Login
Newsletter
Werbung
Sicherheit: Denial of Service in clamav
Aktuelle Meldungen Distributionen
Name: Denial of Service in clamav
ID: MDVSA-2008:166
Distribution: Mandriva
Plattformen: Mandriva Corporate 3.0, Mandriva Corporate 4.0, Mandriva 2007.1, Mandriva 2008.0, Mandriva 2008.1
Datum: Mi, 13. August 2008, 02:15
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3215
Applikationen: Clam Antivirus

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1218586541-11275-8110


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2008:166
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : clamav
 Date    : August 12, 2008
 Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________

 Problem Description:

 An incomplete fix for CVE-2008-2713 resulted in remote attackers being
 able to cause a denial of service via a malformed Petite file that
 triggered an out-of-bounds memory access (CVE-2008-3215).  This issue
 is corrected with the 0.93.3 release which is being provided.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3215
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2007.1:
 e2a49439597e540af2bfe7e68b8f356a 
 2007.1/i586/clamav-0.93.3-1.1mdv2007.1.i586.rpm
 48d60a361725b8368a77652636da3634 
 2007.1/i586/clamav-db-0.93.3-1.1mdv2007.1.i586.rpm
 b866c41c9cc415a5f201ba5afa70189d 
 2007.1/i586/clamav-milter-0.93.3-1.1mdv2007.1.i586.rpm
 5c37359d024a972ae14b10deed99f537 
 2007.1/i586/clamd-0.93.3-1.1mdv2007.1.i586.rpm
 c9030498b2174b51aaaf0376a7bd22b9 
 2007.1/i586/libclamav4-0.93.3-1.1mdv2007.1.i586.rpm
 02e0d809765a24645597e42cad8adf99 
 2007.1/i586/libclamav-devel-0.93.3-1.1mdv2007.1.i586.rpm 
 02c6a82f6e1d50e73472dd9d867fc71a 
 2007.1/SRPMS/clamav-0.93.3-1.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 b5f0af1cc16c24d0db5749740663a3cd 
 2007.1/x86_64/clamav-0.93.3-1.1mdv2007.1.x86_64.rpm
 ccf1112935188baba67af4c8f12602c5 
 2007.1/x86_64/clamav-db-0.93.3-1.1mdv2007.1.x86_64.rpm
 355f139c3e2febb9a2462f73ad80b99d 
 2007.1/x86_64/clamav-milter-0.93.3-1.1mdv2007.1.x86_64.rpm
 0ac9c0e9482e5bebb817a2da7ca34c55 
 2007.1/x86_64/clamd-0.93.3-1.1mdv2007.1.x86_64.rpm
 1b76efb82212f6b4ca597f159c5037c1 
 2007.1/x86_64/lib64clamav4-0.93.3-1.1mdv2007.1.x86_64.rpm
 ba7dcecdce14f9af3b190093bf3b567e 
 2007.1/x86_64/lib64clamav-devel-0.93.3-1.1mdv2007.1.x86_64.rpm 
 02c6a82f6e1d50e73472dd9d867fc71a 
 2007.1/SRPMS/clamav-0.93.3-1.1mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 50b0f29055f1c0b658ecd13a451b45fd 
 2008.0/i586/clamav-0.93.3-1.1mdv2008.0.i586.rpm
 ed3a1784523b919e1854d09be1fb7364 
 2008.0/i586/clamav-db-0.93.3-1.1mdv2008.0.i586.rpm
 64d40cebaeefd3b11d33414a02d7c511 
 2008.0/i586/clamav-milter-0.93.3-1.1mdv2008.0.i586.rpm
 6b81f46e08b86d074fa82e1c32af5d36 
 2008.0/i586/clamd-0.93.3-1.1mdv2008.0.i586.rpm
 f49f930b21f049f21965916e7ff145d4 
 2008.0/i586/libclamav4-0.93.3-1.1mdv2008.0.i586.rpm
 a0ebdbc4866514f23e69b8b5bdfc1055 
 2008.0/i586/libclamav-devel-0.93.3-1.1mdv2008.0.i586.rpm 
 0c713a68e6b09b5b05e15967c21bf58b 
 2008.0/SRPMS/clamav-0.93.3-1.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 a3baced56d79ceeae508641adfd95007 
 2008.0/x86_64/clamav-0.93.3-1.1mdv2008.0.x86_64.rpm
 77329bfde06b188eb1099068f6d60b04 
 2008.0/x86_64/clamav-db-0.93.3-1.1mdv2008.0.x86_64.rpm
 cbe665f82daaa0bcb26154ef3d7e6444 
 2008.0/x86_64/clamav-milter-0.93.3-1.1mdv2008.0.x86_64.rpm
 a13133ac1fab47018bcf4eda981117b9 
 2008.0/x86_64/clamd-0.93.3-1.1mdv2008.0.x86_64.rpm
 3e7c88c13b2c0fe19ba2477b13e355f2 
 2008.0/x86_64/lib64clamav4-0.93.3-1.1mdv2008.0.x86_64.rpm
 95606f61143ba5e04a794686c2713d5c 
 2008.0/x86_64/lib64clamav-devel-0.93.3-1.1mdv2008.0.x86_64.rpm 
 0c713a68e6b09b5b05e15967c21bf58b 
 2008.0/SRPMS/clamav-0.93.3-1.1mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 4b316c757e3415a12c870fe2d91c9f83 
 2008.1/i586/clamav-0.93.3-1.1mdv2008.1.i586.rpm
 5670109abc64e6379ffa6cbebe497bf1 
 2008.1/i586/clamav-db-0.93.3-1.1mdv2008.1.i586.rpm
 a65075f859b5b0e5529bd15041df9952 
 2008.1/i586/clamav-milter-0.93.3-1.1mdv2008.1.i586.rpm
 88ea3198e6f0751ed7c70e64b523dec9 
 2008.1/i586/clamd-0.93.3-1.1mdv2008.1.i586.rpm
 fcddfcb66aca5e5d9a1546c7f7fb525f 
 2008.1/i586/libclamav4-0.93.3-1.1mdv2008.1.i586.rpm
 cc6914938ca14a1e7cccc0772e505c45 
 2008.1/i586/libclamav-devel-0.93.3-1.1mdv2008.1.i586.rpm 
 e20f699bec8683f1e12d5a097ca1b6d1 
 2008.1/SRPMS/clamav-0.93.3-1.1mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 ea8e2a2acde4075de64c4fada90db33d 
 2008.1/x86_64/clamav-0.93.3-1.1mdv2008.1.x86_64.rpm
 6f7a297f22187a68314a82c9e8e06942 
 2008.1/x86_64/clamav-db-0.93.3-1.1mdv2008.1.x86_64.rpm
 58515d456c035862c80310d723b029f7 
 2008.1/x86_64/clamav-milter-0.93.3-1.1mdv2008.1.x86_64.rpm
 bdb0d4db5e4082ff52c2c84d775a0aff 
 2008.1/x86_64/clamd-0.93.3-1.1mdv2008.1.x86_64.rpm
 db051d135d8facbfca9a0b567db4aca0 
 2008.1/x86_64/lib64clamav4-0.93.3-1.1mdv2008.1.x86_64.rpm
 75632de425c08ededfdc3fe1e8860d2d 
 2008.1/x86_64/lib64clamav-devel-0.93.3-1.1mdv2008.1.x86_64.rpm 
 e20f699bec8683f1e12d5a097ca1b6d1 
 2008.1/SRPMS/clamav-0.93.3-1.1mdv2008.1.src.rpm

