Pop-Up Thingie
Sidebar
>>> Magnum BBS <<<
Home
Forum
Files
Dark
Log in
Username
Password
Sidebar
Forum
Usenet
LINUX.DEBIAN.ANNOUNCE.SEC
[SECURITY] [DSA 1660-1] New clamav packages fix denial of service (1/3)
From
Florian Weimer
@1:229/2 to
All
on Sun Oct 26 15:10:12 2008
From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------ Debian Security Advisory DSA-1660-1
[email protected]
http://www.debian.org/security/
Florian Weimer October 26, 2008
http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : clamav
Vulnerability : null pointer derefence, resource exhaustation
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2008-3912, CVE-2008-3913, CVE-2008-3914
Several denial-of-service vulnerabilities have been discovered in
the ClamAV anti-virus toolkit:
Insufficient checking for out-of-memory conditions results in null
pointer derefences (CVE-2008-3912).
Incorrect error handling logic leads to memory leaks (CVE-2008-3913)
and file descriptor leaks (CVE-2008-3914).
For the stable distribution (etch), these problems have been fixed in
version 0.90.1dfsg-4etch15.
For the unstable distribution (sid) and the testing distribution
(lenny), these problems have been fixed in version 0.94.dfsg-1.
We recommend that you upgrade your clamav package.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Source archives:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15.diff.gz
Size/MD5 checksum: 211673 f32684dc7b5c10438ed72ed8c522ced8
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg.orig.tar.gz
Size/MD5 checksum: 11610428 6dc18602b0aa653924d47316f9411e49
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15.dsc
Size/MD5 checksum: 900 5c1aca2a402b405e027e79c7d9fdde39
Architecture independent packages:
http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.90.1dfsg-4etch15_all.deb
Size/MD5 checksum: 1005428 058124325863f5c4d6009547b81d3d10
http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.90.1dfsg-4etch15_all.deb
Size/MD5 checksum: 202184 24e50f137412d6432f489f0c0bccefa2
http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.90.1dfsg-4etch15_all.deb
Size/MD5 checksum: 158456 ee5378f52517374ecc6d45d0954a8da8
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-4etch15_alpha.deb
Size/MD5 checksum: 372930 f51ff2874a06cf834e586ffd629935a4
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-4etch15_alpha.deb
Size/MD5 checksum: 182734 5c0db34ae38a22c21513210c00c3c69b
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-4etch15_alpha.deb
Size/MD5 checksum: 465258 e5745dfa0c5a1b59e19fcce6743b8ea6
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-4etch15_alpha.deb
Size/MD5 checksum: 9305242 c8970fe72c484513f6b405b5bbc2107f
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15_alpha.deb
Size/MD5 checksum: 862312 196a2f722ea12a073ab81ca361a4c8a4
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-4etch15_alpha.deb
Size/MD5 checksum: 597822 f183a3e677f0eda5196f32e164c74bcd
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-4etch15_alpha.deb
Size/MD5 checksum: 180882 91a8a71ea5822c9bb74907d1c273c6a8
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-4etch15_amd64.deb
Size/MD5 checksum: 341716 cf6f3fa99270adead786b673311f8d61
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-4etch15_amd64.deb
Size/MD5 checksum: 9301976 2876b674f6cea7d15c5157e2de2328ee
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-4etch15_amd64.deb
Size/MD5 checksum: 355170 de088b17a337d686b4621770fe4f9857
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15_amd64.deb
Size/MD5 checksum: 856710 666d145be4f30dff32fa4ea4a7baf3cf
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-4etch15_amd64.deb
Size/MD5 checksum: 593892 f998497019eda5c09b4b9d72b28a20cd
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-4etch15_amd64.deb
Size/MD5 checksum: 177632 012e805063b0f0d0add72b3b7e31bc27
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-4etch15_amd64.deb
Size/MD5 checksum: 178214 9cb0fd2d134382ab68377ea080354c39
arm architecture (ARM)
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-4etch15_arm.deb
Size/MD5 checksum: 175958 61f2238a6151d710f61898a69a7f17dd
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-4etch15_arm.deb
Size/MD5 checksum: 554314 eeca09ab4e6114c1647f58e056bbbe88
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-4etch15_arm.deb
Size/MD5 checksum: 335754 a4455a0a045e44d7fe4e78e3138f9839
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-4etch15_arm.deb
Size/MD5 checksum: 336508 7381b097f4239890fd7ecf3604b18a7b
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15_arm.deb
Size/MD5 checksum: 853888 cc8eb16ceef93c5dc7a344c31b76a1c4
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-4etch15_arm.deb
Size/MD5 checksum: 9299654 079be0e85b9488a6c1a79e47fa473697
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-4etch15_arm.deb
Size/MD5 checksum: 171826 4caa4c8de5d905072458b20c47fe6cf7
hppa architecture (HP PA RISC)
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
Who's Online
Recent Visitors
Furryboy
Sun Jun 7 13:40:29 2026
from
Romania, Galati
via
SSH
Krenn
Sun Jun 7 10:02:33 2026
from
Sydney, Nsw
via
Telnet
Spearb0y
Sun Jun 7 07:41:05 2026
from
Massachusetts
via
SSH
Krenn
Sun Jun 7 03:07:26 2026
from
Sydney, Nsw
via
Telnet
Krenn
Sun Jun 7 01:30:12 2026
from
Sydney, Nsw
via
Telnet
Centurion
Sat Jun 6 23:27:30 2026
from
Berea, Ohio
via
Telnet
Ab Cadd
Sat Jun 6 15:42:53 2026
from
Sheboygan, Wi
via
Telnet
Centurion
Sat Jun 6 15:32:28 2026
from
Berea, Ohio
via
Telnet
System Info
Sysop:
Keyop
Location:
Huddersfield, West Yorkshire, UK
Users:
715
Nodes:
16 (
0
/
16
)
Uptime:
168:48:16
Calls:
12,097
Calls today:
5
Files:
15,003
Messages:
6,517,823