Login
Newsletter
Werbung
Sicherheit: Denial of Service in ClamAV
Aktuelle Meldungen Distributionen
Name: Denial of Service in ClamAV
ID: USN-684-1
Distribution: Ubuntu
Plattformen: Ubuntu 8.10
Datum: Di, 2. Dezember 2008, 23:23
Referenzen: https://bugs.launchpad.net/bugs/304017
Applikationen: Clam Antivirus

Originalnachricht

 

--===============5932308500447679168==
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature";
 boundary="zx4FCpZtqtKETZ7O"
Content-Disposition: inline


--zx4FCpZtqtKETZ7O
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

===========================================================
Ubuntu Security Notice USN-684-1          December 02, 2008
clamav vulnerability
https://bugs.launchpad.net/bugs/304017
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  libclamav5                      0.94.dfsg.2-1ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Ilja van Sprundel discovered that ClamAV did not handle recursive JPEG
information.  If a remote attacker sent a specially crafted JPEG file,
ClamAV would crash, leading to a denial of service.


Updated packages for Ubuntu 8.10:

  Source archives:

    clamav_0.94.dfsg.2-1ubuntu0.1.diff.gz
      Size/MD5:   159258 35b619fff489b7fdbfacd86170572cfa
    clamav_0.94.dfsg.2-1ubuntu0.1.dsc
      Size/MD5:     1545 d35181ceb4a8b93aa8ef3d80f424a52e
    clamav_0.94.dfsg.2.orig.tar.gz
      Size/MD5: 22073819 7b45b0c54b887b23cb49e4bff807cf58

  Architecture independent packages:

    clamav-base_0.94.dfsg.2-1ubuntu0.1_all.deb
      Size/MD5: 19497162 d2d7052e4859a66f9556a33839be072b
    clamav-docs_0.94.dfsg.2-1ubuntu0.1_all.deb
      Size/MD5:  1077346 0c0e57cf0a6d5004611621c81d158b3e
    clamav-testfiles_0.94.dfsg.2-1ubuntu0.1_all.deb
      Size/MD5:   208058 8dd86c35b97cfa0c111ec6a99f90d7b4

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    clamav-daemon_0.94.dfsg.2-1ubuntu0.1_amd64.deb
      Size/MD5:   239628 465bacd5ebfec386196f83b90c59b1d5
    clamav-dbg_0.94.dfsg.2-1ubuntu0.1_amd64.deb
      Size/MD5:   914866 309f142bd797da5b06bae9f3273c729a
    clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_amd64.deb
      Size/MD5:   255448 b28942a9a6ecd5b09eea78f22f56658c
    clamav_0.94.dfsg.2-1ubuntu0.1_amd64.deb
      Size/MD5:   235612 d7fc1fbc5112f2b8b4bb81f26f8495bd
    libclamav-dev_0.94.dfsg.2-1ubuntu0.1_amd64.deb
      Size/MD5:   573860 1a499485cdee3a5ed728fdb115d4708e
    libclamav5_0.94.dfsg.2-1ubuntu0.1_amd64.deb
      Size/MD5:   538626 f1ec69b8d9bc15cf1b6ab9b483b37568
    clamav-milter_0.94.dfsg.2-1ubuntu0.1_amd64.deb
      Size/MD5:   232722 4abb421ae13f2c04ccf7e975d68344f1

  i386 architecture (x86 compatible Intel/AMD):

    clamav-daemon_0.94.dfsg.2-1ubuntu0.1_i386.deb
      Size/MD5:   233172 1e14e971a76712c4a38d3250e3f84a4f
    clamav-dbg_0.94.dfsg.2-1ubuntu0.1_i386.deb
      Size/MD5:   849368 dc7e8747a2f1b40db10fd3dfa80d6d8f
    clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_i386.deb
      Size/MD5:   253682 2dfbb18dbe45b97fe537e440c86079f0
    clamav_0.94.dfsg.2-1ubuntu0.1_i386.deb
      Size/MD5:   232686 f5fc69f35bb5206e6f3f1802eab27b87
    libclamav-dev_0.94.dfsg.2-1ubuntu0.1_i386.deb
      Size/MD5:   541856 cc9e3b0f262968372c5cdf8b62606280
    libclamav5_0.94.dfsg.2-1ubuntu0.1_i386.deb
      Size/MD5:   524410 2d1f9e712a3ef57c99434469a584f38d
    clamav-milter_0.94.dfsg.2-1ubuntu0.1_i386.deb
      Size/MD5:   229260 280079fa42c8ff6a18a8fd1406956f3c

  lpia architecture (Low Power Intel Architecture):

    clamav-daemon_0.94.dfsg.2-1ubuntu0.1_lpia.deb
      Size/MD5:   232694 509ca94dd8ba239e70df349015eab8b6
    clamav-dbg_0.94.dfsg.2-1ubuntu0.1_lpia.deb
      Size/MD5:   866262 636afb92077246666719c22544dda5bd
    clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_lpia.deb
      Size/MD5:   253738 0581fb06ce78fd9a2d1e2d81cfa95e87
    clamav_0.94.dfsg.2-1ubuntu0.1_lpia.deb
      Size/MD5:   232232 7e301b68901a3435da4768b2845bf61d
    libclamav-dev_0.94.dfsg.2-1ubuntu0.1_lpia.deb
      Size/MD5:   543754 bd8453f227ae9bebcec4fb41b9e9d427
    libclamav5_0.94.dfsg.2-1ubuntu0.1_lpia.deb
      Size/MD5:   527060 b903aa2ec89a2b3c327e170f3b23e021
    clamav-milter_0.94.dfsg.2-1ubuntu0.1_lpia.deb
      Size/MD5:   229286 d2af0a51fa4beb6eb3045f2dfa3abe9e

  powerpc architecture (Apple Macintosh G3/G4/G5):

    clamav-daemon_0.94.dfsg.2-1ubuntu0.1_powerpc.deb
      Size/MD5:   242896 a8a6f8ef5d43b0856cb250879b6d741d
    clamav-dbg_0.94.dfsg.2-1ubuntu0.1_powerpc.deb
      Size/MD5:   903632 275eb13f4b9caa6ab4089aa0d8e97b24
    clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_powerpc.deb
      Size/MD5:   258198 2109d15b9bcb4cedeb380ac295c26364
    clamav_0.94.dfsg.2-1ubuntu0.1_powerpc.deb
      Size/MD5:   240246 c373dfb0ec6bd9539575aad28310a5ae
    libclamav-dev_0.94.dfsg.2-1ubuntu0.1_powerpc.deb
      Size/MD5:   613886 8a59e0abf3597d1c13ffa47ee0700b48
    libclamav5_0.94.dfsg.2-1ubuntu0.1_powerpc.deb
      Size/MD5:   554872 992aa23fb6ed82684c8325743e366947
    clamav-milter_0.94.dfsg.2-1ubuntu0.1_powerpc.deb
      Size/MD5:   232832 36d93e39e3f1f74dde643bc78e38c4a7

  sparc architecture (Sun SPARC/UltraSPARC):

    clamav-daemon_0.94.dfsg.2-1ubuntu0.1_sparc.deb
      Size/MD5:   232694 22f99a7b96cf3ab8749316cb3256b168
    clamav-dbg_0.94.dfsg.2-1ubuntu0.1_sparc.deb
      Size/MD5:   836388 a2eb3d95d9a6254db4d7375844f18f57
    clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_sparc.deb
      Size/MD5:   252954 b21baca5066e5e27a8b8154cc17b9d2c
    clamav_0.94.dfsg.2-1ubuntu0.1_sparc.deb
      Size/MD5:   233100 3c0b967b8a11e701698a1099a171ee82
    libclamav-dev_0.94.dfsg.2-1ubuntu0.1_sparc.deb
      Size/MD5:   577734 05eb85bfb1a2ac3b223eba160167c7e2
    libclamav5_0.94.dfsg.2-1ubuntu0.1_sparc.deb
      Size/MD5:   543454 09533df800dafec77af220c81897cb0e
    clamav-milter_0.94.dfsg.2-1ubuntu0.1_sparc.deb
      Size/MD5:   230206 5abbd9810492e866183bb1033a284b18


--zx4FCpZtqtKETZ7O
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Kees Cook <kees@outflux.net>

iEYEARECAAYFAkk1tKkACgkQH/9LqRcGPm22ZACgnhO3wB4ZTW/AgqT8yElelAEQ
Xo8AoI64nEkkXbL3REwNr6j8+LjSjZjx
=NfCK
-----END PGP SIGNATURE-----

--zx4FCpZtqtKETZ7O--


--===============5932308500447679168==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============5932308500447679168==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung