Content-Disposition: inline ==========================================================================Ubuntu Security Notice USN-2488-2 February 12, 2015 clamav vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.04 LTS Summary: ClamAV could be made to crash or run programs if it processed a specially crafted file. Software Description: - clamav: Anti-virus utility for Unix Details: USN-2488-1 fixed a vulnerability in ClamAV for Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. This update provides the corresponding update for Ubuntu 10.04 LTS. Original advisory details: Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled certain upack packer files. An attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.04 LTS: clamav 0.98.6+dfsg-0ubuntu0.10.04.1 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2488-2 http://www.ubuntu.com/usn/usn-2488-1 CVE-2013-6497, CVE-2014-9328 Package Information: https://launchpad.net/ubuntu/+source/clamav/0.98.6+dfsg-0ubuntu0.10.04.1