[Bug 302070] New: ClamAV 0.91.2
https://bugzilla.novell.com/show_bug.cgi?id=302070#c611 Summary: ClamAV 0.91.2 Product: openSUSE 10.2 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: max@novell.com ReportedBy: max@novell.com QAContact: qa@suse.de CC: security-team@suse.de Found By: Development * Bugfixes and changes since 0.91.1: - libclamav/rtf.c: fix possible NULL dereference (bb#611) - libclamav/ole2_extract.c: properly initialise hdr.max_block_no (bb#603) - libclamav/htmlnorm.c: fix possible NULL dereference (bb#582), thanks to Stefanos Stamatis - libclamav/htmlnorm.c: fix call to tolower() (bb#580) - libclamav/filetypes.c: some embedded PEs were not being detected - clamav-milter: Fix compilation error on NetBSD2.0 - clamav-milter: Black-hole-mode no longer needs to be run as root - libclamav/pdf.c: Bug 618, --block-max not always honoured - libclamav/phishcheck.c, regex_list.c, phish_whitelist.c: make debug output look better (patch from Sven) - libclamav/phishcheck.c: Don't report phishing on broken urls containing '>' in the hostname. (bb #619) - libclamav, sigtool: add support for PUA databases (.hdu, .mdu, .ndu), requested by Christoph - clamscan: add --detect-pua - clamd, clamd.conf: add DetectPUA - freshclam/mirman.c: properly handle mirror access times (bb#606, only outdated installations - three versions behind the latest one were affected by this problem), Reported by David F. Skoll <dfs*roaringpenguin.com> - clamav-milter: Bug 614 - libclamav/pdf.c: Bug 608 - clamav-milter: SPF checking no longer experimental - libclamav/phishcheck.c: workaround Solaris problem with regexec() [bb #598] - libclamav/matcher-ac.c: fix matching of patterns with prefixes and some other issues spotted by Glen <daineng*gmail.com> - clamav-milter/clamav-milter.c: Better use of res_init() - clamav-milter/clamav-milter.c: HP-UX doesn't have EX_CONFIG, reported by clam * ministry.se -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=302070#c1 Thomas Biege <thomas@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |thomas@novell.com --- Comment #1 from Thomas Biege <thomas@novell.com> 2007-08-21 04:30:21 MST --- MaintenanceTracker-12604 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=302070 Thomas Biege <thomas@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |thomas@novell.com Summary|ClamAV 0.91.2 |VUL-0: ClamAV 0.91.2 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=302070#c2 Reinhard Max <max@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mhoppe@novell.com, max@novell.com AssignedTo|max@novell.com |security-team@suse.de --- Comment #2 from Reinhard Max <max@novell.com> 2007-08-21 11:44:20 MST --- Submitted packages to SLES9, 10.0, 10.1, SLES10, 10.2, and STABLE. mbuild packages are available on ftp://ftp.suse.com/pub/projects/clamav -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=302070#c3 Thomas Biege <thomas@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC|thomas@novell.com | AssignedTo|security-team@suse.de |kde-maintainers@suse.de --- Comment #3 from Thomas Biege <thomas@novell.com> 2007-08-22 02:02:26 MST --- Hello KDE-Maintainers, does this update affect klamav? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=302070 Thomas Biege <thomas@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |thomas@novell.com Status Whiteboard| |patchinfos submitted (clamav) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=302070#c4 Dirk Mueller <dmueller@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dmueller@novell.com --- Comment #4 from Dirk Mueller <dmueller@novell.com> 2007-08-22 04:06:52 MST --- it contains a deep copy of clamav, so yes. I'll try figuring out if that is necessary. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=302070#c5 --- Comment #5 from Reinhard Max <max@novell.com> 2007-08-22 04:19:07 MST --- (In reply to comment #4 from Dirk Mueller)
it contains a deep copy of clamav,
According to the README file inside the klamav tarball they stopped including a copy of clamav more than three years ago. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=302070#c6 --- Comment #6 from Dirk Mueller <dmueller@novell.com> 2007-08-22 04:54:00 MST --- thats nice if the README says it, I'm looking at the code. I'm just checking if it can be removed -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=302070#c7 --- Comment #7 from Reinhard Max <max@novell.com> 2007-08-22 06:00:22 MST --- Ah - klamd contains some code that was copied over from clamd, but the scanning engine itself is dynamically linked in from libclamav and does not seem to be contained in the klamav tarball. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=302070#c8 Dirk Mueller <dmueller@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|kde-maintainers@suse.de |security-team@suse.de --- Comment #8 from Dirk Mueller <dmueller@novell.com> 2007-08-22 06:26:00 MST --- it uses klamscan/klamd if available. I've submitted a new package. please include it. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=302070 Thomas Biege <thomas@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|patchinfos submitted (clamav) |patchinfos submitted -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=302070#c9 Thomas Biege <thomas@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #9 from Thomas Biege <thomas@novell.com> 2007-08-30 00:20:56 MST --- packages released -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=302070#c10 --- Comment #10 from Marcus Meissner <meissner@novell.com> 2007-08-31 05:40:07 MST --- I think those two apply. CVE-2007-4560 clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail." CVE-2007-4510 ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a crafted HTML document with a data: URI, which triggers a NULL dereference in the cli_html_normalise function in libclamav/htmlnorm.c. NOTE: some of these details are obtained from third party information. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com