<<< Date Index >>>     <<< Thread Index >>>

MDKSA-2005:113 - Updated clamav packages fix vulnerability



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           clamav
 Advisory ID:            MDKSA-2005:113
 Date:                   July 11th, 2005

 Affected versions:      10.1, 10.2, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 Andrew Toller and Stefan Kanthak discovered that a flaw in libmspack's
 Quantum archive decompressor renders Clam AntiVirus vulnerable to a
 Denial of Service attack.
 
 The updated packages have been patched to correct the problem.
 _______________________________________________________________________

 References:

  http://sourceforge.net/project/shownotes.php?release_id=337279
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 d1a61855ca50e53018e5c65ef380d8dd  10.1/RPMS/clamav-0.81-0.3.101mdk.i586.rpm
 4a73d4428b1c8288192e1880882114f1  10.1/RPMS/clamav-db-0.81-0.3.101mdk.i586.rpm
 ead89b02938223716b68ce51047fd193  
10.1/RPMS/clamav-milter-0.81-0.3.101mdk.i586.rpm
 69ab5c876524188f382cb7649949ebcf  10.1/RPMS/clamd-0.81-0.3.101mdk.i586.rpm
 f682ad9ceaab4b22deacce071f685dd7  10.1/RPMS/libclamav1-0.81-0.3.101mdk.i586.rpm
 f74afc4b092506d942bc1c33e978143a  
10.1/RPMS/libclamav1-devel-0.81-0.3.101mdk.i586.rpm
 5427d070911966721a7a74e43d5115d1  10.1/SRPMS/clamav-0.81-0.3.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 cef11c2c75f3d931e2fef9018895e410  
x86_64/10.1/RPMS/clamav-0.81-0.3.101mdk.x86_64.rpm
 097aa32fc592727a5355872a91f2e53e  
x86_64/10.1/RPMS/clamav-db-0.81-0.3.101mdk.x86_64.rpm
 e205ca0a534f2ca20afee6c311c927f2  
x86_64/10.1/RPMS/clamav-milter-0.81-0.3.101mdk.x86_64.rpm
 dd5e7b49cc8b442b3ce9285b3b065217  
x86_64/10.1/RPMS/clamd-0.81-0.3.101mdk.x86_64.rpm
 1c5d18841912089a2c0788103c81fd47  
x86_64/10.1/RPMS/lib64clamav1-0.81-0.3.101mdk.x86_64.rpm
 b4ed80c808515aa78c5b64a90badc208  
x86_64/10.1/RPMS/lib64clamav1-devel-0.81-0.3.101mdk.x86_64.rpm
 5427d070911966721a7a74e43d5115d1  
x86_64/10.1/SRPMS/clamav-0.81-0.3.101mdk.src.rpm

 Mandrakelinux 10.2:
 40ebaed7490c8c4609d175898a4524a5  10.2/RPMS/clamav-0.83-6.1.102mdk.i586.rpm
 ecba8225d04b3d56b367cd12d1b18041  10.2/RPMS/clamav-db-0.83-6.1.102mdk.i586.rpm
 4c3f83da2c21d5b438fa87c2fc9c2510  
10.2/RPMS/clamav-milter-0.83-6.1.102mdk.i586.rpm
 9af96c3025518c85b71382ade35b34c2  10.2/RPMS/clamd-0.83-6.1.102mdk.i586.rpm
 617a8776560de95a5feebdb18beb2f74  10.2/RPMS/libclamav1-0.83-6.1.102mdk.i586.rpm
 bb629f7ef414de49be3bf2fff4fdd949  
10.2/RPMS/libclamav1-devel-0.83-6.1.102mdk.i586.rpm
 c1aa9d888990112d8db675a67d65d612  10.2/SRPMS/clamav-0.83-6.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 73b4b991f4b44ff648f4f9730608988c  
x86_64/10.2/RPMS/clamav-0.83-6.1.102mdk.x86_64.rpm
 78da41faaaf4a67ecebb2155d20681b8  
x86_64/10.2/RPMS/clamav-db-0.83-6.1.102mdk.x86_64.rpm
 104687d7dcd6258e5737e90c6814a0c0  
x86_64/10.2/RPMS/clamav-milter-0.83-6.1.102mdk.x86_64.rpm
 afc85c501b6a9aed7f967ed35f2e4540  
x86_64/10.2/RPMS/clamd-0.83-6.1.102mdk.x86_64.rpm
 9f831708f8a44ccba75bd0cafc926e0d  
x86_64/10.2/RPMS/lib64clamav1-0.83-6.1.102mdk.x86_64.rpm
 f76da72a62e0d94451c5bcfdd4a5ff56  
x86_64/10.2/RPMS/lib64clamav1-devel-0.83-6.1.102mdk.x86_64.rpm
 c1aa9d888990112d8db675a67d65d612  
x86_64/10.2/SRPMS/clamav-0.83-6.1.102mdk.src.rpm

 Corporate 3.0:
 154457f3913dc4bfcd349e8d7f3d9ed1  
corporate/3.0/RPMS/clamav-0.81-0.3.C30mdk.i586.rpm
 aa6d83e73d03464aee591658721017db  
corporate/3.0/RPMS/clamav-db-0.81-0.3.C30mdk.i586.rpm
 79ffb7195506c5b0914e10dda8eac35a  
corporate/3.0/RPMS/clamav-milter-0.81-0.3.C30mdk.i586.rpm
 1232f43b5272369f1c11ed6c4c173091  
corporate/3.0/RPMS/clamd-0.81-0.3.C30mdk.i586.rpm
 05d298da13d32180fcc1c20344b5b8d1  
corporate/3.0/RPMS/libclamav1-0.81-0.3.C30mdk.i586.rpm
 f7035cc164562e19743d7be91d6d1a43  
corporate/3.0/RPMS/libclamav1-devel-0.81-0.3.C30mdk.i586.rpm
 86bc352ab413fa6232a997d57adf1d1d  
corporate/3.0/SRPMS/clamav-0.81-0.3.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 934b40e521ea1419a9ff4d886feddbf7  
x86_64/corporate/3.0/RPMS/clamav-0.81-0.3.C30mdk.x86_64.rpm
 3e133b0bbe1135ef2e3e8092b1a2b499  
x86_64/corporate/3.0/RPMS/clamav-db-0.81-0.3.C30mdk.x86_64.rpm
 c8a51fa7450234d845e5b278b13e1eb7  
x86_64/corporate/3.0/RPMS/clamav-milter-0.81-0.3.C30mdk.x86_64.rpm
 dc4500f7c4b0bf29d8cb9ca41688965c  
x86_64/corporate/3.0/RPMS/clamd-0.81-0.3.C30mdk.x86_64.rpm
 d1e99a1f9accbfc1702c0c3dc1a8dd4c  
x86_64/corporate/3.0/RPMS/lib64clamav1-0.81-0.3.C30mdk.x86_64.rpm
 050a0ee0bf1511f62e59b2f42893c580  
x86_64/corporate/3.0/RPMS/lib64clamav1-devel-0.81-0.3.C30mdk.x86_64.rpm
 86bc352ab413fa6232a997d57adf1d1d  
x86_64/corporate/3.0/SRPMS/clamav-0.81-0.3.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC0yj4mqjQ0CJFipgRAsQJAJ48ZmIrft5xWvKAPpTW9s4nQosTdACgxCvo
WE7YDPVHivWiOHBM/N9SI4Q=
=zQDg
-----END PGP SIGNATURE-----