From Mageia wiki
Jump to: navigation, search

MGASA-2012-0144

Date: July 9th, 2012
Affected releases: 1, 2


Description:
Updated clamav packages fix security vulnerabilities:

The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass
malware detection via a TAR archive entry with a length field that
exceeds the total TAR file size. NOTE: this may later be SPLIT into
multiple CVEs if additional information is published showing that the
error occurred independently in different TAR parser implementations
(CVE-2012-1457).

The Microsoft CHM file parser in ClamAV 0.96.4 allows remote attackers
to bypass malware detection via a crafted reset interval in the LZXC
header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs
if additional information is published showing that the error occurred
independently in different CHM parser implementations (CVE-2012-1458).

The TAR file parser in ClamAV 0.96.4 allows remote attackers to
bypass malware detection via a TAR archive entry with a length field
corresponding to that entire entry, plus part of the header of the
next entry. NOTE: this may later be SPLIT into multiple CVEs if
additional information is published showing that the error occurred
independently in different TAR parser implementations (CVE-2012-1459).

This update upgrades clamav to the latest version (0.97.5), which
resolves these security issues as well as some other bugs.


Updated Packages:
Mageia 1:
clamav-0.97.5-1.mga1
clamd-0.97.5-1.mga1
clamav-milter-0.97.5-1.mga1
clamav-db-0.97.5-1.mga1
lib(64)clamav6-0.97.5-1.mga1
lib(64)clamav-devel-0.97.5-1.mga1

Mageia 2:
clamav-0.97.5-1.mga2
clamd-0.97.5-1.mga2
clamav-milter-0.97.5-1.mga2
clamav-db-0.97.5-1.mga2
lib(64)clamav6-0.97.5-1.mga2
lib(64)clamav-devel-0.97.5-1.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1459
http://blog.clamav.net/2012/06/clamav-0975-has-been-released.html
http://www.mandriva.com/en/support/security/advisories/?dis=mes5&name=MDVSA-2012:094
https://bugs.mageia.org/show_bug.cgi?id=6491

Retrieved from "https://wiki.mageia.org/mw-en/index.php?title=Support/Advisories/MGASA-2012-0144&oldid=9027"