Ubuntu has issued an advisory today (August 17): https://usn.ubuntu.com/usn/usn-3393-1/ To fix CVE-2017-6419, libmspack should be unbundled and it should use the system one. I thought we had taken care of that already in Bug 15155, but apparently not. Mageia 5 and Mageia 6 are also affected.
Whiteboard: (none) => MGA6TOO, MGA5TOO
It looks like we're also affected by CVE-2017-11423: https://usn.ubuntu.com/usn/usn-3394-1/
Depends on: (none) => 21556
Assigning to all packagers collectively, since there is no registered maintainer for this package. CC'ing some committers.
CC: (none) => cjw, geiger.david68210, luis.daniel.lucio, mageia, marja11, olav, pterjanAssignee: bugsquad => pkg-bugs
CVE-2017-6418 is now fixed on svn
we don't bundle libmspack so we are not affected by CVE-2017-6419
Summary: clamav new security issues CVE-2017-6418, CVE-2017-6419, CVE-2017-6420 => clamav new security issues CVE-2017-6418, CVE-2017-6420
this is now fixed and pushed in updates_testing src.rpm: clamav-0.99.2-2.2.mga6 clamav-0.99.2-1.1.mga5
Here's an advisory for whenever we can get this to build. Advisory: ======================== Updated clamav packages fix security vulnerabilities: It was discovered that ClamAV incorrectly handled parsing certain e-mail messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service (CVE-2017-6418). It was discovered that ClamAV incorrectly handled parsing certain PE files with WWPack compression. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service (CVE-2017-6420). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6420 https://usn.ubuntu.com/usn/usn-3393-1/
Advisory on Comment 6. Updated packages in core/updates_testing: ======================== clamav-0.99.2-1.1.mga5 clamd-0.99.2-1.1.mga5 clamav-milter-0.99.2-1.1.mga5 clamav-db-0.99.2-1.1.mga5 libclamav7-0.99.2-1.1.mga5 libclamav-devel-0.99.2-1.1.mga5 clamav-0.99.2-2.2.mga6 clamd-0.99.2-2.2.mga6 clamav-milter-0.99.2-2.2.mga6 clamav-db-0.99.2-2.2.mga6 libclamav7-0.99.2-2.2.mga6 libclamav-devel-0.99.2-2.2.mga6 from SRPMS: clamav-0.99.2-1.1.mga5.src.rpm clamav-0.99.2-2.2.mga6.src.rpm
Whiteboard: MGA6TOO, MGA5TOO => MGA5TOOVersion: Cauldron => 6Assignee: pkg-bugs => qa-bugs
Advisoried from comments 6 & 7.
Whiteboard: MGA5TOO => MGA5TOO advisoryCC: (none) => lewyssmith
In VirtualBox, M5.1, KDE, 32-bit Package(s) under test: clamav clamav-db libclamav7 install clamav clamav-db & libclamav6 [root@localhost wilcal]# urpmi clamav Package clamav-0.99.2-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi clamav-db Package clamav-db-0.99.2-1.mga5.noarch is already installed [root@localhost wilcal]# urpmi libclamav7 Package libclamav7-0.99.2-1.mga5.i586 is already installed Update with freshclam ( takes awhile ) [root@localhost wilcal]# freshclam check clamav files: [root@localhost wilcal]# ls -al /var/lib/clamav total 156228 drwxrwxr-x 3 clamav clamav 4096 Aug 20 11:07 ./ drwxr-xr-x 44 root root 4096 Aug 20 10:55 ../ -rw-r--r-- 1 clamav clamav 146041 Aug 20 11:04 bytecode.cvd -rw-r--r-- 1 clamav clamav 41910918 Aug 20 11:04 daily.cvd -rw-r--r-- 1 clamav clamav 117892267 Aug 20 10:58 main.cvd -rw------- 1 clamav clamav 468 Aug 20 11:07 mirrors.dat drwxr-xr-x 2 clamav clamav 4096 Nov 18 2016 tmp/ scan /etc [root@localhost wilcal]# clamscan -r -i /etc ----------- SCAN SUMMARY ----------- Known viruses: 6303059 Engine version: 0.99.2 Scanned directories: 464 Scanned files: 1810 Infected files: 0 Data scanned: 41.74 MB Data read: 22.18 MB (ratio 1.88:1) Time: 