0.97.7 ------ ClamAV 0.97.7 addresses several reported potential security bugs. Thanks to Felix Groebert, Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team for finding and reporting these issues. (that's all she wrote...) Reproducible: Steps to Reproduce:
Updated to clamav-0.97.7 in svn for cauldron.
Updated to clamav-0.97.7 for mga2/update_testing.
Don't forget to assign this to QA if it's ready for testing.
(In reply to David Walser from comment #3) > Don't forget to assign this to QA if it's ready for testing. Don't know why i always seem to forget.
(In reply to Oden Eriksson from comment #4) > (In reply to David Walser from comment #3) > > Don't forget to assign this to QA if it's ready for testing. > > Don't know why i always seem to forget. You'll remember eventually. Just assign to qa-bugs@ml.mageia.org when it's ready.
Proposed advisory text: ClamAV 0.97.7 addresses several reported potential security bugs. Thanks to Felix Groebert, Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team for finding and reporting these issues.
qateam: I found no PoCs or other information other than posted here. Usually the clamav security releases can be considered critical. If you want to wait for a CVE assignment you're too late.
Assignee: bugsquad => qa-bugs
You need to list rpm's too please Oden. QA need to know rpm's so we know what to test and srpm's so we know what to ask sysadmin to push.
Ah. Packages: clamav-0.97.7-1.mga2.src.rpm clamav-db-0.97.7-1.mga2.noarch.rpm libclamav6-0.97.7-1.mga2.i586.rpm clamd-0.97.7-1.mga2.i586.rpm clamav-milter-0.97.7-1.mga2.i586.rpm clamav-0.97.7-1.mga2.i586.rpm libclamav-devel-0.97.7-1.mga2.i586.rpm lib64clamav-devel-0.97.7-1.mga2.x86_64.rpm clamav-milter-0.97.7-1.mga2.x86_64.rpm clamav-0.97.7-1.mga2.x86_64.rpm clamav-db-0.97.7-1.mga2.noarch.rpm clamd-0.97.7-1.mga2.x86_64.rpm lib64clamav6-0.97.7-1.mga2.x86_64.rpm
Testing complete mga2 64 # urpmi sendmail sendmail-cf # nano /etc/mail/sendmail.mc Edit and add the following line in before the first MAILER line. INPUT_MAIL_FILTER(`clamav-milter',`S=local:/var/lib/clamav/clamav-milter.socket,F=,T=S:4m;R:4m;E:10m')dnl # m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf start clamd, clamav-milter, sendmail services. ctrl-c if sendmail seems to hang, it will be missing a proper fqdn but should have started. Testing with eicar test string # sendmail -t To: "root" root Subject: test sendmail with clamav-milter MIME-Version: 1.0 Content-Type: text/plain X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* . Before ------ # grep quarantine /var/log/syslog Mar 18 10:20:49 localhost sendmail[19109]: r2IAKngt019109: milter=clamav-milter, quarantine=quarantined by clamav-milter # grep FOUND /var/log/clamav/clamd.log fd[10]: Eicar-Test-Signature FOUND After ----- # grep quarantine /var/log/syslog Mar 18 10:20:49 localhost sendmail[19109]: r2IAKngt019109: milter=clamav-milter, quarantine=quarantined by clamav-milter Mar 18 10:36:58 localhost sendmail[20415]: r2IAawR1020415: milter=clamav-milter, quarantine=quarantined by clamav-milter # grep FOUND /var/log/clamav/clamd.log fd[10]: Eicar-Test-Signature FOUND fd[10]: Eicar-Test-Signature FOUND Also # service freshclam start Starting freshclam (via systemctl): [ OK ] # freshclam ClamAV update process started at Mon Mar 18 10:45:41 2013 main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven) daily.cld is up to date (version: 16867, sigs: 967606, f-level: 63, builder: ccordes) bytecode.cld is up to date (version: 214, sigs: 41, f-level: 63, builder: neo)
Whiteboard: (none) => has_procedure mga2-64-ok
Testing complete mga2 32 Using clamtk to find the 4 eicar test files from http://www.eicar.org/85-0-Download.html Validating Oden, please update the mgasa wiki page with links etc when the CVE becomes available. Advisory -------- ClamAV 0.97.7 addresses several reported potential security bugs. Thanks to Felix Groebert, Mateusz Jurczyk and Gynvael Coldwind of the Google Security Team for finding and reporting these issues. -------- SRPM: clamav-0.97.7-1.mga2.src.rpm Could sysadmin please push from core/updates_testing to core/updates Thanks!
Keywords: (none) => validated_updateWhiteboard: has_procedure mga2-64-ok => has_procedure mga2-64-ok mga2-32-okCC: (none) => sysadmin-bugs
Update Pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0100
Status: NEW => RESOLVEDCC: (none) => dmorganecResolution: (none) => FIXED