Ubuntu
clamav package

  1. Hardy (8.04)
  2. Bug #317923
  3. Comment #8

Comment 8 for bug 317923

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package clamav - 0.92.1~dfsg2-1.1~gutsy3.1ubuntu2

---------------
clamav (0.92.1~dfsg2-1.1~gutsy3.1ubuntu2) gutsy-security; urgency=low

  [ Leonel Nunez ]
  * SECURITY UPDATE:
  * [CVE-2008-5314]: remote attack by sending a specially crafted JPEG file
    libclamav/special.c, libclamav/special.h, libclamav/scanners.c
  * [CVE-2008-3912]: libclamav/mbox.c, libclamav/message.c: out-of-memory
    null dereferences
  * [CVE-2008-3914]: libclamav/htmlnorm.c, libclamav/others.c,
    libclamav/sis.c: fd leaks
  * [CVE-2008-3913]: freshclam/manager.c: memory leaks
  * added 29_CVE-2008-3912.dpatch 30_CVE-2008-3913.dpatch
     32_cli_check_jpeg_exploit.dpatch 31_CVE-2008-3914.dpatch
  * References: LP #271546, #304017

  [ Scott Kitterman ]
  * SECURITY UPDATE: re-enable modules disabled due to resolved security
    deficiencies:
  * References: Clamav svn commit 4550 LP: #317923

 -- Scott Kitterman <email address hidden> Sat, 17 Jan 2009 23:57:18 -0500