Date: Wed, 24 Apr 2013 07:59:04 -0400 (EDT) From: Jan Lieskovsky <jlieskov@...hat.com> To: Felix Groebert <groebert@...gle.com> Cc: "Steven M. Christey" <coley@...us.mitre.org>, oss-security@...ts.openwall.com Subject: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details? Hello Felix, this is due the ClamAV 0.97.8 release: [1] http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html [2] https://github.com/vrtadmin/clamav-devel/blob/0.97/ChangeLog [3] https://bugzilla.redhat.com/show_bug.cgi?id=956176 [4] https://bugzilla.novell.com/show_bug.cgi?id=816865 Could you clarify how many and what kind of possible security issues has been corrected within this release? (so we would know how many CVE identifiers should be allocated to these) Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team Reproducible: Steps to Reproduce:
http://freecode.com/projects/clamav/releases/354139
CC: (none) => luigiwalserVersion: 2 => CauldronAssignee: bugsquad => thomasWhiteboard: (none) => MGA2TOO
Status: NEW => ASSIGNED
This update is now in mga2/updates/testing it fixes (from upstream) âClamAV 0.97.8 addresses several reported potential security bugs. Thanks to Felix Groebert of the Google Security Team for finding and reporting these issues.â (The upgrade request has also been submitted to Cauldron)
Assignee: thomas => qa-bugs
Fixed in Cauldron in clamav-0.97.8-1.mga3. Thanks Thomas.
Version: Cauldron => 2Whiteboard: MGA2TOO => (none)
Tested i586 in VM using clamtk - no regressions noticed after update. Carolyn
CC: (none) => isoldeWhiteboard: (none) => mga2-32-OK
Tested x86_64 on real hw using clamtk - no regressions noticed after update. Update validated. See comment 2 for advisory. SRPM: clamav-0.97.8-1.mga2.src.prm Could sysadmin please push from core/updates_testing to core/updates. Thanks. Carolyn
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsWhiteboard: mga2-32-OK => mga2-32-OK mga2-64-OK
From oss-security: CVE-2013-2020: https://bugzilla.clamav.net/show_bug.cgi?id=7055 heap corruption, potentially exploitable. CVE-2013-2021: https://bugzilla.clamav.net/show_bug.cgi?id=7053 overflow due to PDF key length computation. Potentially exploitable. CVE-2013-????: https://bugzilla.clamav.net/show_bug.cgi?id=7054 NULL pointer dereference in sis parsing.
Here's Mandriva's advisory with the CVE and upstream bug references: http://www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2013:159/
Original bug URL: http://www.openwall.com/lists/oss-security/2013/04/24/3
URL: http://www.openwall.com/lists/oss-security/2013/04/24/3 => http://lwn.net/Vulnerabilities/548896/
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0132
Status: ASSIGNED => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED