-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:082 http://www.mandriva.com/security/ _______________________________________________________________________ Package : clamav Date : April 18, 2010 Affected: 2008.0, Corporate 4.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been found and corrected in clamav: ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities (CVE-2010-0098). The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information (CVE-2010-1311). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update provides clamav 0.96, which is not vulnerable to these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0098 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1311 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 725bf0c38497087b9a3be4a8773c8cd0 2008.0/i586/clamav-0.96-0.1mdv2008.0.i586.rpm 147dc79976707ed0787f15dfc5f84f77 2008.0/i586/clamav-db-0.96-0.1mdv2008.0.i586.rpm 63c6b37df8ca4b6d3ca17ad858f622bb 2008.0/i586/clamav-milter-0.96-0.1mdv2008.0.i586.rpm b464991a0ea73562a076183a1b889d1b 2008.0/i586/clamd-0.96-0.1mdv2008.0.i586.rpm c862f6c48325f5d9c9811d9654ef6286 2008.0/i586/libclamav6-0.96-0.1mdv2008.0.i586.rpm 1345629ca340e35ae02586db29cb0df9 2008.0/i586/libclamav-devel-0.96-0.1mdv2008.0.i586.rpm a7a379222d25afc907959dab9f0c1160 2008.0/SRPMS/clamav-0.96-0.1mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: a2294c5b9a7342c9a18be68e206e8127 2008.0/x86_64/clamav-0.96-0.1mdv2008.0.x86_64.rpm e56be5cf84c280c8d9a5ae772e069623 2008.0/x86_64/clamav-db-0.96-0.1mdv2008.0.x86_64.rpm 46ccfda86d7329ec84b4425158ce0798 2008.0/x86_64/clamav-milter-0.96-0.1mdv2008.0.x86_64.rpm 14f7a2a98a648ec77cc851f449f4d529 2008.0/x86_64/clamd-0.96-0.1mdv2008.0.x86_64.rpm f6ef52a7fc104cd163bc57229f4ce608 2008.0/x86_64/lib64clamav6-0.96-0.1mdv2008.0.x86_64.rpm a86f2486280a9593973ca00e72160421 2008.0/x86_64/lib64clamav-devel-0.96-0.1mdv2008.0.x86_64.rpm a7a379222d25afc907959dab9f0c1160 2008.0/SRPMS/clamav-0.96-0.1mdv2008.0.src.rpm Corporate 4.0: 37a73e705ddd3464013e35abc0422b2f corporate/4.0/i586/clamav-0.96-0.1.20060mlcs4.i586.rpm 4867fd02902c7e67cff8c635c069f193 corporate/4.0/i586/clamav-db-0.96-0.1.20060mlcs4.i586.rpm e0044dabbfb5b614e4e7f33dc005b9c3 corporate/4.0/i586/clamav-milter-0.96-0.1.20060mlcs4.i586.rpm 0d8b5a9c7b43bff63d205c17ae0edfdd corporate/4.0/i586/clamd-0.96-0.1.20060mlcs4.i586.rpm 216a2677193408bd94e074ed6dd041e3 corporate/4.0/i586/libclamav6-0.96-0.1.20060mlcs4.i586.rpm 126203939bdaf3a6f4539e43d3bb38b0 corporate/4.0/i586/libclamav-devel-0.96-0.1.20060mlcs4.i586.rpm da03bea8d9ee43b6a26161f915e2dcf9 corporate/4.0/SRPMS/clamav-0.96-0.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: 89a192c1ea1cdc678db652dc42df691e corporate/4.0/x86_64/clamav-0.96-0.1.20060mlcs4.x86_64.rpm 1ab9901f75ba6367905365097689c4ed corporate/4.0/x86_64/clamav-db-0.96-0.1.20060mlcs4.x86_64.rpm 5fed440379b8b58c54f6963dabe78c52 corporate/4.0/x86_64/clamav-milter-0.96-0.1.20060mlcs4.x86_64.rpm 56c4c66f35fdf0b19fd98f722a039fb8 corporate/4.0/x86_64/clamd-0.96-0.1.20060mlcs4.x86_64.rpm 1145efa3ed5032ec72228461a1d2127b corporate/4.0/x86_64/lib64clamav6-0.96-0.1.20060mlcs4.x86_64.rpm a9d60021af0aa48ea051612d1a5a77d9 corporate/4.0/x86_64/lib64clamav-devel-0.96-0.1.20060mlcs4.x86_64.rpm da03bea8d9ee43b6a26161f915e2dcf9 corporate/4.0/SRPMS/clamav-0.96-0.1.20060mlcs4.src.rpm Mandriva Enterprise Server 5: 90e36dd55953ef2ec7d474a9fe884803 mes5/i586/clamav-0.96-0.1mdvmes5.1.i586.rpm 08007813bf57f6822a0b12076ccc7927 mes5/i586/clamav-db-0.96-0.1mdvmes5.1.i586.rpm 869146c059841f726e777402adf57024 mes5/i586/clamav-milter-0.96-0.1mdvmes5.1.i586.rpm f03e3941b56ac9c669de43fa35f2e866 mes5/i586/clamd-0.96-0.1mdvmes5.1.i586.rpm d22d4a4de191942a0e66980ce9b91b85 mes5/i586/libclamav6-0.96-0.1mdvmes5.1.i586.rpm 868e1684a7e3f53876bc91ac74b6cf8f mes5/i586/libclamav-devel-0.96-0.1mdvmes5.1.i586.rpm 39710975d4a682f07f4b35a62df09daa mes5/SRPMS/clamav-0.96-0.1mdvmes5.1.src.rpm Mandriva Enterprise Server 5/X86_64: b111e1d0a7a2c7f86e4fc51ae840d7de mes5/x86_64/clamav-0.96-0.1mdvmes5.1.x86_64.rpm 30c4f7bcaff541af1c9bf1d2d4633a2b mes5/x86_64/clamav-db-0.96-0.1mdvmes5.1.x86_64.rpm 01bb253f6328f9473ffc0a167ca44a92 mes5/x86_64/clamav-milter-0.96-0.1mdvmes5.1.x86_64.rpm d26b87fc3c7ea573f3ee7025ddfc4fbf mes5/x86_64/clamd-0.96-0.1mdvmes5.1.x86_64.rpm 486540ac41165845305c9058eb1e5f4c mes5/x86_64/lib64clamav6-0.96-0.1mdvmes5.1.x86_64.rpm ebf62cb3bd329dce86c9e3fe5a5591b9 mes5/x86_64/lib64clamav-devel-0.96-0.1mdvmes5.1.x86_64.rpm 39710975d4a682f07f4b35a62df09daa mes5/SRPMS/clamav-0.96-0.1mdvmes5.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLyxhJmqjQ0CJFipgRAgn6AJ9EBfSgQlL2VGQ1vjVvQxn3++NuPACfWTf3 cfAYkmXPiM1u9cZRnaSV3zE= =+P0P -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/