Nom du paquet
clamav
Date
2010-05-27
Advisory ID
MDVSA-2010:110
Affected versions
2009.0 x86_64 , MES5 i586 , 2009.0 i586 , CS4.0 i586 , 2008.0 x86_64 , CS4.0 x86_64 , 2008.0 i586 , MES5 x86_64

Problem description

Multiple vulnerabilities was discovered and fixed in clamav:

The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows
remote attackers to cause a denial of service (crash) via a malformed
PDF file, related to an inconsistency in the calculated stream length
and the real stream length (CVE-2010-1639).

Off-by-one error in the parseicon function in libclamav/pe_icons.c
in ClamAV 0.96 allows remote attackers to cause a denial of service
(crash) via a crafted PE icon that triggers an out-of-bounds read,
related to improper rounding during scaling (CVE-2010-1640).

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

This update provides clamav 0.96.1 which is not vulnerable to these
issues.

Updated packages

2009.0 x86_64

 60f63c024a8f817dadffa0d89e21eb9f  2009.0/x86_64/clamav-0.96.1-0.1mdv2009.0.x86_64.rpm
 18f79b9b586bc80732dd10dbd2a6cc79  2009.0/x86_64/clamav-db-0.96.1-0.1mdv2009.0.x86_64.rpm
 a581fe3f1c8361fabaf3cb9f376d59cb  2009.0/x86_64/clamav-milter-0.96.1-0.1mdv2009.0.x86_64.rpm
 86a0d9f2a488e4da2fe6b53527b815e7  2009.0/x86_64/clamd-0.96.1-0.1mdv2009.0.x86_64.rpm
 7e9bad2cfe4809f985d9d908af327b8d  2009.0/x86_64/lib64clamav6-0.96.1-0.1mdv2009.0.x86_64.rpm
 d805cfe2b75d9a0fa2ffa0d31d7d27ec  2009.0/x86_64/lib64clamav-devel-0.96.1-0.1mdv2009.0.x86_64.rpm 
 d11af730b3a2c053ba1d6ec23fc564f0  2009.0/SRPMS/clamav-0.96.1-0.1mdv2009.0.src.rpm

MES5 i586

 6239df4cb3848f6d0e623ca388537808  mes5/i586/clamav-0.96.1-0.1mdvmes5.1.i586.rpm
 d5bdcebae3ce25c8314cd91729df1891  mes5/i586/clamav-db-0.96.1-0.1mdvmes5.1.i586.rpm
 32f0750aed27bd140bf5da065f1e1ebe  mes5/i586/clamav-milter-0.96.1-0.1mdvmes5.1.i586.rpm
 dd545fdb4cf27d717d589beb3787ff11  mes5/i586/clamd-0.96.1-0.1mdvmes5.1.i586.rpm
 8a191c540f7228a36a4301c0442e3a68  mes5/i586/libclamav6-0.96.1-0.1mdvmes5.1.i586.rpm
 f3b1106a99b6161553cf83812231cae5  mes5/i586/libclamav-devel-0.96.1-0.1mdvmes5.1.i586.rpm 
 bc8e69f99a4837cb5c7127604addaa74  mes5/SRPMS/clamav-0.96.1-0.1mdvmes5.1.src.rpm

2009.0 i586

 a8d05f37aa91c68aae2085ff732c702b  2009.0/i586/clamav-0.96.1-0.1mdv2009.0.i586.rpm
 5ec9f018d0041edb436550c89309171d  2009.0/i586/clamav-db-0.96.1-0.1mdv2009.0.i586.rpm
 99628e6c2a48857b8826602c697b16ab  2009.0/i586/clamav-milter-0.96.1-0.1mdv2009.0.i586.rpm
 0224610ee1b6329eff5c22d7f39578f0  2009.0/i586/clamd-0.96.1-0.1mdv2009.0.i586.rpm
 fca0b7af4f6bb22071c75baab07a35b1  2009.0/i586/libclamav6-0.96.1-0.1mdv2009.0.i586.rpm
 bdabf8cdc50a4c5685e6d260afe415b3  2009.0/i586/libclamav-devel-0.96.1-0.1mdv2009.0.i586.rpm 
 d11af730b3a2c053ba1d6ec23fc564f0  2009.0/SRPMS/clamav-0.96.1-0.1mdv2009.0.src.rpm

CS4.0 i586

 1f908bfa4cbe1232569026efcf034b12  corporate/4.0/i586/clamav-0.96.1-0.1.20060mlcs4.i586.rpm
 647ff93c4169583e606987983de6f938  corporate/4.0/i586/clamav-db-0.96.1-0.1.20060mlcs4.i586.rpm
 a1bd815b64388a6a04fd14f423970c70  corporate/4.0/i586/clamav-milter-0.96.1-0.1.20060mlcs4.i586.rpm
 fe0f9d33df3d9127161a8551dbb7e6c7  corporate/4.0/i586/clamd-0.96.1-0.1.20060mlcs4.i586.rpm
 2faa8d0b9553999d5b18314ce63bf06b  corporate/4.0/i586/libclamav6-0.96.1-0.1.20060mlcs4.i586.rpm
 e4728f4fa514d353279521d8ae782c0a  corporate/4.0/i586/libclamav-devel-0.96.1-0.1.20060mlcs4.i586.rpm 
 517ac78ca08fe3ccd80ccd0e160c4f02  corporate/4.0/SRPMS/clamav-0.96.1-0.1.20060mlcs4.src.rpm

