==========================================================Ubuntu Security Notice USN-926-1             April 08, 2010
clamav vulnerabilities
CVE-2010-0098
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 8.10
Ubuntu 9.04
Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  libclamav6                      0.95.3+dfsg-1ubuntu0.09.04~intrepid3

Ubuntu 9.04:
  libclamav6                      0.95.3+dfsg-1ubuntu0.09.04.1

Ubuntu 9.10:
  libclamav6                      0.95.3+dfsg-1ubuntu0.09.10.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that ClamAV did not properly verify its input when
processing CAB files. A remote attacker could send a specially crafted
CAB file to evade malware detection. (CVE-2010-0098)

It was discovered that ClamAV did not properly verify its input when
processing CAB files. A remote attacker could send a specially crafted
CAB file and cause a denial of service via application crash.


Updated packages for Ubuntu 8.10:

  Source archives:

          Size/MD5:   265323 757c04fba1c77865dbbc5b9e295e3747
          Size/MD5:     1576 fa943d778fae6cd3cbe4c0aa210fabb2
          Size/MD5: 26892533 dfe1348c52223ab48f049123021aea4a

  Architecture independent packages:

          Size/MD5: 24053280 e109ae1c0f06e70a26b75c3f5c742e76
          Size/MD5:  1123478 c9d027933af4fb158607530dff2b2fcf
          Size/MD5:   232136 a73c65374e2abb1594d0f41d41681ba9

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   382118 fc4dc460745faeaba3543f00a7ac6ff7
          Size/MD5:  1199092 9601adadda63aff08564b70530791c9c
          Size/MD5:   287932 3909caba70b83e9edc95d25f11126406
          Size/MD5:   280356 f935a98346476ead85cd9111f095bbc2
          Size/MD5:   642646 655c71048ae6d344064dfa201b42722e
          Size/MD5:   600538 1f536a3dddd99160ec19780b21f270c0
          Size/MD5:   308542 9d37410a4275a4e51db563ff67a45333

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   369850 ca1d3ad665e1c5291259aac77633e9fb
          Size/MD5:  1111784 22b4dd6bfdc6fc006acc4275db0ca39e
          Size/MD5:   285324 c7f15b8219e53f36956dc78fc537a473
          Size/MD5:   275130 6c8ffabcb57ed27a5d12d1811d384eec
          Size/MD5:   607440 7ee43bf2ea34287b798b937d1e26ceef
          Size/MD5:   587726 0eaff9814d0f284ce2e57a69ad8ec3fb
          Size/MD5:   304862 99bc18d72f411fef310b7bdb3ce2d611

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   370408 53beb710cdf54cadfc8c0cdb8b881042
          Size/MD5:  1135102 9dd303fd18ff25de027597d9a22ce3c9
          Size/MD5:   284950 132e66740ce1378ebedf20ba4dbe26a4
          Size/MD5:   275122 5525b323ca7b033483300e62b4e73067
          Size/MD5:   609902 4087701bf0b1d88bc7344cbd2f8b0757
          Size/MD5:   588810 f40ee3c34d860280187d9f99460ea095
          Size/MD5:   304824 53b2d72c39b97bd9a5caf1b0195e0edc

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   389054 2d749308684a3795bc5075752c5c0a23
          Size/MD5:  1177066 cee06cc80222f63f4876ad29a7023737
          Size/MD5:   290364 8db7d2e3adc4e79a39dfe2bb1a65864d
          Size/MD5:   283494 8a66311b28b3c27481b576bb78b5e935
          Size/MD5:   684736 72485c4bf7dafdcea394f6cd5fc3a3bf
          Size/MD5:   618956 718e32868e61338a448a9e2fb17b6398
          Size/MD5:   311730 5521575d80103306ed329a6e7a9c3f6b

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   372458 a37c6d8c1e6bd6d1060730a09276ac65
          Size/MD5:  1080492 bf2f22de1a86c5129f16133afd3400c5
          Size/MD5:   284148 34c93a2928e4ad40465dd957829cad70
          Size/MD5:   275320 55c60c4d5644fe16576a744a268e3224
          Size/MD5:   641682 d278ad047f781f305f02345e53c9c9c6
          Size/MD5:   601608 4880a61a6be4288a85fd996cc490fa36
          Size/MD5:   305514 4e1929f506252fe8600c688f64cdb406

Updated packages for Ubuntu 9.04:

  Source archives:

          Size/MD5:   265222 1bad05a140a22bd9c74ae09ccdec9143
          Size/MD5:     1560 c8e482ff18b929831fbd8dc8c6f7a412
          Size/MD5: 26892533 dfe1348c52223ab48f049123021aea4a

  Architecture independent packages:

          Size/MD5: 24053166 d3321d97ee080ae8708c0db4e65f1cfc
          Size/MD5:  1123360 d346de961b50daf2c59ce8c57c5e323b
          Size/MD5:   232020 6bf9fb89ac9d652aa17d2d1e005f983f

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   381778 86a05f3149f3bb22c77ae826bf81afd0
          Size/MD5:  1167830 ff9b886c84b8aef5a810d9076391bc4d
          Size/MD5:   287778 ad3e846f21e1e4734fd80dfa37a4c563
          Size/MD5:   280194 6dcf53fdee93b557da1b15e4a5310ebd
          Size/MD5:   614334 8c06b80215242ed5f42b9c623959294f
          Size/MD5:   579128 66a2d609c70b0e0ea7b0531d7d5fe99c
          Size/MD5:   308404 93b9c0510e8549002c894c34f21f5943

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   369684 79ec47a23bdef29b5caf17aca3fbb24b
          Size/MD5:  1081794 5242ad2c09a81c5eb0703377b39b5541
          Size/MD5:   285272 493bf852c8d0cfc653422fe5ddc8e951
          Size/MD5:   274964 7c10572c0bd0b1d3a95ec6504c37827c
          Size/MD5:   582248 f8771889f796df898a3d57dd254eb6db
          Size/MD5:   566754 4cb508acbde097a15c00301b5159d6ea
          Size/MD5:   304706 aee0b5e4566e0ead453a60460662099a

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   370090 9de67009279a6f8a7d84eac49b765615
          Size/MD5:  1101034 5903c144d99d19172144866f71b0ba36
          Size/MD5:   284846 63c799c3cd145ac78902766bb05a4e39
          Size/MD5:   274894 37804849eba67bafd57f67885043149b
          Size/MD5:   583808 3cf000ff45e7c06f591ef5d1c9e404b1
          Size/MD5:   568096 d6a45c864eb7ac80d003091a889ca289
          Size/MD5:   304648 1cf639edc44b29ae8f68824232be5a0a

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   389096 6ba63fc4bd4107e3e1d7b7e92a407b19
          Size/MD5:  1144828 57e53b905cffe17e8c34ff5a9612381f
          Size/MD5:   290338 bbf0254752edf2c2445e19dc7b11b7d7
          Size/MD5:   283438 da25896e41db57878480b291a8b4136a
          Size/MD5:   655298 0d1950987f657eab05b3e7470f07f38d
          Size/MD5:   596020 4dcceb28e54e43632257a33abeef4fba
          Size/MD5:   311658 4013dec91b321999d57a7299548cfb5b

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   371978 484e5e8a8f0ae42b6a04a1afbbdb54d7
          Size/MD5:  1056064 8cff006044b24062eb6df509ff492f24
          Size/MD5:   283950 b03bb7275b3f8202a3d30a29a182b949
          Size/MD5:   275132 775c4c56e4a4829cb72a62805bec4b3c
          Size/MD5:   616918 2f0e3954fd23b71d9f0321212adfbe94
          Size/MD5:   583622 c4dda35707567378b8dd81aa76a678e1
          Size/MD5:   305236 dd2c91ed2f71cb912edc32154f6211ad