 Corporate 3.0:
 8293cdf10a02152f747da40f440f5ee0 
 corporate/3.0/i586/clamav-0.93.3-0.1.C30mdk.i586.rpm
 3c5678d035188b97c37dd22fc52f7d23 
 corporate/3.0/i586/clamav-db-0.93.3-0.1.C30mdk.i586.rpm
 adbaf9888e9f210a81fbb9f7ab9ffa0b 
 corporate/3.0/i586/clamav-milter-0.93.3-0.1.C30mdk.i586.rpm
 3d8430e67062828fe45c4b378754bc18 
 corporate/3.0/i586/clamd-0.93.3-0.1.C30mdk.i586.rpm
 3d6708ce5464613b2b459aca4b4beac9 
 corporate/3.0/i586/libclamav4-0.93.3-0.1.C30mdk.i586.rpm
 9891f420752c30caef96701efb708e92 
 corporate/3.0/i586/libclamav-devel-0.93.3-0.1.C30mdk.i586.rpm 
 6ce9aa49056cd7e52cd8270030729e5e 
 corporate/3.0/SRPMS/clamav-0.93.3-0.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 57421f4ecb122aef21cf89ace7f7b0fb 
 corporate/3.0/x86_64/clamav-0.93.3-0.1.C30mdk.x86_64.rpm
 a0a69afe13e1149cb16d48167fed89fa 
 corporate/3.0/x86_64/clamav-db-0.93.3-0.1.C30mdk.x86_64.rpm
 b6847f7917ae1b78a895083564e9717d 
 corporate/3.0/x86_64/clamav-milter-0.93.3-0.1.C30mdk.x86_64.rpm
 1f971e3e2b749f9c0bc066a90238a787 
 corporate/3.0/x86_64/clamd-0.93.3-0.1.C30mdk.x86_64.rpm
 370fa0bea1e2c69092331476318bf3d6 
 corporate/3.0/x86_64/lib64clamav4-0.93.3-0.1.C30mdk.x86_64.rpm
 f12dc8fb45fede77b4523a25473e8eb4 
 corporate/3.0/x86_64/lib64clamav-devel-0.93.3-0.1.C30mdk.x86_64.rpm 
 6ce9aa49056cd7e52cd8270030729e5e 
 corporate/3.0/SRPMS/clamav-0.93.3-0.1.C30mdk.src.rpm

 Corporate 4.0:
 4ae1f7dcde4066bfff80d6a4d06c4868 
 corporate/4.0/i586/clamav-0.93.3-0.1.20060mlcs4.i586.rpm
 b20ab30a139f6137485927c0b766addc 
 corporate/4.0/i586/clamav-db-0.93.3-0.1.20060mlcs4.i586.rpm
 deafc5d0dbdf6cdfb43fd5261d9b2860 
 corporate/4.0/i586/clamav-milter-0.93.3-0.1.20060mlcs4.i586.rpm
 7c9e8cbe36fb7c9f00763be25b2b7b6e 
 corporate/4.0/i586/clamd-0.93.3-0.1.20060mlcs4.i586.rpm
 c37e59fa834d2cc50223aa4eced7dab8 
 corporate/4.0/i586/libclamav4-0.93.3-0.1.20060mlcs4.i586.rpm
 97397d585b1a0e8b28f3963e3f2b0bb4 
 corporate/4.0/i586/libclamav-devel-0.93.3-0.1.20060mlcs4.i586.rpm 
 166a6c91b1094142374919721d8e53b4 
 corporate/4.0/SRPMS/clamav-0.93.3-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 f9d90442a66f213e634dfeeb58b39499 
 corporate/4.0/x86_64/clamav-0.93.3-0.1.20060mlcs4.x86_64.rpm
 cf4cbdd6a9b3477b5794fa24cc185e90 
 corporate/4.0/x86_64/clamav-db-0.93.3-0.1.20060mlcs4.x86_64.rpm
 96cf9d582f68937a86378e44c9d9c7cf 
 corporate/4.0/x86_64/clamav-milter-0.93.3-0.1.20060mlcs4.x86_64.rpm
 6c4f6a5f04ffd562b3e22aface428413 
 corporate/4.0/x86_64/clamd-0.93.3-0.1.20060mlcs4.x86_64.rpm
 027f5c2cae43725f098730c9c6085346 
 corporate/4.0/x86_64/lib64clamav4-0.93.3-0.1.20060mlcs4.x86_64.rpm
 aa541907de0244f3db23069467c6ebe1 
 corporate/4.0/x86_64/lib64clamav-devel-0.93.3-0.1.20060mlcs4.x86_64.rpm 
 166a6c91b1094142374919721d8e53b4 
 corporate/4.0/SRPMS/clamav-0.93.3-0.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFIofhymqjQ0CJFipgRAr2hAKCaHgvtOj5PWHnkJK+BlSWb4Z8xsQCeOqAR
n6hnOvnmkBsbvQd8bgP6Pkg=
=a/bF
-----END PGP SIGNATURE-----


------------=_1218586541-11275-8110
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1218586541-11275-8110--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung