Nom du paquet
clamav
Date
2007-08-31
Advisory ID
MDKSA-2007:172
Affected versions
CS4.0 x86_64 , 2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2007.1 x86_64

Problem description

A vulnerability in ClamAV was discovered that could allow remote
attackers to cause a denial of service via a crafted RTF file or a
crafted HTML document with a data: URI, both of which trigger a NULL
dereference (CVE-2007-4510).

A vulnerability in clamav-milter, when run in black hole mode,
could allow remote attackers to execute arbitrary commands via shell
metacharacters that are used in a certain popen call (CVE-2007-4560).

Other bugs have also been corrected in 0.91.2 which is being provided
with this update.

Updated packages

CS4.0 x86_64

 23813b996a2fde23ffb7d34c50464576  corporate/4.0/x86_64/clamav-0.91.2-0.1.20060mlcs4.x86_64.rpm
 9de86112dede4437ec8de4792602c697  corporate/4.0/x86_64/clamav-db-0.91.2-0.1.20060mlcs4.x86_64.rpm
 d7c4ca09b53acf38161206b9b0288f50  corporate/4.0/x86_64/clamav-milter-0.91.2-0.1.20060mlcs4.x86_64.rpm
 cc043effd109ea56c076ade68e642007  corporate/4.0/x86_64/clamd-0.91.2-0.1.20060mlcs4.x86_64.rpm
 d84d812febc122043602a7cbef4025f7  corporate/4.0/x86_64/clamdmon-0.91.2-0.1.20060mlcs4.x86_64.rpm
 7d64c08753f48cd26932b0a047a841c6  corporate/4.0/x86_64/lib64clamav-devel-0.91.2-0.1.20060mlcs4.x86_64.rpm
 4c33eb78a714a00844e918c18179ce27  corporate/4.0/x86_64/lib64clamav2-0.91.2-0.1.20060mlcs4.x86_64.rpm 
 e28ad7b384a7df0d3a457b9cab2e45a5  corporate/4.0/SRPMS/clamav-0.91.2-0.1.20060mlcs4.src.rpm

2007.0 x86_64

 0004b985905afd8cd892d8565d2c6f84  2007.0/x86_64/clamav-0.91.2-1.1mdv2007.0.x86_64.rpm
 604ef50bbb41cba7a46998a872cceb5e  2007.0/x86_64/clamav-db-0.91.2-1.1mdv2007.0.x86_64.rpm
 f451326de1cda70b72f78e799702a714  2007.0/x86_64/clamav-milter-0.91.2-1.1mdv2007.0.x86_64.rpm
 d459c0ce7eb70fa26f473130b9e2aca3  2007.0/x86_64/clamd-0.91.2-1.1mdv2007.0.x86_64.rpm
 7e407178e6b31b27f28ea86a9a812b7e  2007.0/x86_64/clamdmon-0.91.2-1.1mdv2007.0.x86_64.rpm
 194efc9b8d8f454a6d40aa02311550ad  2007.0/x86_64/lib64clamav-devel-0.91.2-1.1mdv2007.0.x86_64.rpm
 7302c856810696ee9d2da5436a26a5f2  2007.0/x86_64/lib64clamav2-0.91.2-1.1mdv2007.0.x86_64.rpm 
 46173382db18fa6776e0c11239d34727  2007.0/SRPMS/clamav-0.91.2-1.1mdv2007.0.src.rpm

2007.1 i586

 b314b45eda90a4fc914f980063b08f16  2007.1/i586/clamav-0.91.2-1.1mdv2007.1.i586.rpm
 8bbddc576a178213a167285e676f6367  2007.1/i586/clamav-db-0.91.2-1.1mdv2007.1.i586.rpm
 d5fc2163cf848f73a686299866bb8e12  2007.1/i586/clamav-milter-0.91.2-1.1mdv2007.1.i586.rpm
 0da0d4bdf458feb3a8f01e590603277d  2007.1/i586/clamd-0.91.2-1.1mdv2007.1.i586.rpm
 7048492d9a19e3e8805de3838e30efcd  2007.1/i586/clamdmon-0.91.2-1.1mdv2007.1.i586.rpm
 f1a6165d185c2bc8bacc1f6a3f6f0583  2007.1/i586/libclamav-devel-0.91.2-1.1mdv2007.1.i586.rpm
 82626c97b6c4d0ede2affb6dab4bbb20  2007.1/i586/libclamav2-0.91.2-1.1mdv2007.1.i586.rpm 
 1aa3e75e6fd71c98a85671f7073eef53  2007.1/SRPMS/clamav-0.91.2-1.1mdv2007.1.src.rpm

2007.0 i586

 9cc355cd4581c9e15aed5c059263f201  2007.0/i586/clamav-0.91.2-1.1mdv2007.0.i586.rpm
 cfcf00e1e77e0945c61fe88f9a47b6be  2007.0/i586/clamav-db-0.91.2-1.1mdv2007.0.i586.rpm
 c7a2df49aead6c11e6134ce35f2ff39c  2007.0/i586/clamav-milter-0.91.2-1.1mdv2007.0.i586.rpm
 f9ead23bd0d3b98b58687a02eafa3d18  2007.0/i586/clamd-0.91.2-1.1mdv2007.0.i586.rpm
 e39d94f73442dbb2e6bd0034bbc242df  2007.0/i586/clamdmon-0.91.2-1.1mdv2007.0.i586.rpm
 2c886e10cce4b366a2202c0374550d10  2007.0/i586/libclamav-devel-0.91.2-1.1mdv2007.0.i586.rpm
 4b1d3207bfc97d0e75d098e53d227fcf  2007.0/i586/libclamav2-0.91.2-1.1mdv2007.0.i586.rpm 
 46173382db18fa6776e0c11239d34727  2007.0/SRPMS/clamav-0.91.2-1.1mdv2007.0.src.rpm

CS3.0 x86_64

 8558b7b8084cd0b0c3d23c1289830947  corporate/3.0/x86_64/clamav-0.91.2-0.1.C30mdk.x86_64.rpm
 62376f79cde45931384e81f267205b54  corporate/3.0/x86_64/clamav-db-0.91.2-0.1.C30mdk.x86_64.rpm
 57d93dd2c249d800de1fa22324b4b688  corporate/3.0/x86_64/clamav-milter-0.91.2-0.1.C30mdk.x86_64.rpm
 5f7cc43fc89623177e3864194d86dd62  corporate/3.0/x86_64/clamd-0.91.2-0.1.C30mdk.x86_64.rpm
 dafb5a003f164d742bcfc2775b1a72ec  corporate/3.0/x86_64/clamdmon-0.91.2-0.1.C30mdk.x86_64.rpm
 29c3fc98485a4912179438b66be722dc  corporate/3.0/x86_64/lib64clamav-devel-0.91.2-0.1.C30mdk.x86_64.rpm
 4a49f8d6b1e652a58216d6f20f9d11e8  corporate/3.0/x86_64/lib64clamav2-0.91.2-0.1.C30mdk.x86_64.rpm 
 161aad73d855e835420c4e2cc4d37867  corporate/3.0/SRPMS/clamav-0.91.2-0.1.C30mdk.src.rpm

CS4.0 i586

 77469fc267c49b8727e9c8d7dfbe1dbe  corporate/4.0/i586/clamav-0.91.2-0.1.20060mlcs4.i586.rpm
 524a97ee0a548a61503a3d2805148adb  corporate/4.0/i586/clamav-db-0.91.2-0.1.20060mlcs4.i586.rpm
 b30b5e2ecc63f527a270df87fb236235  corporate/4.0/i586/clamav-milter-0.91.2-0.1.20060mlcs4.i586.rpm
 6fdb3fb5e172ac5142cf668013e18f2a  corporate/4.0/i586/clamd-0.91.2-0.1.20060mlcs4.i586.rpm
 63862acdb343759ad132eb7851de094f  corporate/4.0/i586/clamdmon-0.91.2-0.1.20060mlcs4.i586.rpm
 d8410aeca30a43ef80dba02181eab604  corporate/4.0/i586/libclamav-devel-0.91.2-0.1.20060mlcs4.i586.rpm
 28c9e2d2058116c19230b46686f211af  corporate/4.0/i586/libclamav2-0.91.2-0.1.20060mlcs4.i586.rpm 
 e28ad7b384a7df0d3a457b9cab2e45a5  corporate/4.0/SRPMS/clamav-0.91.2-0.1.20060mlcs4.src.rpm

CS3.0 i586

 3f54f8a01c5926fe7b5285e1aa5bd8a0  corporate/3.0/i586/clamav-0.91.2-0.1.C30mdk.i586.rpm
 e4f84e94bb49ae6a30db55c0eb3e1f37  corporate/3.0/i586/clamav-db-0.91.2-0.1.C30mdk.i586.rpm
 62b32759d1ef5100c7a9d4df5662df4e  corporate/3.0/i586/clamav-milter-0.91.2-0.1.C30mdk.i586.rpm
 da52811fa2422350fb10aa66b82e7345  corporate/3.0/i586/clamd-0.91.2-0.1.C30mdk.i586.rpm
 5b479b2416b7b2a3185a1ea1444e871d  corporate/3.0/i586/clamdmon-0.91.2-0.1.C30mdk.i586.rpm
 9dac547edcaadc6d91e049dfcfd4c8ef  corporate/3.0/i586/libclamav-devel-0.91.2-0.1.C30mdk.i586.rpm
 549d6c10620fb7440dbf28df5c8a21de  corporate/3.0/i586/libclamav2-0.91.2-0.1.C30mdk.i586.rpm 
 161aad73d855e835420c4e2cc4d37867  corporate/3.0/SRPMS/clamav-0.91.2-0.1.C30mdk.src.rpm

2007.1 x86_64

 ce936aaf4aac71db278525b626f7db71  2007.1/x86_64/clamav-0.91.2-1.1mdv2007.1.x86_64.rpm
 ab831b70524ef3e7e49ad2e421965d10  2007.1/x86_64/clamav-db-0.91.2-1.1mdv2007.1.x86_64.rpm
 053f0b5017f2107edc95e33d77827854  2007.1/x86_64/clamav-milter-0.91.2-1.1mdv2007.1.x86_64.rpm
 29d1c23377beda7601da3bf160620d75  2007.1/x86_64/clamd-0.91.2-1.1mdv2007.1.x86_64.rpm
 f917158048deac5163697c6dbb5882c9  2007.1/x86_64/clamdmon-0.91.2-1.1mdv2007.1.x86_64.rpm
 b0e2b52d8d538f29ffbcfe266a540b67  2007.1/x86_64/lib64clamav-devel-0.91.2-1.1mdv2007.1.x86_64.rpm
 5e3cd3617c0e719bc7af09781e0dfcb6  2007.1/x86_64/lib64clamav2-0.91.2-1.1mdv2007.1.x86_64.rpm 
 1aa3e75e6fd71c98a85671f7073eef53  2007.1/SRPMS/clamav-0.91.2-1.1mdv2007.1.src.rpm

References