bernhard: doc/www/src/security kolab-vendor-notice-10.txt,NONE,1.1
cvs at kolab.org
cvs at kolab.org
Thu Aug 10 17:50:53 CEST 2006
Author: bernhard
Update of /kolabrepository/doc/www/src/security
In directory doto:/tmp/cvs-serv2808
Added Files:
kolab-vendor-notice-10.txt
Log Message:
Added security notice 10.
--- NEW FILE: kolab-vendor-notice-10.txt ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Kolab Security Issue 09 20060810
================================
Package: Kolab Server, ClamAV
Vulnerability: buffer overflow, remotely exploitable (CVE-2006-4018)
Kolab Specific: no
Dependent Packages: none
Impact: high
Summary
~~~~~~~
The Clam AntiVirus package's freshclam component has a buffer overflow
in the handler for compressed UPX files that can be exploited remotely.
Affected Versions
~~~~~~~~~~~~~~~~~
This affects all servers which have ClamAV 0.81 up to 0.88.3 running.
Kolab Server 2.0.3, Kolab Server 2.1beta2 are vulnerable.
Previous releases are affected.
Fix
~~~
Upgrade to ClamAV 0.88.4
or to Kolab Server 2.0.4 which includes the new ClamAV.
The ClamAV RPM is available from the Kolab download mirrors as
security-updates/20060810/clamav-0.88.4-20060809.src.rpm
The mirrors are listed on http://kolab.org/mirrors.html
While the mirrors are catching up, you can also get the package via rsync:
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20060810/clamav-0.88.4-20060809.src.rpm .
MD5 sums:
943f2f4da69cb949a060e6ba102b4e44 clamav-0.88.4-20060809.src.rpm
The package can be installed on your Kolab Server with
# /kolab/bin/openpkg rpm --rebuild clamav-0.88.4-20060809.src.rpm
# /kolab/bin/openpkg rpm \
-Uvh /kolab/RPM/PKG/clamav-0.88.4-20060809.<ARCH>-<OS>-kolab.rpm
The installation process might leave a freshclam.conf.rpmsave or
clamd.conf.rpmsave in /kolab/etc/clamav/. Since freshclam.conf and
clamd.conf are generated files, remove the rpmsave files, run kolabconf
and make sure clamav starts. E.g.
# rm /kolab/etc/clamav/clamd.conf.rpmsave
# /kolab/sbin/kolabconf
# /kolab/etc/rc clamav start
Optionally update the virus signature files manually right away as test:
# /kolab/bin/freshclam
Details
~~~~~~~
http://www.clamav.net/security/0.88.4.html
ClamAV 0.88.4 security advisory.
Timeline
~~~~~~~~
20060807 ClamAV security release 0.88.4.
20060809 OpenPKG 0.88.4 package release in section CUR/SRC/PLUS.
20060810 Kolab Server security advisory published.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFE21Ueh9ag3dpKERYRAlFJAKCuRuN/MJcmQD/lr/R/JxqIM+GWUQCfZe7J
TZP9cLH8bbrjTUo9yJJjqXc=
=PL5e
-----END PGP SIGNATURE-----
More information about the commits
mailing list