LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: December 22nd, 2014
Linux Advisory Watch: December 19th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian: New clamav packages fix several problems Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Debian Updated package.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 776-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
August 16th, 2005                        http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : clamav
Vulnerability  : integer overflows, infinete loop
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2005-2450
BugTraq ID     : 14359

Several bugs were discovered in Clam AntiVirus, the antivirus scanner
for Unix, designed for integration with mail servers to perform
attachment scanning.  The following problems were identified:

CAN-2005-2450

    Neel Mehta and Alex Wheeler discovered that Clam AntiVirus is
    vulnerable to integer overflows when handling the TNEF, CHM and
    FSG file formats.

CVE-NOMATCH

    Mark Pizzolato fixed a possible infinete loop that could cause a
    denial of service.

The old stable distribution (woody) is not affected as it doesn't contain clamav.

For the stable distribution (sarge) these problems have been fixed in
version 0.84-2.sarge.2.

For the unstable distribution (sid) these problems have been fixed in
version 0.86.2-1.

We recommend that you upgrade your clamav package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2.dsc
      Size/MD5 checksum:      872 a5d90ac557b114453e0935d95bca8e17
    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2.diff.gz
      Size/MD5 checksum:   169363 b12ac60c0652f68db9116aad830cde7f
    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84.orig.tar.gz
      Size/MD5 checksum:  4006624 c43213da01d510faf117daa9a4d5326c

  Architecture independent components:

    http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.84-2.sarge.2_all.deb
      Size/MD5 checksum:   154106 03b1f4f5addba27a157b0a6676555ff8
    http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.84-2.sarge.2_all.deb
      Size/MD5 checksum:   689748 84683f319f4c9a8f7e4d1d77d747396c
    http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.84-2.sarge.2_all.deb
      Size/MD5 checksum:   123118 58fea3ad4fcc2611f69af0f2ba455af8

  Alpha architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_alpha.deb
      Size/MD5 checksum:    74676 3f1d00637a7028c7012c3fe51e1383f4
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_alpha.deb
      Size/MD5 checksum:    48782 937bbc75d644b6c7a2e0ec7b5daa5bf6
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_alpha.deb
      Size/MD5 checksum:  2176324 0e6a0ae9d5ec4b68ed0e8bc688bbfb68
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_alpha.deb
      Size/MD5 checksum:    42116 bdc3ae3b34c0a9be2eb8621cc3177676
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_alpha.deb
      Size/MD5 checksum:   254548 5db908c37914f6fd06b2f3d689de0b81
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_alpha.deb
      Size/MD5 checksum:   283680 1e88b3d96000f0a1c5cf8a2cd0aad493

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_amd64.deb
      Size/MD5 checksum:    68866 07f764af8962cda289e92a0f7ca2d81a
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_amd64.deb
      Size/MD5 checksum:    44182 8d7dbb6148610b78c81ce135dbf9c7f8
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_amd64.deb
      Size/MD5 checksum:  2173198 615c7b237d3a4993550955e00e605135
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_amd64.deb
      Size/MD5 checksum:    40010 6941c36e7db2e48dc78f0a97e1b83aed
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_amd64.deb
      Size/MD5 checksum:   175358 ce3229e6277efe07443593432d194e8b
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_amd64.deb
      Size/MD5 checksum:   257690 c590d1a69e5899e75ef907d55ee2510a

  ARM architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_arm.deb
      Size/MD5 checksum:    63820 5871903c9f4789757ca2dda256a29197
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_arm.deb
      Size/MD5 checksum:    39504 bb7f439e8c7e0c7345ac37e537bb1db1
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_arm.deb
      Size/MD5 checksum:  2171180 a13279483c8265842b3b1e8641814fd5
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_arm.deb
      Size/MD5 checksum:    37302 b1400e02bbf2889e0befd15012ca1699
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_arm.deb
      Size/MD5 checksum:   173514 a063023f5ad8e3d21896f21782f05be7
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_arm.deb
      Size/MD5 checksum:   248174 7e084d71255c9924a90ab7956ae55ff7

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_i386.deb
      Size/MD5 checksum:    65140 ecebd43707069c8ef8f5ba3c4e007d23
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_i386.deb
      Size/MD5 checksum:    40202 d9ab0e02273c9fff0d4f73ed3ec73215
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_i386.deb
      Size/MD5 checksum:  2171494 d2fc4550ac66059e286497b2b9c17ffe
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_i386.deb
      Size/MD5 checksum:    38024 65657d68687180b74819de783d0098b4
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_i386.deb
      Size/MD5 checksum:   158552 e8143195d0a7d26a282a13a8a298e263
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_i386.deb
      Size/MD5 checksum:   252400 3c2b9d3e379c0c5763f7d8a4162ac1a6

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_ia64.deb
      Size/MD5 checksum:    81732 b010b8ca29e256a80f43fabd673f9d26
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_ia64.deb
      Size/MD5 checksum:    55098 e9ede8cecf6440b9c18620c82ed017f4
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_ia64.deb
      Size/MD5 checksum:  2180096 ae09fef9a1569fe07f77209e1e3bda70
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_ia64.deb
      Size/MD5 checksum:    49202 db0e453890631c462b76c79526034afb
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_ia64.deb
      Size/MD5 checksum:   250438 430797b7c58289c263aa0b3e0b4dbc7f
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_ia64.deb
      Size/MD5 checksum:   315662 3261606911205a42adaa885a4cce1b0e

