LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Mageia alert MGASA-2012-0144 (clamav)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2012-0144: clamav-0.97.5-1.mga (1, 2/core) 


Date:
    	      Mon, 9 Jul 2012 17:27:18 +0200


Message-ID:
    	      <20120709152718.GA1214@valstar.mageia.org>


Archive-link:
    	      Article, Thread
              


MGASA-2012-0144
Date: 	July 9th, 2012
Affected releases: 	1, 2


Description:
Updated clamav packages fix security vulnerabilities:

The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass
malware detection via a TAR archive entry with a length field that
exceeds the total TAR file size. NOTE: this may later be SPLIT into
multiple CVEs if additional information is published showing that the
error occurred independently in different TAR parser implementations
(CVE-2012-1457).

The Microsoft CHM file parser in ClamAV 0.96.4 allows remote attackers
to bypass malware detection via a crafted reset interval in the LZXC
header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs
if additional information is published showing that the error occurred
independently in different CHM parser implementations (CVE-2012-1458).

The TAR file parser in ClamAV 0.96.4 allows remote attackers to
bypass malware detection via a TAR archive entry with a length field
corresponding to that entire entry, plus part of the header of the
next entry. NOTE: this may later be SPLIT into multiple CVEs if
additional information is published showing that the error occurred
independently in different TAR parser implementations (CVE-2012-1459).

This update upgrades clamav to the latest version (0.97.5), which
resolves these security issues as well as some other bugs.


Updated Packages:
Mageia 1:
clamav-0.97.5-1.mga1
clamd-0.97.5-1.mga1
clamav-milter-0.97.5-1.mga1
clamav-db-0.97.5-1.mga1
lib(64)clamav6-0.97.5-1.mga1
lib(64)clamav-devel-0.97.5-1.mga1

Mageia 2:
clamav-0.97.5-1.mga2
clamd-0.97.5-1.mga2
clamav-milter-0.97.5-1.mga2
clamav-db-0.97.5-1.mga2
lib(64)clamav6-0.97.5-1.mga2
lib(64)clamav-devel-0.97.5-1.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1459
http://blog.clamav.net/2012/06/clamav-0975-has-been-relea...
http://www.mandriva.com/en/support/security/advisories/?d...
https://bugs.mageia.org/show_bug.cgi?id=6491
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds