Ubuntu
clamav package

Remote DoS and Remote execution

Bug #141073 reported by Leonel Nunez
254
Affects Status Importance Assigned to Milestone
clamav (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Remote DoS Reference CVE-2007-4510
Remove code executtion CVE-2007-4560

CVE References

Revision history for this message
Leonel Nunez (leonelnunez) wrote :

Debdiff with patches taken from Debian

Revision history for this message
Leonel Nunez (leonelnunez) wrote :

Patches applied packages builded with pbuilder packages installed fine
need testing for clamav-milter

Revision history for this message
Leonel Nunez (leonelnunez) wrote :

The .orig was because there were 2 warnings while patching htmlnorm.c and the patch created an orig file

applied the patch manually
and recreated the debdiff

Revision history for this message
Leonel Nunez (leonelnunez) wrote :

clamav (0.90.2-0ubuntu1.4) feisty-security; urgency=low

  * SECURITY UPDATE: Remote DoS and Remote code execution (LP: #141073).
  * Added 56_cve-2007-4510.dpatch: libclamav/rfc.c, libclamav/htmlnorm.c:
    fix DoS in RTF and RFC2397 Parsers.
  * Added 57_cve-2007-4560.dpatch: clamav-milter/clamav-milter.c: fix remote
    command execution.
  * References
    CVE-2007-4510
    CVE-2005-4560

 -- Leonel Nunez <email address hidden> Wed, 19 Sep 2007 18:51:01 -0600

Changed in clamav:
status: New → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.