Updated packages for Ubuntu 9.10:

  Source archives:

          Size/MD5:   265235 7bc1fcad38370d7f6a7d77fc7c293f0b
          Size/MD5:     1560 8ed7ebe00dc1d3886cc1b2d9f0497e18
          Size/MD5: 26892533 dfe1348c52223ab48f049123021aea4a

  Architecture independent packages:

          Size/MD5: 24053128 81ef0745721cbaabdc3449bd0c0070ce
          Size/MD5:  1123344 cd2edf81e933216ab888a93fc939e0b1
          Size/MD5:   232004 2e9cf5aba40d95889b491d8b86cea3f1

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   382792 ef7aa75c9a0a993d77f9cbd44e640664
          Size/MD5:  1100910 91b959dbae45b1c3bc8df1e35d113f87
          Size/MD5:   288370 207c4d9dadfa9ad58ca97e6e1c24c9fd
          Size/MD5:   280876 f9bbc18623be96271e2cd15b26891178
          Size/MD5:   622704 57aaa6777d5b07856f1a94bac41758f7
          Size/MD5:   583924 e04b3f32ca32ed34d9c139ea21ca8f89
          Size/MD5:   308906 4695e7a4d6f3fae642141e985eb4edd6

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   370024 0b30a67cea554fd6559aa945c30f3226
          Size/MD5:  1058162 a108b4fc3208bd4cd4df2f87a7666d6b
          Size/MD5:   285488 2eb7a925ed06e702611c14e4932a27db
          Size/MD5:   275176 b5a630ea431424f1ac2a770d9e6d1aad
          Size/MD5:   583850 0341993f8035f4e928b64619d44e7f73
          Size/MD5:   567634 f77743bd410ab9c2af9a66e835fa05b4
          Size/MD5:   304780 5bc2bf75aaf249898ef05a1b9a2555c5

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   370270 4917db619a964983ac23bd0aabdc7fcc
          Size/MD5:  1072896 2ed5b2cbf2c302c0df6cacbf127bafc1
          Size/MD5:   285654 2fa0ae6eae4b0e6cf21622b914cb5baa
          Size/MD5:   275664 e57e7b37036632b083fc98bad0831040
          Size/MD5:   584984 b10e8d7a60813f0f1bf7bee8b8c7bc4d
          Size/MD5:   568482 cb85c42b154bd8b97ba386c9c277562f
          Size/MD5:   304650 6b492fde7c69e3e1fa5d084a37931c7d

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   382820 51b8c6583bc19d65cae217b0a2fced13
          Size/MD5:  1135058 bf30bbd2ba3065baab148904aff07146
          Size/MD5:   287732 01fcbf6ba2d924498f8719c4dcd496c6
          Size/MD5:   279366 c04405b669c3d0d025bb30a34b8ff501
          Size/MD5:   661352 2bb183b81537212c7664e0ce52117b6e
          Size/MD5:   601396 bf91f2ed382120a1fc5be6fb97ba8582
          Size/MD5:   309852 ab89149a32f51b75961c009f7093a12b

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   373342 76cc74be73198e8edb7047a80480a0b7
          Size/MD5:  1055398 cfb5f77c2e574f70b3e537742bbcf359
          Size/MD5:   284032 c823af73565e070fb56fd5fbf6d7ec0e
          Size/MD5:   275058 be1ba499a80d1bfc6da16cdbf61b6614
          Size/MD5:   628286 97ce2022f987015d374a993c713a3197
          Size/MD5:   595074 07eb396b3ab111f2a62a8845e572e143
          Size/MD5:   305784 6fb916985c5b2b68d40d1f56a7e75167

Ubuntu 926-1: ClamAV vulnerabilities

April 8, 2010
It was discovered that ClamAV did not properly verify its input whenprocessing CAB files

Summary

Update Instructions

References

Severity
clamav vulnerabilities

Package Information

Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved