Univention Bugzilla – Bug 45615
clamav: Multiple issues (4.1)
Last modified: 2018-01-31 14:34:49 CET
Upstream Debian package version 0.99.2+dfsg-0+deb7u3 fixes: * libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message. (CVE-2017-6418) * The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression. (CVE-2017-6420)
0.99.2+dfsg-0+deb7u4 fixes: CVE-2017-12374 ClamAV has a use-after-free condition arising from a lack of input validation. A remote attacker could exploit this vulnerability with a crafted email message to cause a denial of service. CVE-2017-12375 ClamAV has a buffer overflow vulnerability arising from a lack of input validation. An unauthenticated remote attacker could send a crafted email message to the affected device, triggering a buffer overflow and potentially a denial of service when the malicious message is scanned. CVE-2017-12376 ClamAV has a buffer overflow vulnerability arising from improper input validation when handling Portable Document Format (PDF) files. An unauthenticated remote attacker could send a crafted PDF file to the affected device, triggering a buffer overflow and potentially a denial of service or arbitrary code execution when the malicious file is scanned. CVE-2017-12377 ClamAV has a heap overflow vulnerability arising from improper input validation when handling mew packets. An attacker could exploit this by sending a crafted message to the affected device, triggering a denial of service or possible arbitrary code execution when the malicious file is scanned. CVE-2017-12378 ClamAV has a buffer overread vulnerability arising from improper input validation when handling tape archive (TAR) files. An unauthenticated remote attacker could send a crafted TAR file to the affected device, triggering a buffer overread and potentially a denial of service when the malicious file is scanned. CVE-2017-12379 ClamAV has a buffer overflow vulnerability arising from improper input validation in the message parsing function. An unauthenticated remote attacker could send a crafted email message to the affected device, triggering a buffer overflow and potentially a denial of service or arbitrary code execution when the malicious message is scanned. CVE-2017-12380 ClamAV has a NULL dereference vulnerability arising from improper input validation in the message parsing function. An unauthenticated remote attacker could send a crafted email message to the affected device, triggering a NULL pointer dereference, which may result in a denial of service repo_admin.py -U -p clamav -d wheezy -r 4.1 -s errata4.1-5 b41-scope errata4.1-5 clamav Package: clamav Version: 0.99.2+dfsg-0.160.201801280950 Branch: ucs_4.1-0 Scope: errata4.1-5 f4e65bf958 Bug #45615: clamav
YAML: OK Build: OK: ------------------------------------------- $ zless /usr/share/doc/clamav/changelog.Debian.gz clamav (0.99.2+dfsg-0.160.201801280950) ucs4-1-0-0; urgency=low * UCS auto build. The following patches have been applied to the original source package 010-utilize_ucr_autostart_settings 020-dont_fail_in_postinst_if_start_fails 030-silence-version-msg -- Univention builddaemon <buildd@univention.de> Sun, 28 Jan 2018 09:50:32 +0100 clamav (0.99.2+dfsg-0+deb7u4) wheezy-security; urgency=high * Non-maintainer upload by the LTS Team - changes based entirely on jessie patch by Sebastian Andrzej Siewior * Apply security patches from 0.99.3 (Closes: #888484): - fixes for the following CVE's: CVE-2017-6418, CVE-2017-6420, CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377, CVE-2017-12378, CVE-2017-12379, CVE-2017-12380. * Bump symbol version of cl_retflevel because CL_FLEVEL changed. * Cherry-pick patch from bb11549 to fix a temp file cleanup issue (Closes: #824196). ------------------------------------------- Tests: OK. Mail tests were successful.
<http://errata.software-univention.de/ucs/4.1/495.html>