Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 321157 (CVE-2010-1639) - <app-antivirus/clamav-0.96.1: off by one DoS, crash by malformed PDF (CVE-2010-{1639,1640})
Summary: <app-antivirus/clamav-0.96.1: off by one DoS, crash by malformed PDF (CVE-201...
Status: RESOLVED FIXED
Alias: CVE-2010-1639
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2010-05-23 10:07 UTC by Hanno Böck
Modified: 2010-09-29 20:54 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Hanno Böck gentoo-dev 2010-05-23 10:07:59 UTC
Although clamav regularly doesn't mention security issues in release notes, this contains two issues as being discussed on oss-security.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2010-05-25 13:01:03 UTC
Please provide an updated ebuild. This might be quite an issue for people running clamav on their mail-gateways...
Comment 2 Tobias Scherbaum (RETIRED) gentoo-dev 2010-05-25 16:35:34 UTC
0.96.1 in CVS.
Comment 3 Matthias Geerdsen (RETIRED) gentoo-dev 2010-05-30 17:57:29 UTC
Arches, please test and mark stable:
=app-antivirus/clamav-0.96.1
Target keywords : "alpha amd64 hppa ia64 ppc ppc64 sparc x86"
Comment 4 Tobias Heinlein (RETIRED) gentoo-dev 2010-05-30 20:13:35 UTC
CVE-2010-1639 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1639):
  The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1
  allows remote attackers to cause a denial of service (crash) via a
  malformed PDF file, related to an inconsistency in the calculated
  stream length and the real stream length.

CVE-2010-1640 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1640):
  Off-by-one error in the parseicon function in libclamav/pe_icons.c in
  ClamAV 0.96 allows remote attackers to cause a denial of service
  (crash) via a crafted PE icon that triggers an out-of-bounds read,
  related to improper rounding during scaling.

Comment 5 Andreas Schürch gentoo-dev 2010-05-31 13:39:49 UTC
All tests passed successful here on x86.
Comment 6 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-05-31 15:42:02 UTC
x86 stable, thanks Andreas
Comment 7 Markus Meier gentoo-dev 2010-05-31 20:24:17 UTC
amd64 stable
Comment 8 Joe Jezak (RETIRED) gentoo-dev 2010-05-31 20:51:15 UTC
Marked ppc/ppc64 stable.
Comment 9 Jeroen Roovers (RETIRED) gentoo-dev 2010-05-31 21:08:05 UTC
Stable for HPPA.
Comment 10 Raúl Porcel (RETIRED) gentoo-dev 2010-06-05 14:58:37 UTC
alpha/ia64/sparc stable
Comment 11 Alex Legler (RETIRED) archtester gentoo-dev Security 2010-08-11 20:30:53 UTC
Fixing the completely screwed up whiteboard.

GLSA together with bug 314087.
Comment 12 Stefan Behte (RETIRED) gentoo-dev Security 2010-09-29 20:54:37 UTC
GLSA 201009-06, thanks everyone.