AW: [suse-security] ClamAv 0.80 -> 0.81?
hello andrew, hello list, scott leighton asked that 6 hours ago ;) [suse-security] Recent Clamav Security Update for 9.1 & 9.2 zlib 1.2.2 is needed for the update (i compile clamav from source). anyone knows if there is a zlib 1.2.2 rpm for suse 9.2 ? didnt find a file at suse-ftp´s and rpm-find and the 1.2.1 got a old security hole. greetings andy
-----Ursprüngliche Nachricht----- Von: Andrew [mailto:andrew2005@ledge.co.za] Gesendet: Dienstag, 1. Februar 2005 09:54 An: suse-security@suse.com Betreff: [suse-security] ClamAv 0.80 -> 0.81?
Hello list
I read that Mandrake has issued a security notice for ClamAV - handling of base64 embedded images and zip Denial of service. Is SuSE going to have a similar update? (And if not, is there a recommendation on updating by some other means.)
ClamAV's freshclam is complaining about being out of date - presumably because of these reasons.
susesvr:~ # online_update -V Types of patches to be installed: security recommended patchlevel Server URL: ftp://ftp.gwdg.de/pub/linux/suse/ftp.suse.com/suse Server Name: Germany: GWD Göttingen (ftp) Directory File: Path 0: ./i386/update/9.1/patches No patches have been installed.
susesvr:~ # freshclam ClamAV update process started at Tue Feb 1 10:51:18 2005 WARNING: Your ClamAV installation is OUTDATED - please update immediately! WARNING: Local version: 0.80 Recommended version: 0.81 main.cvd is up to date (version: 29, sigs: 29086, f-level: 3, builder: tomek) daily.cvd is up to date (version: 694, sigs: 979, f-level: 4, builder: ccordes) WARNING: Your ClamAV installation is OUTDATED - please update immediately! WARNING: Current functionality level = 3, required = 4
susesvr:~ # cat /etc/*release SuSE Linux 9.1 (i586) VERSION = 9.1
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Dörfler Andreas wrote:
scott leighton asked that 6 hours ago ;) [suse-security] Recent Clamav Security Update for 9.1 & 9.2
zlib 1.2.2 is needed for the update (i compile clamav from source). anyone knows if there is a zlib 1.2.2 rpm for suse 9.2 ? didnt find a file at suse-ftp´s and rpm-find and the 1.2.1 got a old security hole.
You can disable the warning. The 1.2.1 version we shipped already contains a patch against that bug. Only checking the version of a package is the wrong way to determine whether it's vulnerable. cu Ludwig -- (o_ Ludwig Nussel //\ SUSE LINUX Products GmbH, Development V_/_ http://www.suse.de/
participants (2)
-
Dörfler Andreas
-
Ludwig Nussel