Univention Bugzilla – Attachment 6947 Details for
Bug 38629
Update clamav to 0.98.7 (ES 3.1)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Advisory ClamAV 0.98.7 extsec3.1
38629_ClamAV-extsec31.txt (text/plain), 1.67 KB, created by
Philipp Hahn
on 2015-06-08 12:13 CEST
(
hide
)
Description:
Advisory ClamAV 0.98.7 extsec3.1
Filename:
MIME Type:
Creator:
Philipp Hahn
Created:
2015-06-08 12:13 CEST
Size:
1.67 KB
patch
obsolete
>A new update is available for Univention Corporate Server 3.1 as >part of the extended security maintenance. >It addresses the following problem: > >Program component: clamav >Reference: CVE-2014-9050 > CVE-2013-6497 > CVE-2014-9328 > CVE-2015-1461 > CVE-2015-1462 > CVE-2015-1463 > CVE-2015-2170 > CVE-2015-2221 > CVE-2015-2222 > CVE-2015-2668 > CVE-2015-2305 >Fixed version: 0.97.7+dfsg-2~really0.98.7+dfsg-0.152.201506081116 > >Among other these vulernabilities have been fixed: >- Buffer overflow when parsing crafted y0da Crypter PE files (CVE-2014-9050) >- Segmentation fault when parsing malformed JavaScript files (CVE-2013-6497) >- Memory corruption in processing upack archives (CVE-2014-9328) >- Heap out of bounds condition via a crafted Yoda's crypter or mew packer > file (CVE-2015-1461) >- Heap out of bounds condition via a crafted upx packer file (CVE-2015-1462) >- Heap out of bounds condition via a crafted petite packer file > (CVE-2015-1463) >- Crash in upx decoder with crafted file (CVE-2015-2170) >- Infinite loop condition on crafted y0da cryptor file (CVE-2015-2221) >- Crash on crafted petite packed file (CVE-2015-2222) >- Infinite loop condition on a crafted "xz" archive file (CVE-2015-2668) >- Heap overflow vulnerability in regcomp.c (CVE-2015-2305) > >-- >Univention GmbH >be open. >Mary-Somerville-Str.1 >28359 Bremen >Tel. : +49 421 22232-0 >Fax : +49 421 22232-99 > ><info@univention.de> >http://www.univention.de/ > >Geschäftsführer: Peter H. Ganten >HRB 20755 Amtsgericht Bremen >Steuer-Nr.: 71-597-02876
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=6947">View the attachment on a separate page</a>.</b>
Actions:
View
Attachments on
bug 38629
:
6947
|
6961