Bug 49360 - clamav: Multiple issues (4.3)
clamav: Multiple issues (4.3)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.3
All Linux
: P3 normal (vote)
: UCS 4.3-4-errata
Assigned To: Quality Assurance
Philipp Hahn
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-04-29 07:51 CEST by Quality Assurance
Modified: 2019-05-02 12:34 CEST (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 5.5 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) Debian NVD


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Quality Assurance univentionstaff 2019-04-29 07:51:49 CEST
New Debian clamav 0.100.3+dfsg-0+deb9u1A~4.3.4.201904290751 fixes:
This update addresses the following issues:
* A vulnerability in the Portable Document Format (PDF) scanning  functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and  prior could allow an unauthenticated, remote attacker to cause a denial of  service (DoS) condition on an affected device. The vulnerability is due to  a lack of proper data handling mechanisms within the device buffer while  indexing remaining file data on an affected device. An attacker could  exploit this vulnerability by sending crafted PDF files to an affected  device. A successful exploit could allow the attacker to cause a heap  buffer out-of-bounds read condition, resulting in a crash that could result  in a denial of service condition on an affected device. (CVE-2019-1787)
* A vulnerability in the Object Linking & Embedding (OLE2) file scanning  functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and  prior could allow an unauthenticated, remote attacker to cause a denial of  service condition on an affected device. The vulnerability is due to a lack  of proper input and validation checking mechanisms for OLE2 files sent an  affected device. An attacker could exploit this vulnerability by sending  malformed OLE2 files to the device running an affected version ClamAV  Software. An exploit could allow the attacker to cause an out-of-bounds  write condition, resulting in a crash that could result in a denial of  service condition on an affected device. (CVE-2019-1788)
* clamav (CVE-2019-1789)
Comment 1 Quality Assurance univentionstaff 2019-04-29 09:01:05 CEST
--- mirror/ftp/4.3/unmaintained/4.3-3/source/clamav_0.100.2+dfsg-0+deb9u1A~4.3.0.201810250854.dsc
+++ apt/ucs_4.3-0-errata4.3-4/source/clamav_0.100.3+dfsg-0+deb9u1A~4.3.4.201904290751.dsc
@@ -1,7 +1,27 @@
-0.100.2+dfsg-0+deb9u1A~4.3.0.201810250854 [Thu, 25 Oct 2018 08:54:49 +0200] Univention builddaemon <buildd@univention.de>:
+0.100.3+dfsg-0+deb9u1A~4.3.4.201904290751 [Mon, 29 Apr 2019 07:52:01 +0200] Univention builddaemon <buildd@univention.de>:
 
   * UCS auto build. The following patches have been applied to the original source package
     030-silence-version-msg
+
+0.100.3+dfsg-0+deb9u1 [Fri, 29 Mar 2019 19:40:34 -0400] Scott Kitterman <scott@kitterman.com>:
+
+  * New upstream security release
+    - Fixes for the following vulnerabilities:
+      - [CVE-2019-1787]:
+        An out-of-bounds heap read condition may occur when scanning PDF
+        documents. The defect is a failure to correctly keep track of the number
+        of bytes remaining in a buffer when indexing file data.
+      - [CVE-2019-1789]:
+        An out-of-bounds heap read condition may occur when scanning PE files
+        (i.e. Windows EXE and DLL files) that have been packed using Aspack as a
+        result of inadequate bound-checking.
+      - [CVE-2019-1788]:
+        An out-of-bounds heap write condition may occur when scanning OLE2 files
+        such as Microsoft Office 97-2003 documents. The invalid write happens when
+        an invalid pointer is mistakenly used to initialize a 32bit integer to
+        zero. This is likely to crash the application.
+  * Update debian/copyright
+  * Update private symbols for new upstream release
 
 0.100.2+dfsg-0+deb9u1 [Fri, 12 Oct 2018 23:44:44 +0200] Sebastian Andrzej Siewior <sebastian@breakpoint.cc>:
 

<http://10.200.17.11/4.3-4/#4148252267222722491>
Comment 2 Philipp Hahn univentionstaff 2019-04-29 14:47:07 CEST
OK: yaml
OK: announce_errata
OK: patch
OK: piuparts

[4.3-4] 0552295421 Bug #49360: clamav 0.100.3+dfsg-0+deb9u1A~4.3.4.201904290751
 doc/errata/staging/clamav.yaml | 40 +++++++++++++++++++++-------------------
 1 file changed, 21 insertions(+), 19 deletions(-)

[4.3-4] 50fb1c6747 Bug #49360: clamav 0.100.3+dfsg-0+deb9u1A~4.3.4.201904290751
 doc/errata/staging/clamav.yaml | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
Comment 3 Arvid Requate univentionstaff 2019-05-02 12:34:54 CEST
<http://errata.software-univention.de/ucs/4.3/482.html>