[ MDVSA-2008:189 ] clamav

Mandrivan turvallisuustiedotteiden tuoreimmat

[ MDVSA-2008:189 ] clamav

Uusi viestiKirjoittaja dude67 » 11 Syys 2008, 20:55

clamav

Multiple vulnerabilities were discovered in ClamAV and corrected with
the 0.94 release, including:

A vulnerability in ClamAV's chm-parser allowed remote attackers to
cause a denial of service (application crash) via a malformed CHM file
(CVE-2008-1389).

A vulnerability in libclamav would allow attackers to cause a
denial of service via vectors related to an out-of-memory condition
(CVE-2008-3912).

Multiple memory leaks were found in ClamAV that could possibly allow
attackers to cause a denial of service via excessive memory consumption
(CVE-2008-3913).

A number of unspecified vulnerabilities in ClamAV were reported that
have an unknown impact and attack vectors related to file descriptor
leaks (CVE-2008-3914).

Other bugs have also been corrected in 0.94 which is being provided
with this update. Because this new version has increased the major
of the libclamav library, updated dependent packages are also being
provided.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cg ... -2008-1389
http://cve.mitre.org/cgi-bin/cvename.cg ... -2008-3912
http://cve.mitre.org/cgi-bin/cvename.cg ... -2008-3913
http://cve.mitre.org/cgi-bin/cvename.cg ... -2008-3914
_______________________________________________________________________
Kuva
1. Mageia-1 KDE4 x86_64 (& Win7 Pro) | desktop
2. Mageia-2 KDE4 (& Win7 Home Premium) | laptop Acer 7530
3. Mageia-1 KDE4 (& Win7 Starter) | Samsung NC-10 miniläppäri
4. Mageia-1 KDE4 | serverinä toimiva desktop
Luotettavaa Linux käyttöä jo Mandriva 2006.0:sta lähtien :)
Avatar
dude67
Site Admin
 
Viestit: 2256
Liittynyt: 27 Syys 2007, 16:58
Paikkakunta: Espoo

Paluu Mandrivan turvallisuustiedotteet

Paikallaolijat

Käyttäjiä lukemassa tätä aluetta: Ei rekisteröityneitä käyttäjiä ja 43 vierailijaa

cron