ClamAV Multiple Integer Overflow Vulnerabilities

Solution:
The vendor has released ClamAV 0.86.2 to address these issues.

Gentoo Linux has released security advisory GLSA 200507-25 addressing this issue. Gentoo recommends all Clam AntiVirus users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.86.2"

SUSE advisory SUSE-SR:2005:018 is available to address various issues. Please see the referenced advisory for more information.

Mandriva has released security advisory MDKSA-2005:125 addressing this issue. Please see the referenced advisory for details on obtaining and applying the appropriate updates.

Conectiva Linux has released security advisory CLSA-2005:987 addressing this issue. Please see the referenced advisory for details on obtaining and applying the appropriate updates.

Debian has released advisory DSA 776-1 and fixes to address this issue. Please see the referenced advisory for links to fixed packages.


Clam Anti-Virus ClamAV 0.51

Clam Anti-Virus ClamAV 0.52

Clam Anti-Virus ClamAV 0.53

Clam Anti-Virus ClamAV 0.54

Clam Anti-Virus ClamAV 0.60

Clam Anti-Virus ClamAV 0.65

Clam Anti-Virus ClamAV 0.67

Clam Anti-Virus ClamAV 0.68

Clam Anti-Virus ClamAV 0.68 -1

Clam Anti-Virus ClamAV 0.70

Clam Anti-Virus ClamAV 0.80 rc4

Clam Anti-Virus ClamAV 0.80

Clam Anti-Virus ClamAV 0.80 rc3

Clam Anti-Virus ClamAV 0.80 rc1

Clam Anti-Virus ClamAV 0.80 rc2

Clam Anti-Virus ClamAV 0.81

Clam Anti-Virus ClamAV 0.82

Clam Anti-Virus ClamAV 0.83

Clam Anti-Virus ClamAV 0.84

Clam Anti-Virus ClamAV 0.84 rc1

Clam Anti-Virus ClamAV 0.84 rc2

Clam Anti-Virus ClamAV 0.85

Clam Anti-Virus ClamAV 0.85.1

Clam Anti-Virus ClamAV 0.86 .1

Clam Anti-Virus ClamAV 0.86


 

Privacy Statement
Copyright 2010, SecurityFocus