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_hppa.deb
      Size/MD5 checksum:    68188 28b4f3e57c32ff42e1609de48f5a4e44
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_hppa.deb
      Size/MD5 checksum:    43232 0204bc7cb2dc0e22b0de6fcac5d7d56d
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_hppa.deb
      Size/MD5 checksum:  2173632 bce3329a057c47e0e5d237fab515ae23
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_hppa.deb
      Size/MD5 checksum:    39456 6c75ce7b7ea86db1e0c6da64da1f95ff
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_hppa.deb
      Size/MD5 checksum:   201268 e101e3b0ff335ee434bc79744d28dae3
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_hppa.deb
      Size/MD5 checksum:   281626 689202601c916ae9e2da20e7bca6c7a3

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_m68k.deb
      Size/MD5 checksum:    62454 ff013452d8ad7bc594236ad4612e7314
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_m68k.deb
      Size/MD5 checksum:    38070 0a20559664e319e5f8877d2122fa149d
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_m68k.deb
      Size/MD5 checksum:  2170456 b2cc40301a092d987de075c37fc4f271
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_m68k.deb
      Size/MD5 checksum:    35066 5b7b62906971f1f06d1e8006598de8ca
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_m68k.deb
      Size/MD5 checksum:   145404 47f7a24305acd5201509e3f1d2ca4ceb
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_m68k.deb
      Size/MD5 checksum:   248852 21681bb560a4036cc8550cf128e0c8f7

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_mips.deb
      Size/MD5 checksum:    67862 97a3b0443ee81ea46597039bbe2dc182
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_mips.deb
      Size/MD5 checksum:    43678 f6a8c79489fb6ba605b57058b72226da
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_mips.deb
      Size/MD5 checksum:  2172976 2969543db5ee78197b4b836c9d78d371
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_mips.deb
      Size/MD5 checksum:    37676 a4a7297f5e3fc3bfc1492bd26f97a788
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_mips.deb
      Size/MD5 checksum:   194322 cc37bcbd31388e6f562c54e142d13ac0
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_mips.deb
      Size/MD5 checksum:   255894 3ea583ce7f2505142e194b703d1ca942

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_mipsel.deb
      Size/MD5 checksum:    67488 a21ff89942ffbadfa4e689cdb1909866
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_mipsel.deb
      Size/MD5 checksum:    43488 01e504336acf95fcc1b0ee8944f4878a
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_mipsel.deb
      Size/MD5 checksum:  2172936 02a85640ed6e25f8941bee026350e243
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_mipsel.deb
      Size/MD5 checksum:    37962 6ea7d7fdf1107411c7dbde7c1a42653b
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_mipsel.deb
      Size/MD5 checksum:   190668 b889c22d131758864a4879b5cb7348ec
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_mipsel.deb
      Size/MD5 checksum:   253402 f574c054c397f0260667e745775815cc

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_powerpc.deb
      Size/MD5 checksum:    69232 c93efea8ad9bfc150702ab8ff3263bf5
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_powerpc.deb
      Size/MD5 checksum:    44574 89e9935711c574c4034626d865908f8e
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_powerpc.deb
      Size/MD5 checksum:  2173542 48fe9cda367a7cc27f92d85d92b41039
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_powerpc.deb
      Size/MD5 checksum:    38874 8a2bb630dbb823a6ff17215e1f0af758
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_powerpc.deb
      Size/MD5 checksum:   186630 bdc7b36545911ed04ec782d58b227efb
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_powerpc.deb
      Size/MD5 checksum:   263034 66b57b4acafa6e429c02794885c48e60

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_s390.deb
      Size/MD5 checksum:    67778 590e6c18c9d02596f49d64b4611eb54e
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_s390.deb
      Size/MD5 checksum:    43430 c096db0fd3865f26623d7885effd6751
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_s390.deb
      Size/MD5 checksum:  2172874 7fc9489259f2e4fb14b34322f191b79c
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_s390.deb
      Size/MD5 checksum:    38944 25af940b6ce231410cc82c4a818e0f5b
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_s390.deb
      Size/MD5 checksum:   181600 80fb485a2ef322a9b2e42b261688e4d7
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_s390.deb
      Size/MD5 checksum:   267588 d194c77d7317c1b716ff44edaf6ccb65

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_sparc.deb
      Size/MD5 checksum:    64324 a26a1f0208c60f37a85ff6e120dab86c
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_sparc.deb
      Size/MD5 checksum:    39392 bc8760a6e2ae4737260682f513242afd
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_sparc.deb
      Size/MD5 checksum:  2171058 47adaeb9cfab1857a6d24476e5bd792b
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_sparc.deb
      Size/MD5 checksum:    36854 356607cd1e092378da0471c6dd6fcfa1
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_sparc.deb
      Size/MD5 checksum:   174914 be5710250858efd4181ac13f9febd723
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_sparc.deb
      Size/MD5 checksum:   263320 828259b0260780173ffd0514b39fe0ba


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Report: U.S. planning “proportional response” to Sony hack, blamed on North Korea
Heartbleed, Shellshock, Tor and more: The 13 biggest security stories of 2014
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.