-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:097 http://www.mandriva.com/security/ _______________________________________________________________________ Package : clamav Date : April 24, 2009 Affected: 2008.1, 2009.0, Corporate 3.0, Corporate 4.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been found and corrected in clamav: Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive (CVE-2009-1241). libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error (CVE-2008-6680). libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted file that causes (1) clamd and (2) clamscan to hang (CVE-2009-1270). The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) via a malformed file with UPack encoding (CVE-2009-1371). Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL (CVE-2009-1372). Important notice about this upgrade: clamav-0.95+ bundles support for RAR v3 in libclamav which is a license violation as the RAR v3 license and the GPL license is not compatible. As a consequence to this Mandriva has been forced to remove the RAR v3 code. This update provides clamav 0.95.1, which is not vulnerable to these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6680 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1270 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1371 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1372 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.1: b25be221f0404db50a3d4a5a67c3ab1a 2008.1/i586/clamav-0.95.1-2.1mdv2008.1.i586.rpm 1aa362d1e857f27989e41284611f4773 2008.1/i586/clamav-db-0.95.1-2.1mdv2008.1.i586.rpm a25b0a792d0f4a8a611d2cda7ffdb475 2008.1/i586/clamav-milter-0.95.1-2.1mdv2008.1.i586.rpm 1ede494dfd7ceb6a3d27108e5a2b01ff 2008.1/i586/clamd-0.95.1-2.1mdv2008.1.i586.rpm 7e98ebece7df4167ffbd7e1bee83fc9c 2008.1/i586/libclamav6-0.95.1-2.1mdv2008.1.i586.rpm 235c1379ab830ebeb378b9aa3ae46ef4 2008.1/i586/libclamav-devel-0.95.1-2.1mdv2008.1.i586.rpm a4f6214533bb9ef273ff707e59254d28 2008.1/SRPMS/clamav-0.95.1-2.1mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: fd7a2b0c2c41f75489506b403a8ba722 2008.1/x86_64/clamav-0.95.1-2.1mdv2008.1.x86_64.rpm 1ee04e95195b48185dc31d1bb4a8f338 2008.1/x86_64/clamav-db-0.95.1-2.1mdv2008.1.x86_64.rpm 6e051b306f9d632702385ec4cd48357c 2008.1/x86_64/clamav-milter-0.95.1-2.1mdv2008.1.x86_64.rpm 8fd9e0314018de597119d17f150d93bf 2008.1/x86_64/clamd-0.95.1-2.1mdv2008.1.x86_64.rpm bfb0d0a6a21bfc98fa0d206c622cb2ad 2008.1/x86_64/lib64clamav6-0.95.1-2.1mdv2008.1.x86_64.rpm 9cc53a243b850c16a07db35072ecb7f8 2008.1/x86_64/lib64clamav-devel-0.95.1-2.1mdv2008.1.x86_64.rpm a4f6214533bb9ef273ff707e59254d28 2008.1/SRPMS/clamav-0.95.1-2.1mdv2008.1.src.rpm Mandriva Linux 2009.0: d5f17009981b1f8e8acbb9fabb291a5e 2009.0/i586/clamav-0.95.1-2.1mdv2009.0.i586.rpm 74d4e82cb85e9a0756448f3d47a7df54 2009.0/i586/clamav-db-0.95.1-2.1mdv2009.0.i586.rpm 6e6a88618d26e6d2b933661a7199ed7c 2009.0/i586/clamav-milter-0.95.1-2.1mdv2009.0.i586.rpm 6457fce7ff4ac1004bb73b1ce0fb465d 2009.0/i586/clamd-0.95.1-2.1mdv2009.0.i586.rpm e02d098cce4fb905ff0772fa03ebdc40 2009.0/i586/libclamav6-0.95.1-2.1mdv2009.0.i586.rpm 66341a133ab8083a5e45a8374a98c9a7 2009.0/i586/libclamav-devel-0.95.1-2.1mdv2009.0.i586.rpm 6e3d1e7f25b2c2c66fe5b6e6ad63e4fd 2009.0/SRPMS/clamav-0.95.1-2.1mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: f5460c948001225a9d19f3724ed3b38d 2009.0/x86_64/clamav-0.95.1-2.1mdv2009.0.x86_64.rpm 8d7797121ab856e3ece928b8b8055388 2009.0/x86_64/clamav-db-0.95.1-2.1mdv2009.0.x86_64.rpm 938cf6cd118d87f8b557de20d234f822 2009.0/x86_64/clamav-milter-0.95.1-2.1mdv2009.0.x86_64.rpm 641ca4e769bb8ed672a39ca4fc6012ab 2009.0/x86_64/clamd-0.95.1-2.1mdv2009.0.x86_64.rpm d9ceb8022fe109b1d78517fca55a0f5a 2009.0/x86_64/lib64clamav6-0.95.1-2.1mdv2009.0.x86_64.rpm d593fa36c147eb6e6aaacf8e53410e54 2009.0/x86_64/lib64clamav-devel-0.95.1-2.1mdv2009.0.x86_64.rpm 6e3d1e7f25b2c2c66fe5b6e6ad63e4fd 2009.0/SRPMS/clamav-0.95.1-2.1mdv2009.0.src.rpm Corporate 3.0: b7b6503c5444421f1cd861d97a9c5386 corporate/3.0/i586/clamav-0.95.1-1.1.C30mdk.i586.rpm ba931d2fc084fe6c381a82f68d1dfa6e corporate/3.0/i586/clamav-db-0.95.1-1.1.C30mdk.i586.rpm 0dc532b543787ba3c314767af94122d2 corporate/3.0/i586/clamd-0.95.1-1.1.C30mdk.i586.rpm faf6229623ba8bb4107fe97499af7c54 corporate/3.0/i586/libclamav6-0.95.1-1.1.C30mdk.i586.rpm 7a593851920975bfeedfd140721fc051 corporate/3.0/i586/libclamav-devel-0.95.1-1.1.C30mdk.i586.rpm 5fe4ff2006ad37aa310cdc962448a949 corporate/3.0/SRPMS/clamav-0.95.1-1.1.C30mdk.src.rpm Corporate 3.0/X86_64: 61d86f3e8e8ded06a756a79443c89754 corporate/3.0/x86_64/clamav-0.95.1-1.1.C30mdk.x86_64.rpm 9ade30f84acccb03e66fc41093d3fa34 corporate/3.0/x86_64/clamav-db-0.95.1-1.1.C30mdk.x86_64.rpm 9915774317c81d7cafaa551649de18f6 corporate/3.0/x86_64/clamd-0.95.1-1.1.C30mdk.x86_64.rpm ca3929b1611b97147dbba539ba927072 corporate/3.0/x86_64/lib64clamav6-0.95.1-1.1.C30mdk.x86_64.rpm 079134b649c3b867e8df0fe2abdaa9a8 corporate/3.0/x86_64/lib64clamav-devel-0.95.1-1.1.C30mdk.x86_64.rpm 5fe4ff2006ad37aa310cdc962448a949 corporate/3.0/SRPMS/clamav-0.95.1-1.1.C30mdk.src.rpm Corporate 4.0: 8a3d40f2eb11de32d4f812719205588f corporate/4.0/i586/clamav-0.95.1-1.1.20060mlcs4.i586.rpm f19380a3503527a5fb14687f1712a7f1 corporate/4.0/i586/clamav-db-0.95.1-1.1.20060mlcs4.i586.rpm 211b72834f384601e22987a4942dc445 corporate/4.0/i586/clamav-milter-0.95.1-1.1.20060mlcs4.i586.rpm a1198afbb6c424b05d2cfc521ef84804 corporate/4.0/i586/clamd-0.95.1-1.1.20060mlcs4.i586.rpm 04bb78c1b13402e8af8edb2fa3e4c84f corporate/4.0/i586/libclamav6-0.95.1-1.1.20060mlcs4.i586.rpm 5bc0075e65496951761da1f37a30b431 corporate/4.0/i586/libclamav-devel-0.95.1-1.1.20060mlcs4.i586.rpm 92ceb46391b875526b3537f34703c51b corporate/4.0/SRPMS/clamav-0.95.1-1.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: aa317fef6d868d99b2ce22c0334ea059 corporate/4.0/x86_64/clamav-0.95.1-1.1.20060mlcs4.x86_64.rpm 17f64c31b8fc2a73db2680f9b8056c0d corporate/4.0/x86_64/clamav-db-0.95.1-1.1.20060mlcs4.x86_64.rpm 1cf5fe4bb11ce1940d4f95efb642e203 corporate/4.0/x86_64/clamav-milter-0.95.1-1.1.20060mlcs4.x86_64.rpm ab4106cf7bfa8b5407dfe0fb784e48d3 corporate/4.0/x86_64/clamd-0.95.1-1.1.20060mlcs4.x86_64.rpm 600e3d90e14a4e5b37d6bae04fe0fbe3 corporate/4.0/x86_64/lib64clamav6-0.95.1-1.1.20060mlcs4.x86_64.rpm e494d19586e60e9a0d114d960301cdf3 corporate/4.0/x86_64/lib64clamav-devel-0.95.1-1.1.20060mlcs4.x86_64.rpm 92ceb46391b875526b3537f34703c51b corporate/4.0/SRPMS/clamav-0.95.1-1.1.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFJ8hZomqjQ0CJFipgRAh5nAKDFL4629xP6V37fANiHCmIO62HNowCgsP9T sh+l4euCUhExmgO4scmkFYE= =vUEQ -----END PGP SIGNATURE-----