24.222 sec (0 m 24 s) clamscan successful install clamav clamav-db & libclamav6 from updates_testing [root@localhost wilcal]# urpmi clamav Package clamav-0.99.2-1.1.mga5.i586 is already installed [root@localhost wilcal]# urpmi clamav-db Package clamav-db-0.99.2-1.1.mga5.noarch is already installed [root@localhost wilcal]# urpmi libclamav7 Package libclamav7-0.99.2-1.1.mga5.i586 is already installed No need to update ( freshclam ) clamav db scan /var [root@localhost wilcal]# clamscan -r -i /var ----------- SCAN SUMMARY ----------- Known viruses: 6303059 Engine version: 0.99.2 Scanned directories: 274 Scanned files: 347 Infected files: 0 Data scanned: 361.39 MB Data read: 516.86 MB (ratio 0.70:1) Time: 66.266 sec (1 m 6 s) clamscan successful
Whiteboard: MGA5TOO advisory => MGA5TOO advisory MGA5-32-OKCC: (none) => wilcal.int
In VirtualBox, M5.1, KDE, 64-bit Package(s) under test: clamav clamav-db lib64clamav7 install clamav clamav-db & lib64clamav7 [root@localhost wilcal]# urpmi clamav Package clamav-0.99.2-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi clamav-db Package clamav-db-0.99.2-1.mga5.noarch is already installed [root@localhost wilcal]# urpmi lib64clamav7 Package lib64clamav7-0.99.2-1.mga5.x86_64 is already installed Update with freshclam ( takes awhile ) [root@localhost wilcal]# freshclam check clamav files: [root@localhost wilcal]# ls -al /var/lib/clamav total 156224 drwxrwxr-x 3 clamav clamav 4096 Aug 20 12:00 ./ drwxr-xr-x 44 root root 4096 Aug 20 11:38 ../ -rw-r--r-- 1 clamav clamav 146041 Aug 20 12:00 bytecode.cvd -rw-r--r-- 1 clamav clamav 41910918 Aug 20 12:00 daily.cvd -rw-r--r-- 1 clamav clamav 117892267 Aug 20 11:54 main.cvd -rw------- 1 clamav clamav 312 Aug 20 12:00 mirrors.dat drwxr-xr-x 2 clamav clamav 4096 Nov 18 2016 tmp/ scan /etc [root@localhost wilcal]# clamscan -r -i /etc ----------- SCAN SUMMARY ----------- Known viruses: 6303059 Engine version: 0.99.2 Scanned directories: 464 Scanned files: 1810 Infected files: 0 Data scanned: 41.75 MB Data read: 22.18 MB (ratio 1.88:1) Time: 19.250 sec (0 m 19 s) clamscan successful install clamav clamav-db & lib64clamav7 from updates_testing [root@localhost wilcal]# urpmi clamav Package clamav-0.99.2-1.1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi clamav-db Package clamav-db-0.99.2-1.1.mga5.noarch is already installed [root@localhost wilcal]# urpmi lib64clamav7 Package lib64clamav7-0.99.2-1.1.mga5.x86_64 is already installed No need to update ( freshclam ) clamav db scan /var [root@localhost wilcal]# clamscan -r -i /var ----------- SCAN SUMMARY ----------- Known viruses: 6303059 Engine version: 0.99.2 Scanned directories: 269 Scanned files: 341 Infected files: 0 Data scanned: 340.98 MB Data read: 495.95 MB (ratio 0.69:1) Time: 48.299 sec (0 m 48 s) clamscan successful
Whiteboard: MGA5TOO advisory MGA5-32-OK => MGA5TOO advisory MGA5-32-OK MGA5-64-OK
In VirtualBox, M6, Plasma, 32-bit Package(s) under test: clamav clamav-db libclamav7 install clamav clamav-db & libclamav6 from updates_testing [root@localhost wilcal]# urpmi clamav Package clamav-0.99.2-2.2.mga6.i586 is already installed [root@localhost wilcal]# urpmi clamav-db Package clamav-db-0.99.2-2.2.mga6.noarch is already installed [root@localhost wilcal]# urpmi clamav-db Package clamav-db-0.99.2-2.2.mga6.noarch is already installed Update with freshclam ( takes awhile ) [root@localhost wilcal]# freshclam [root@localhost wilcal]# ls -al /var/lib/clamav Total 341388 drwxrwxr-x 3 clamav clamav 