[Bug 553266] [NEW] Update for clamav security fixes from 0.96 release

Scott Kitterman ubuntu at kitterman.com
Thu Apr 1 13:59:34 BST 2010 

*** This bug is a security vulnerability ***

Public security bug reported:

Binary package hint: clamav

http://git.clamav.net/gitweb?p=clamav-devel.git;a=log

* libclamav/mspack.c: improve unpacking of malformed cabinets (bb#1826)
(158c35e81a25ea5fda55a2a7f62ea9fec2e883d9) and * libclamav/mspack.c: fix
Quantum decompressor (bb#1771)
(224fee54dd6cd8933d7007331ec2bfca0398d4b4) are security fixes in 0.96.
Also need to update FLEVEL, see
31b77b3fb589ab07e7b4d84f8b3825178864ee51.

** Affects: clamav (Ubuntu)
     Importance: Undecided
         Status: Confirmed

** Affects: clamav (Ubuntu Lucid)
     Importance: Undecided
         Status: Confirmed

** Affects: clamav (Ubuntu Dapper)
     Importance: Undecided
         Status: Confirmed

** Affects: clamav (Ubuntu Hardy)
     Importance: Undecided
         Status: Confirmed

** Affects: clamav (Ubuntu Intrepid)
     Importance: Undecided
         Status: New

** Affects: clamav (Ubuntu Jaunty)
     Importance: Undecided
         Status: Confirmed

** Affects: clamav (Ubuntu Karmic)
     Importance: Undecided
         Status: Confirmed

** Also affects: clamav (Ubuntu Hardy)
   Importance: Undecided
       Status: New

** Also affects: clamav (Ubuntu Dapper)
   Importance: Undecided
       Status: New

** Also affects: clamav (Ubuntu Intrepid)
   Importance: Undecided
       Status: New

** Also affects: clamav (Ubuntu Jaunty)
   Importance: Undecided
       Status: New

** Also affects: clamav (Ubuntu Karmic)
   Importance: Undecided
       Status: New

** Also affects: clamav (Ubuntu Lucid)
   Importance: Undecided
       Status: New

** Changed in: clamav (Ubuntu Dapper)
       Status: New => Confirmed

** Changed in: clamav (Ubuntu Hardy)
       Status: New => Confirmed

** Changed in: clamav (Ubuntu Jaunty)
       Status: New => Confirmed

** Changed in: clamav (Ubuntu Lucid)
       Status: New => Confirmed

** Changed in: clamav (Ubuntu Karmic)
       Status: New => Confirmed

** Changed in: clamav (Ubuntu Lucid)
    Milestone: None => ubuntu-10.04

** This bug has been flagged as a security vulnerability

-- 
Update for clamav security fixes from 0.96 release
https://bugs.launchpad.net/bugs/553266
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to clamav in ubuntu.

More information about the Ubuntu-server-bugs mailing list