bh: doc/www/src/security kolab-vendor-notice-02.txt,NONE,1.1
cvs at intevation.de
cvs at intevation.de
Wed Jul 27 16:16:38 CEST 2005
Author: bh
Update of /kolabrepository/doc/www/src/security
In directory doto:/tmp/cvs-serv31396/www/src/security
Added Files:
kolab-vendor-notice-02.txt
Log Message:
Add security advisory for the clamav buffer overrun and a corresponding
news item
--- NEW FILE: kolab-vendor-notice-02.txt ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Kolab Security Issue 02 20050727
================================
Package: Kolab Server
Vulnerability: buffer overflow, remotely exploitable
Kolab Specific: no
Dependent Packages: none
Summary
- -------
The Clam AntiVirus package contains several buffer overflows that can be
exploited remotely.
Affected Versions
- -----------------
This affects all servers which have ClamAV 0.86.1 or earlier versions running.
Kolab Server 2.0 and previous releases of the 2.0 branch are affected.
Fixes
- -----
Upgrade to ClamAV 0.86.2.
A new ClamAV RPM is available from the Kolab download mirrors as the
file security-updates/20050727/clamav-0.86.2-20050726.src.rpm
The mirrors are listed on http://kolab.org/mirrors.html
While the mirrors are catching up, you can also get the package via rsync:
# rsync -tzv rsync://rsync.kolab.org/kolab/server/security-updates/20050727/clamav-0.86.2-20050726.src.rpm .
This package can be installed on your Kolab Server with
# /kolab/bin/openpkg rpm --rebuild clamav-0.86.2-20050726.src.rpm
# /kolab/bin/openpkg rpm \
-Uvh /kolab/RPM/PKG/clamav-0.86.2-20050726.<ARCH>-<OS>-kolab.rpm
##optional
# /kolab/bin/freshclam
Details
- -------
http://www.securityfocus.com/bid/14359
the vulnerabilities present themselves when
the ClamAV antivirus library handles malformed files.
Details of the vulnerability can be found in
http://www.rem0te.com/public/images/clamav.pdf
At least 4 of its file format processors contain remote security bugs.
Specifically, during the processing of TNEF, CHM, & FSG
formats an attacker is able to trigger several integer overflows
These vulnerabilities can be reached by default
and triggered without user interaction
by sending an e-mail containing crafted data.
Timeline
- --------
20050725 clamav vulnerability published by rem0te
20050727 kolab update and security advisory published
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFC55W50vCiU5+ISsgRAuRRAJwPMHzzXu0FwB9GeEv6kq3WOBqvdwCeLKot
d85iJsTD7wjyY+ebkIzklQk=
=NPAR
-----END PGP SIGNATURE-----
More information about the commits
mailing list