4096 Aug 20 14:05 ./ drwxr-xr-x 49 root root 4096 Aug 20 14:13 ../ -rw-r--r-- 1 clamav clamav 146041 Aug 20 14:03 bytecode.cvd -rw-r--r-- 1 clamav clamav 41910919 Aug 20 14:03 daily.cvd -rw-r--r-- 1 clamav clamav 307499008 Aug 20 14:01 main.cld -rw------- 1 clamav clamav 468 Aug 20 14:05 mirrors.dat drwxr-xr-x 2 clamav clamav 4096 Aug 19 13:05 tmp/ [root@localhost wilcal]# clamscan -r -i /etc ----------- SCAN SUMMARY ----------- Known viruses: 6303059 Engine version: 0.99.2 Scanned directories: 482 Scanned files: 1950 Infected files: 0 Data scanned: 45.22 MB Data read: 23.95 MB (ratio 1.89:1) Time: 19.962 sec (0 m 19 s) [root@localhost wilcal]# clamscan -r -i /var ----------- SCAN SUMMARY ----------- Known viruses: 6303059 Engine version: 0.99.2 Scanned directories: 224 Scanned files: 302 Infected files: 0 Data scanned: 335.44 MB Data read: 816.19 MB (ratio 0.41:1) Time: 47.277 sec (0 m 47 s) clamscan successful I had a problem getting getting clamav-0.99.2-2.2 to recognize a previously installed database. Simply installing from the updates_testing to start with worked fine.
Whiteboard: MGA5TOO advisory MGA5-32-OK MGA5-64-OK => MGA5TOO advisory MGA5-32-OK MGA5-64-OK MGA6-32-OK
In VirtualBox, M6, KDE, 64-bit Package(s) under test: clamav clamav-db lib64clamav7 install clamav clamav-db & lib64clamav7 from updates_testing [root@localhost wilcal]# urpmi clamav Package clamav-0.99.2-2.2.mga6.x86_64 is already installed [root@localhost wilcal]# urpmi clamav-db Package clamav-db-0.99.2-2.2.mga6.noarch is already installed [root@localhost wilcal]# urpmi lib64clamav7 Package lib64clamav7-0.99.2-2.2.mga6.x86_64 is already installed Update with freshclam ( takes awhile ) [root@localhost wilcal]# freshclam [root@localhost wilcal]# freshclam ClamAV update process started at Sun Aug 20 14:48:02 2017 main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) daily.cvd is up to date (version: 23688, sigs: 1742430, f-level: 63, builder: neo) bytecode.cvd is up to date (version: 309, sigs: 69, f-level: 63, builder: bbaker) check clamav files: [root@localhost wilcal]# ls -al /var/lib/clamav total 341384 drwxrwxr-x 3 clamav clamav 4096 Aug 20 14:48 ./ drwxr-xr-x 51 root root 4096 Aug 20 14:32 ../ -rw-r--r-- 1 clamav clamav 146041 Aug 20 14:36 bytecode.cvd -rw-r--r-- 1 clamav clamav 41910919 Aug 20 14:36 daily.cvd -rw-r--r-- 1 clamav clamav 307499008 Aug 20 14:34 main.cld -rw------- 1 clamav clamav 260 Aug 20 14:48 mirrors.dat drwxr-xr-x 2 clamav clamav 4096 Aug 19 13:05 tmp/ scan /etc [root@localhost wilcal]# clamscan -r -i /etc ----------- SCAN SUMMARY ----------- Known viruses: 6303059 Engine version: 0.99.2 Scanned directories: 488 Scanned files: 2024 Infected files: 0 Data scanned: 50.72 MB Data read: 27.49 MB (ratio 1.85:1) Time: 23.321 sec (0 m 23 s) clamscan successful scan /var [root@localhost wilcal]# clamscan -r -i /var ----------- SCAN SUMMARY ----------- Known viruses: 6303059 Engine version: 0.99.2 Scanned directories: 242 Scanned files: 348 Infected files: 0 Data scanned: 426.21 MB Data read: 712.45 MB (ratio 0.60:1) Time: 49.692 sec (0 m 49 s) clamscan successful
Whiteboard: MGA5TOO advisory MGA5-32-OK MGA5-64-OK MGA6-32-OK => MGA5TOO advisory MGA5-32-OK MGA5-64-OK MGA6-32-OK MGA6-64-OK
I'm going to validate this in 24-hours unless someone finds something.
CC: (none) => sysadmin-bugsKeywords: (none) => validated_update
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0291.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED