lp:ubuntu/dapper-updates/clamav
- Get this branch:
- bzr branch lp:ubuntu/dapper-updates/clamav
Branch merges
Branch information
Recent revisions
- 25. By Jamie Strandboge
-
* SECURITY UPDATE: fix integer overflow in BZ2_decompress()
- libclamav/nsis/bzlib. c: return error if N is larger than 2*1024^2 which
keeps us from overflowing but leaves enough room for the 900k maximum
value of the RUNA/RUNB encoding
- patch based on upstream bzip2
- CVE-2010-0405 - 24. By Jamie Strandboge
-
* SECURITY UPDATE: fix crash via heap overflow when processing malformed
PDF file
- libclamav/pdf.c: make sure enough space is allocated for tmpbuf in
cli_pdf()
- https://wwws.clamav. net/bugzilla/ show_bug. cgi?id= 2016
- clamav git f0eb394501ec21b9fe67f36cbf5db7 88711d4236 - 23. By Scott Kitterman
-
* SECURITY UPDATE: (LP: #553266)
* References clamav bugs #1771 and #1826
* libclamav/mspack.c: fix Quantum decompressor (bb#1771)
- clamav git 224fee54dd6cd8933d7007331ec2bf ca0398d4b4
* libclamav/mspack.c: improve unpacking of malformed cabinets (bb#1826)
- clamav git 31b77b3fb589ab07e7b4d84f8b3825 178864ee51
* debian/clamav- milter. templates: remove comments and blank lines at the
beginning of the file since Dapper doesn't like them (LP: #558598) - 20. By Scott Kitterman
-
[ Leonel Nunez ]
* SECURITY UPDATE:
* [CVE-2008-5314]: remote attack by sending a specially crafted JPEG
file
libclamav/special. c, libclamav/ special. h, libclamav/ scanners. c
* [CVE-2008-3912]: libclamav/mbox.c, libclamav/message. c:
out-of-memory null dereferences
* [CVE-2008-3914]: libclamav/htmlnorm. c, libclamav/others.c,
libclamav/sis.c: fd leaks
* [CVE-2008-3913]: freshclam/manager. c: memory leaks
* added 29_CVE-2008-3912. dpatch 30_CVE- 2008-3913. dpatch
32_cli_check_jpeg_ exploit. dpatch 31_CVE- 2008-3914. dpatch
* References: LP #271546, #304017[ Scott Kitterman ]
* SECURITY UPDATE: re-enable modules disabled due to resolved security
deficiencies:
* References: Clamav svn commit 4550, LP #317923 - 19. By Leonel Nunez
-
* SECURITY UPDATE: fix off-by-one heap overflow
* References : LP #296704, Debian Bug #505134
* Updated 28_of-by-1.dpatch
- libclamav/vba_extract. c - 18. By Michael Casadevall
-
* SECURITY UPDATE: fix possible DoS due to invalid memory access
* References
CVE-2008-2713
Debian Bug #490925
* Updated 27_petite.c.dpatch (LP: #249316)
- libclamav/petite.c: fix one more spot - 17. By Leonel Nunez
-
* SECURITY UPDATE: fix possible invalid memory access
* added 27_petite.c.dpatch: (LP: #238575)
- libclamav/petite.c: fix possible invalid memory access
* References
CVE-2008-2713
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/natty/clamav