Ubuntu
clamav package

lp:ubuntu/gutsy-security/clamav

Gutsy (7.10)
gutsy-security

Created by James Westby on 2011-04-08 and last modified on 2011-04-08

Get this branch:: bzr branch lp:ubuntu/gutsy-security/clamav

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Development

Recent revisions

44. By Scott Kitterman on 2009-01-17

[ Leonel Nunez ]
* SECURITY UPDATE:
* [CVE-2008-5314]: remote attack by sending a specially crafted JPEG file
  libclamav/special.c, libclamav/special.h, libclamav/scanners.c
* [CVE-2008-3912]: libclamav/mbox.c, libclamav/message.c: out-of-memory
  null dereferences
* [CVE-2008-3914]: libclamav/htmlnorm.c, libclamav/others.c,
  libclamav/sis.c: fd leaks
* [CVE-2008-3913]: freshclam/manager.c: memory leaks
* added 29_CVE-2008-3912.dpatch 30_CVE-2008-3913.dpatch
   32_cli_check_jpeg_exploit.dpatch 31_CVE-2008-3914.dpatch
* References: LP #271546, #304017

[ Scott Kitterman ]
* SECURITY UPDATE: re-enable modules disabled due to resolved security
deficiencies:
* References: Clamav svn commit 4550 LP: #317923

43. By Leonel Nunez on 2008-11-11

* SECURITY UPDATE: fix off-by-one heap overflow
* References : LP #296704, Debian Bug #505134
* Updated 28_of-by-1.dpatch
- libclamav/vba_extract.c

42. By Michael Casadevall on 2008-07-17

* SECURITY UPDATE: fix possible DoS due to invalid memory access
* Updated 27_petite.c.dpatch (LP: #249316)
  - libclamav/petite.c: fix one more spot
* References
  CVE-2008-2713
  Debian Bug #490925

41. By Leonel Nunez on 2008-06-09

* SECURITY UPDATE: fix possible invalid memory access
* added 27_petite.c.dpatch: (LP: #238575)
- libclamav/petite.c: fix possible invalid memory access
* References
CVE-2008-2713

40. By Jamie Strandboge on 2008-06-02

no change rebuild for -security

39. By Leonel Nunez on 2008-04-07

* SECURITY UPDATE: Possible heap corruprion
* Added 31_mew.c-CVE-2008-0728.dpatch
* References: CVE-2008-0728 ( LP: #213500 )

38. By Leonel Nunez on 2008-02-11

* SECURITY UPDATE: possible integer overflow and tempfile symlink
vulnerability
* Added 29_others.c.CVE-2007-6595.dpatch: Fixes Tempfile symlink
vulnerability
* Added 30__pe.c.CVE-2008-0318.dpatch: Fixes posible integer overflow
* References CVE-2007-6595 CVE-2008-0318 (LP: 191150)

37. By Leonel Nunez on 2008-01-10

* SECURITY UPDATE: arbitrary code execution via bzip header overflow.
* Add 28_bzlib_private.h-CVE-2007-6337.dpatch: upstream fixes for
vulnerability in the bzip2 decompression algorithm (LP: #181830).
* References
CVE-2007-6337

36. By Leonel Nunez on 2007-12-19

* SECURITY UPDATE: Remote code execution
* [CVE-2007-6336]: libclamav/mspack.c: Off-by-one error in LZX_READ_HUFFSYM
* [CVE-2007-6335]: libclamav/pe.c: MEW PE File Integer Overflow

35. By Scott Kitterman on 2007-10-12

Correct Postfix socket location for clamav-milter in
debian/clamav-milter.default (LP: #151850)

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/natty/clamav

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Ubuntuclamav package