2008.0 x86_64

 1082117001d058707bdfacc642498a2a  2008.0/x86_64/clamav-0.96.1-0.1mdv2008.0.x86_64.rpm
 21bd752b8b431e61c089ccf428d01d29  2008.0/x86_64/clamav-db-0.96.1-0.1mdv2008.0.x86_64.rpm
 2f83a0bb14fcefb8717f80964b173894  2008.0/x86_64/clamav-milter-0.96.1-0.1mdv2008.0.x86_64.rpm
 a873d1c7e555552e1c3d66b0515f83cb  2008.0/x86_64/clamd-0.96.1-0.1mdv2008.0.x86_64.rpm
 7646d23e108a6e14f8d4092415ac02b9  2008.0/x86_64/lib64clamav6-0.96.1-0.1mdv2008.0.x86_64.rpm
 658acc18cafe0edfa371ecbc014df8ae  2008.0/x86_64/lib64clamav-devel-0.96.1-0.1mdv2008.0.x86_64.rpm 
 ffbe6ca177a8b262e4c6fc0ca0f3669c  2008.0/SRPMS/clamav-0.96.1-0.1mdv2008.0.src.rpm

CS4.0 x86_64

 6848c1a8b646e217c290e4a557cf6a7d  corporate/4.0/x86_64/clamav-0.96.1-0.1.20060mlcs4.x86_64.rpm
 205ce302337f02c1ce74539f65d95901  corporate/4.0/x86_64/clamav-db-0.96.1-0.1.20060mlcs4.x86_64.rpm
 d788499888b228f17d34d707f99d399f  corporate/4.0/x86_64/clamav-milter-0.96.1-0.1.20060mlcs4.x86_64.rpm
 31f2d05f1fda805f2a95a68f0742e460  corporate/4.0/x86_64/clamd-0.96.1-0.1.20060mlcs4.x86_64.rpm
 e553aec47a2d26e41662593697b10ed9  corporate/4.0/x86_64/lib64clamav6-0.96.1-0.1.20060mlcs4.x86_64.rpm
 383fe32d703c2c99d7102dfa78061a06  corporate/4.0/x86_64/lib64clamav-devel-0.96.1-0.1.20060mlcs4.x86_64.rpm 
 517ac78ca08fe3ccd80ccd0e160c4f02  corporate/4.0/SRPMS/clamav-0.96.1-0.1.20060mlcs4.src.rpm

2008.0 i586

 befa2aace21d5723723bb3a93444fff6  2008.0/i586/clamav-0.96.1-0.1mdv2008.0.i586.rpm
 91de0b1b1d3717b02c5ec78f40b60068  2008.0/i586/clamav-db-0.96.1-0.1mdv2008.0.i586.rpm
 5e63fa6565cbfaa4cc4000f77524a181  2008.0/i586/clamav-milter-0.96.1-0.1mdv2008.0.i586.rpm
 58e46d78bf423fbb1ef84d6073fe1040  2008.0/i586/clamd-0.96.1-0.1mdv2008.0.i586.rpm
 f24eadf9d0a1b0a7c733568207743385  2008.0/i586/libclamav6-0.96.1-0.1mdv2008.0.i586.rpm
 3fee97d038854d35d18aee05054b6c0d  2008.0/i586/libclamav-devel-0.96.1-0.1mdv2008.0.i586.rpm 
 ffbe6ca177a8b262e4c6fc0ca0f3669c  2008.0/SRPMS/clamav-0.96.1-0.1mdv2008.0.src.rpm

MES5 x86_64

 0c4c0c12601d5539497cf25c429ce553  mes5/x86_64/clamav-0.96.1-0.1mdvmes5.1.x86_64.rpm
 6ea9c8f7d8383e9e5623eb2fd7b56d03  mes5/x86_64/clamav-db-0.96.1-0.1mdvmes5.1.x86_64.rpm
 ec4ef11b9a1cb4e89cd36d8aa8788071  mes5/x86_64/clamav-milter-0.96.1-0.1mdvmes5.1.x86_64.rpm
 6a5e85303ae96eb1123aabf4a72c1014  mes5/x86_64/clamd-0.96.1-0.1mdvmes5.1.x86_64.rpm
 8b070d1b989a43b0145614dff41881ae  mes5/x86_64/lib64clamav6-0.96.1-0.1mdvmes5.1.x86_64.rpm
 cbee60050896a187b449647fa7f4e330  mes5/x86_64/lib64clamav-devel-0.96.1-0.1mdvmes5.1.x86_64.rpm 
 bc8e69f99a4837cb5c7127604addaa74  mes5/SRPMS/clamav-0.96.1-0.1mdvmes5.1.src.rpm

References