MDKSA-2005:113 - Updated clamav packages fix vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Update Advisory
_______________________________________________________________________
Package name: clamav
Advisory ID: MDKSA-2005:113
Date: July 11th, 2005
Affected versions: 10.1, 10.2, Corporate 3.0
______________________________________________________________________
Problem Description:
Andrew Toller and Stefan Kanthak discovered that a flaw in libmspack's
Quantum archive decompressor renders Clam AntiVirus vulnerable to a
Denial of Service attack.
The updated packages have been patched to correct the problem.
_______________________________________________________________________
References:
http://sourceforge.net/project/shownotes.php?release_id=337279
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.1:
d1a61855ca50e53018e5c65ef380d8dd 10.1/RPMS/clamav-0.81-0.3.101mdk.i586.rpm
4a73d4428b1c8288192e1880882114f1 10.1/RPMS/clamav-db-0.81-0.3.101mdk.i586.rpm
ead89b02938223716b68ce51047fd193
10.1/RPMS/clamav-milter-0.81-0.3.101mdk.i586.rpm
69ab5c876524188f382cb7649949ebcf 10.1/RPMS/clamd-0.81-0.3.101mdk.i586.rpm
f682ad9ceaab4b22deacce071f685dd7 10.1/RPMS/libclamav1-0.81-0.3.101mdk.i586.rpm
f74afc4b092506d942bc1c33e978143a
10.1/RPMS/libclamav1-devel-0.81-0.3.101mdk.i586.rpm
5427d070911966721a7a74e43d5115d1 10.1/SRPMS/clamav-0.81-0.3.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
cef11c2c75f3d931e2fef9018895e410
x86_64/10.1/RPMS/clamav-0.81-0.3.101mdk.x86_64.rpm
097aa32fc592727a5355872a91f2e53e
x86_64/10.1/RPMS/clamav-db-0.81-0.3.101mdk.x86_64.rpm
e205ca0a534f2ca20afee6c311c927f2
x86_64/10.1/RPMS/clamav-milter-0.81-0.3.101mdk.x86_64.rpm
dd5e7b49cc8b442b3ce9285b3b065217
x86_64/10.1/RPMS/clamd-0.81-0.3.101mdk.x86_64.rpm
1c5d18841912089a2c0788103c81fd47
x86_64/10.1/RPMS/lib64clamav1-0.81-0.3.101mdk.x86_64.rpm
b4ed80c808515aa78c5b64a90badc208
x86_64/10.1/RPMS/lib64clamav1-devel-0.81-0.3.101mdk.x86_64.rpm
5427d070911966721a7a74e43d5115d1
x86_64/10.1/SRPMS/clamav-0.81-0.3.101mdk.src.rpm
Mandrakelinux 10.2:
40ebaed7490c8c4609d175898a4524a5 10.2/RPMS/clamav-0.83-6.1.102mdk.i586.rpm
ecba8225d04b3d56b367cd12d1b18041 10.2/RPMS/clamav-db-0.83-6.1.102mdk.i586.rpm
4c3f83da2c21d5b438fa87c2fc9c2510
10.2/RPMS/clamav-milter-0.83-6.1.102mdk.i586.rpm
9af96c3025518c85b71382ade35b34c2 10.2/RPMS/clamd-0.83-6.1.102mdk.i586.rpm
617a8776560de95a5feebdb18beb2f74 10.2/RPMS/libclamav1-0.83-6.1.102mdk.i586.rpm
bb629f7ef414de49be3bf2fff4fdd949
10.2/RPMS/libclamav1-devel-0.83-6.1.102mdk.i586.rpm
c1aa9d888990112d8db675a67d65d612 10.2/SRPMS/clamav-0.83-6.1.102mdk.src.rpm
Mandrakelinux 10.2/X86_64:
73b4b991f4b44ff648f4f9730608988c
x86_64/10.2/RPMS/clamav-0.83-6.1.102mdk.x86_64.rpm
78da41faaaf4a67ecebb2155d20681b8
x86_64/10.2/RPMS/clamav-db-0.83-6.1.102mdk.x86_64.rpm
104687d7dcd6258e5737e90c6814a0c0
x86_64/10.2/RPMS/clamav-milter-0.83-6.1.102mdk.x86_64.rpm
afc85c501b6a9aed7f967ed35f2e4540
x86_64/10.2/RPMS/clamd-0.83-6.1.102mdk.x86_64.rpm
9f831708f8a44ccba75bd0cafc926e0d
x86_64/10.2/RPMS/lib64clamav1-0.83-6.1.102mdk.x86_64.rpm
f76da72a62e0d94451c5bcfdd4a5ff56
x86_64/10.2/RPMS/lib64clamav1-devel-0.83-6.1.102mdk.x86_64.rpm
c1aa9d888990112d8db675a67d65d612
x86_64/10.2/SRPMS/clamav-0.83-6.1.102mdk.src.rpm
Corporate 3.0:
154457f3913dc4bfcd349e8d7f3d9ed1
corporate/3.0/RPMS/clamav-0.81-0.3.C30mdk.i586.rpm
aa6d83e73d03464aee591658721017db
corporate/3.0/RPMS/clamav-db-0.81-0.3.C30mdk.i586.rpm
79ffb7195506c5b0914e10dda8eac35a
corporate/3.0/RPMS/clamav-milter-0.81-0.3.C30mdk.i586.rpm
1232f43b5272369f1c11ed6c4c173091
corporate/3.0/RPMS/clamd-0.81-0.3.C30mdk.i586.rpm
05d298da13d32180fcc1c20344b5b8d1
corporate/3.0/RPMS/libclamav1-0.81-0.3.C30mdk.i586.rpm
f7035cc164562e19743d7be91d6d1a43
corporate/3.0/RPMS/libclamav1-devel-0.81-0.3.C30mdk.i586.rpm
86bc352ab413fa6232a997d57adf1d1d
corporate/3.0/SRPMS/clamav-0.81-0.3.C30mdk.src.rpm
Corporate 3.0/X86_64:
934b40e521ea1419a9ff4d886feddbf7
x86_64/corporate/3.0/RPMS/clamav-0.81-0.3.C30mdk.x86_64.rpm
3e133b0bbe1135ef2e3e8092b1a2b499
x86_64/corporate/3.0/RPMS/clamav-db-0.81-0.3.C30mdk.x86_64.rpm
c8a51fa7450234d845e5b278b13e1eb7
x86_64/corporate/3.0/RPMS/clamav-milter-0.81-0.3.C30mdk.x86_64.rpm
dc4500f7c4b0bf29d8cb9ca41688965c
x86_64/corporate/3.0/RPMS/clamd-0.81-0.3.C30mdk.x86_64.rpm
d1e99a1f9accbfc1702c0c3dc1a8dd4c
x86_64/corporate/3.0/RPMS/lib64clamav1-0.81-0.3.C30mdk.x86_64.rpm
050a0ee0bf1511f62e59b2f42893c580
x86_64/corporate/3.0/RPMS/lib64clamav1-devel-0.81-0.3.C30mdk.x86_64.rpm
86bc352ab413fa6232a997d57adf1d1d
x86_64/corporate/3.0/SRPMS/clamav-0.81-0.3.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFC0yj4mqjQ0CJFipgRAsQJAJ48ZmIrft5xWvKAPpTW9s4nQosTdACgxCvo
WE7YDPVHivWiOHBM/N9SI4Q=
=zQDg
-----END PGP SIGNATURE-----