Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Linux :: Ubuntu :: va1975.htm

ClamAV vulnerability



ClamAV vulnerability
ClamAV vulnerability




--zx4FCpZtqtKETZ7O
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================Ubuntu Security Notice USN-684-1          December 02, 2008
clamav vulnerability
https://bugs.launchpad.net/bugs/304017
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  libclamav5                      0.94.dfsg.2-1ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Ilja van Sprundel discovered that ClamAV did not handle recursive JPEG
information.  If a remote attacker sent a specially crafted JPEG file,
ClamAV would crash, leading to a denial of service.


Updated packages for Ubuntu 8.10:

  Source archives:

http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.1.diff.gz 
      Size/MD5:   159258 35b619fff489b7fdbfacd86170572cfa
http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.1.dsc 
      Size/MD5:     1545 d35181ceb4a8b93aa8ef3d80f424a52e
http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2.orig.tar.gz 
      Size/MD5: 22073819 7b45b0c54b887b23cb49e4bff807cf58

  Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-base_0.94.dfsg.2-1ubuntu0.1_all.deb 
      Size/MD5: 19497162 d2d7052e4859a66f9556a33839be072b
http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-docs_0.94.dfsg.2-1ubuntu0.1_all.deb 
      Size/MD5:  1077346 0c0e57cf0a6d5004611621c81d158b3e
http://security.ubuntu.com/ubuntu/pool/universe/c/clamav/clamav-testfiles_0.94.dfsg.2-1ubuntu0.1_all.deb 
      Size/MD5:   208058 8dd86c35b97cfa0c111ec6a99f90d7b4

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.1_amd64.deb 
      Size/MD5:   239628 465bacd5ebfec386196f83b90c59b1d5
http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.1_amd64.deb 
      Size/MD5:   914866 309f142bd797da5b06bae9f3273c729a
http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_amd64.deb 
      Size/MD5:   255448 b28942a9a6ecd5b09eea78f22f56658c
http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.1_amd64.deb 
      Size/MD5:   235612 d7fc1fbc5112f2b8b4bb81f26f8495bd
http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.1_amd64.deb 
      Size/MD5:   573860 1a499485cdee3a5ed728fdb115d4708e
http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.1_amd64.deb 
      Size/MD5:   538626 f1ec69b8d9bc15cf1b6ab9b483b37568
http://security.ubuntu.com/ubuntu/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.1_amd64.deb 
      Size/MD5:   232722 4abb421ae13f2c04ccf7e975d68344f1

  i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.1_i386.deb 
      Size/MD5:   233172 1e14e971a76712c4a38d3250e3f84a4f
http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.1_i386.deb 
      Size/MD5:   849368 dc7e8747a2f1b40db10fd3dfa80d6d8f
http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_i386.deb 
      Size/MD5:   253682 2dfbb18dbe45b97fe537e440c86079f0
http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.1_i386.deb 
      Size/MD5:   232686 f5fc69f35bb5206e6f3f1802eab27b87
http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.1_i386.deb 
      Size/MD5:   541856 cc9e3b0f262968372c5cdf8b62606280
http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.1_i386.deb 
      Size/MD5:   524410 2d1f9e712a3ef57c99434469a584f38d
http://security.ubuntu.com/ubuntu/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.1_i386.deb 
      Size/MD5:   229260 280079fa42c8ff6a18a8fd1406956f3c

  lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.1_lpia.deb 
      Size/MD5:   232694 509ca94dd8ba239e70df349015eab8b6
http://ports.ubuntu.com/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.1_lpia.deb 
      Size/MD5:   866262 636afb92077246666719c22544dda5bd
http://ports.ubuntu.com/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_lpia.deb 
      Size/MD5:   253738 0581fb06ce78fd9a2d1e2d81cfa95e87
http://ports.ubuntu.com/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.1_lpia.deb 
      Size/MD5:   232232 7e301b68901a3435da4768b2845bf61d
http://ports.ubuntu.com/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.1_lpia.deb 
      Size/MD5:   543754 bd8453f227ae9bebcec4fb41b9e9d427
http://ports.ubuntu.com/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.1_lpia.deb 
      Size/MD5:   527060 b903aa2ec89a2b3c327e170f3b23e021
http://ports.ubuntu.com/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.1_lpia.deb 
      Size/MD5:   229286 d2af0a51fa4beb6eb3045f2dfa3abe9e

  powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.1_powerpc.deb 
      Size/MD5:   242896 a8a6f8ef5d43b0856cb250879b6d741d
http://ports.ubuntu.com/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.1_powerpc.deb 
      Size/MD5:   903632 275eb13f4b9caa6ab4089aa0d8e97b24
http://ports.ubuntu.com/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_powerpc.deb 
      Size/MD5:   258198 2109d15b9bcb4cedeb380ac295c26364
http://ports.ubuntu.com/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.1_powerpc.deb 
      Size/MD5:   240246 c373dfb0ec6bd9539575aad28310a5ae
http://ports.ubuntu.com/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.1_powerpc.deb 
      Size/MD5:   613886 8a59e0abf3597d1c13ffa47ee0700b48
http://ports.ubuntu.com/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.1_powerpc.deb 
      Size/MD5:   554872 992aa23fb6ed82684c8325743e366947
http://ports.ubuntu.com/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.1_powerpc.deb 
      Size/MD5:   232832 36d93e39e3f1f74dde643bc78e38c4a7

  sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/c/clamav/clamav-daemon_0.94.dfsg.2-1ubuntu0.1_sparc.deb 
      Size/MD5:   232694 22f99a7b96cf3ab8749316cb3256b168
http://ports.ubuntu.com/pool/main/c/clamav/clamav-dbg_0.94.dfsg.2-1ubuntu0.1_sparc.deb 
      Size/MD5:   836388 a2eb3d95d9a6254db4d7375844f18f57
http://ports.ubuntu.com/pool/main/c/clamav/clamav-freshclam_0.94.dfsg.2-1ubuntu0.1_sparc.deb 
      Size/MD5:   252954 b21baca5066e5e27a8b8154cc17b9d2c
http://ports.ubuntu.com/pool/main/c/clamav/clamav_0.94.dfsg.2-1ubuntu0.1_sparc.deb 
      Size/MD5:   233100 3c0b967b8a11e701698a1099a171ee82
http://ports.ubuntu.com/pool/main/c/clamav/libclamav-dev_0.94.dfsg.2-1ubuntu0.1_sparc.deb 
      Size/MD5:   577734 05eb85bfb1a2ac3b223eba160167c7e2
http://ports.ubuntu.com/pool/main/c/clamav/libclamav5_0.94.dfsg.2-1ubuntu0.1_sparc.deb 
      Size/MD5:   543454 09533df800dafec77af220c81897cb0e
http://ports.ubuntu.com/pool/universe/c/clamav/clamav-milter_0.94.dfsg.2-1ubuntu0.1_sparc.deb 
      Size/MD5:   230206 5abbd9810492e866183bb1033a284b18


--zx4FCpZtqtKETZ7O
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Kees Cook  

iEYEARECAAYFAkk1tKkACgkQH/9LqRcGPm22ZACgnhO3wB4ZTW/AgqT8yElelAEQ
Xo8AoI64nEkkXbL3REwNr6j8+LjSjZjx
=NfCK
-----END PGP SIGNATURE-----

--zx4FCpZtqtKETZ7O--


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH