPMS/clamav-0.92-0.2.20060mlcs4.src.rpm
 1fdbb8cab6b50d1648dcc162f1e9aad8 
 corporate/4.0/SRPMS/php-clamav-0.12a-8.2.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)

iD8DBQFHhEmcmqjQ0CJFipgRAvVeAJ45qzu/QLzIfZj6gtC30oXmGzl8/wCePF5A
vIfEl5eWay4ZlBdo5q23Y4M=
=9O4q
-----END PGP SIGNATURE-----


------------=_1199863222-4794-8114
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1199863222-4794-8114--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung