Nom du paquet
clamav
Date
2008-12-05
Advisory ID
MDVSA-2008:239
Affected versions
2009.0 x86_64 , CS4.0 x86_64 , 2008.0 i586 , 2009.0 i586 , CS3.0 x86_64 , 2008.0 x86_64 , CS3.0 i586 , 2008.1 x86_64 , 2008.1 i586 , CS4.0 i586

Problem description

Ilja van Sprundel found that ClamAV contained a denial of service
vulnerability in how it handled processing JPEG files, due to it
not limiting the recursion depth when processing JPEG thumbnails
(CVE-2008-5314).

Other bugs have also been corrected in 0.94.2 which is being provided
with this update.

Updated packages

2009.0 x86_64

 2355d0d75b0199682e71657db724e295  2009.0/x86_64/clamav-0.94.2-1.1mdv2009.0.x86_64.rpm
 3432b677b2a72802432cc96d92014f5b  2009.0/x86_64/clamav-db-0.94.2-1.1mdv2009.0.x86_64.rpm
 7bebc82ca05fecdc1768892dbd812c17  2009.0/x86_64/clamd-0.94.2-1.1mdv2009.0.x86_64.rpm
 ba9fdd676bb4ce545072a14e8e96f86c  2009.0/x86_64/lib64clamav5-0.94.2-1.1mdv2009.0.x86_64.rpm
 6e1c88a5a086126ea6df74fa0642e45f  2009.0/x86_64/lib64clamav-devel-0.94.2-1.1mdv2009.0.x86_64.rpm 
 d9954bb8eac45821b9f13e655fb7839e  2009.0/SRPMS/clamav-0.94.2-1.1mdv2009.0.src.rpm

CS4.0 x86_64

 72f5f30c460683914b27d257e2125688  corporate/4.0/x86_64/clamav-0.94.2-0.1.20060mlcs4.x86_64.rpm
 169f086d64243420757efd885c931a99  corporate/4.0/x86_64/clamav-db-0.94.2-0.1.20060mlcs4.x86_64.rpm
 cd2ac76205e5a866a0083a8aa741a052  corporate/4.0/x86_64/clamd-0.94.2-0.1.20060mlcs4.x86_64.rpm
 5b2ec74d5d3b07f0546d7e4c76072bb4  corporate/4.0/x86_64/lib64clamav5-0.94.2-0.1.20060mlcs4.x86_64.rpm
 c506b06df4cb84b77d626525d5c05025  corporate/4.0/x86_64/lib64clamav-devel-0.94.2-0.1.20060mlcs4.x86_64.rpm 
 54d43f922df6e0ece09ec3c3ece7364a  corporate/4.0/SRPMS/clamav-0.94.2-0.1.20060mlcs4.src.rpm

2008.0 i586

 76beab75d863d50bba121d855c9b438b  2008.0/i586/clamav-0.94.2-1.1mdv2008.0.i586.rpm
 4fd30d06eaae9dd3485d1029b785b5d1  2008.0/i586/clamav-db-0.94.2-1.1mdv2008.0.i586.rpm
 3293ae92542961c7aff1270321e42c64  2008.0/i586/clamd-0.94.2-1.1mdv2008.0.i586.rpm
 edf97df009a6670637d9259e93e8fa4d  2008.0/i586/libclamav5-0.94.2-1.1mdv2008.0.i586.rpm
 a6c8e64a377e3cffe859fa1b9c369ccf  2008.0/i586/libclamav-devel-0.94.2-1.1mdv2008.0.i586.rpm 
 ad2a6c0a833e798109f7dafefe845c6b  2008.0/SRPMS/clamav-0.94.2-1.1mdv2008.0.src.rpm

2009.0 i586

 e3bb00e5435ee0bc4e3ba34377cee784  2009.0/i586/clamav-0.94.2-1.1mdv2009.0.i586.rpm
 a2cd7d757a336f34058a55098dc600e8  2009.0/i586/clamav-db-0.94.2-1.1mdv2009.0.i586.rpm
 6904d7d8f7a35d2a65a4cfe40ef48bfa  2009.0/i586/clamd-0.94.2-1.1mdv2009.0.i586.rpm
 36c1e37a32f65cb96d24fd8b0db5f7e5  2009.0/i586/libclamav5-0.94.2-1.1mdv2009.0.i586.rpm
 f4f89d2acb7237ba6135ba54dccacaf9  2009.0/i586/libclamav-devel-0.94.2-1.1mdv2009.0.i586.rpm 
 d9954bb8eac45821b9f13e655fb7839e  2009.0/SRPMS/clamav-0.94.2-1.1mdv2009.0.src.rpm

CS3.0 x86_64

 a56708d3e7bf8c6111a1f1b4b44d2571  corporate/3.0/x86_64/clamav-0.94.2-0.1.C30mdk.x86_64.rpm
 095bd1aa2b2295d555ca13c36f5778b4  corporate/3.0/x86_64/clamav-db-0.94.2-0.1.C30mdk.x86_64.rpm
 0c80591bfdccc63fe3818583b5fcb829  corporate/3.0/x86_64/clamd-0.94.2-0.1.C30mdk.x86_64.rpm
 1311da34900cd15ce38c14ff16b2c0dc  corporate/3.0/x86_64/lib64clamav5-0.94.2-0.1.C30mdk.x86_64.rpm
 fe66fd2f698a27b014b1c68e2bd019d8  corporate/3.0/x86_64/lib64clamav-devel-0.94.2-0.1.C30mdk.x86_64.rpm 
 a307df060dcaa0c7d93c7cbd9f58e842  corporate/3.0/SRPMS/clamav-0.94.2-0.1.C30mdk.src.rpm

2008.0 x86_64

 9be0855b803f6772371c94e613e609cc  2008.0/x86_64/clamav-0.94.2-1.1mdv2008.0.x86_64.rpm
 d61d7b9cdc5418209da894c1d557dc2f  2008.0/x86_64/clamav-db-0.94.2-1.1mdv2008.0.x86_64.rpm
 51fd1abb8528865ff3930dfbc497293f  2008.0/x86_64/clamd-0.94.2-1.1mdv2008.0.x86_64.rpm
 024a6a575ca469dc3f3044e50ff82611  2008.0/x86_64/lib64clamav5-0.94.2-1.1mdv2008.0.x86_64.rpm
 986d1b076adf3bed18a37fb7ffbb938b  2008.0/x86_64/lib64clamav-devel-0.94.2-1.1mdv2008.0.x86_64.rpm 
 ad2a6c0a833e798109f7dafefe845c6b  2008.0/SRPMS/clamav-0.94.2-1.1mdv2008.0.src.rpm

CS3.0 i586

 0de774b0b919eaf9269bff1f9dbcc502  corporate/3.0/i586/clamav-0.94.2-0.1.C30mdk.i586.rpm
 79b305aa810908fa3e30b32a9ddc0a9a  corporate/3.0/i586/clamav-db-0.94.2-0.1.C30mdk.i586.rpm
 bcb7357561fb229201fa415dbbe1ba10  corporate/3.0/i586/clamd-0.94.2-0.1.C30mdk.i586.rpm
 a889cd1fa54443ed7f84b03a599b5dd7  corporate/3.0/i586/libclamav5-0.94.2-0.1.C30mdk.i586.rpm
 04895e0ca3f5f112562b3352bdd4e522  corporate/3.0/i586/libclamav-devel-0.94.2-0.1.C30mdk.i586.rpm 
 a307df060dcaa0c7d93c7cbd9f58e842  corporate/3.0/SRPMS/clamav-0.94.2-0.1.C30mdk.src.rpm

2008.1 x86_64

 666d401ee9a3e5386c39dae18b706736  2008.1/x86_64/clamav-0.94.2-1.1mdv2008.1.x86_64.rpm
 f1e7e07f56c9ffa8671adc066ecd88d9  2008.1/x86_64/clamav-db-0.94.2-1.1mdv2008.1.x86_64.rpm
 68831cc7365c47c630df5edb1838206d  2008.1/x86_64/clamd-0.94.2-1.1mdv2008.1.x86_64.rpm
 23a274e8c5f558ae53a306bd00fee12e  2008.1/x86_64/lib64clamav5-0.94.2-1.1mdv2008.1.x86_64.rpm
 79196d7b4f6c0e7df71d2d6430be21ab  2008.1/x86_64/lib64clamav-devel-0.94.2-1.1mdv2008.1.x86_64.rpm 
 4a85173474e49d304c0055cc4f9a50ee  2008.1/SRPMS/clamav-0.94.2-1.1mdv2008.1.src.rpm

2008.1 i586

 cc37662a9b26623fbacdd49f6bd552f1  2008.1/i586/clamav-0.94.2-1.1mdv2008.1.i586.rpm
 447c0735aa918d5c8ba9dc603a830e84  2008.1/i586/clamav-db-0.94.2-1.1mdv2008.1.i586.rpm
 612c1311f2ec78ea72a821fcb5f69e9e  2008.1/i586/clamd-0.94.2-1.1mdv2008.1.i586.rpm
 d1cda95e0b38da35f601a21adf8a83ea  2008.1/i586/libclamav5-0.94.2-1.1mdv2008.1.i586.rpm
 e6debecc5127af9c9b6a1ce1b6856a14  2008.1/i586/libclamav-devel-0.94.2-1.1mdv2008.1.i586.rpm 
 4a85173474e49d304c0055cc4f9a50ee  2008.1/SRPMS/clamav-0.94.2-1.1mdv2008.1.src.rpm

CS4.0 i586

 392911d388217b1d55cf31a7bb2586ab  corporate/4.0/i586/clamav-0.94.2-0.1.20060mlcs4.i586.rpm
 77d8232d30d440220faf79d979fae533  corporate/4.0/i586/clamav-db-0.94.2-0.1.20060mlcs4.i586.rpm
 866326eaf820b549877f2c3126cdf2ba  corporate/4.0/i586/clamd-0.94.2-0.1.20060mlcs4.i586.rpm
 f2ba2c12b43ec1979424cddf8bb6c475  corporate/4.0/i586/libclamav5-0.94.2-0.1.20060mlcs4.i586.rpm
 6557632e03d2a4863326b49404dbdcd7  corporate/4.0/i586/libclamav-devel-0.94.2-0.1.20060mlcs4.i586.rpm 
 54d43f922df6e0ece09ec3c3ece7364a  corporate/4.0/SRPMS/clamav-0.94.2-0.1.20060mlcs4.src.rpm

References