Bug 118459

Summary:	app-antivirus/clamav possible heap overflow (CVE-2006-0162)
Product:	Gentoo Security	Reporter:	Sune Kloppenborg Jeppesen (RETIRED) <jaervosz>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	major	CC:	antivirus, net-mail+disabled
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://sourceforge.net/project/shownotes.php?release_id=384086
Whiteboard:	B1? [glsa] DerCorny
Package list:		Runtime testing required:	---

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-01-09 13:58:40 UTC

http://lurker.clamav.net/message/20060109.213247.a16ae8db.en.html

 A possible heap overflow in the UPX code has been fixed. General improvements
 include better zip and mail processing, and support for a self-protection mode.
 The security of the UPX, FSG and Petite modules has been improved, too.

Comment 1 Andrej Kacian (RETIRED) gentoo-dev

2006-01-09 14:25:20 UTC

FYI, I've just added ebuild for 0.88 to portage.

Comment 2 Stefan Cornelius (RETIRED) gentoo-dev

2006-01-09 14:34:38 UTC

arches please test and mark stable, thanks

Comment 3 Andrej Kacian (RETIRED) gentoo-dev

2006-01-09 14:36:56 UTC

Works fine on x86

Comment 4 Fernando J. Pereda (RETIRED) gentoo-dev

2006-01-09 14:56:17 UTC

Stable on alpha

Comment 5 Gustavo Zacarias (RETIRED) gentoo-dev

2006-01-10 05:16:33 UTC

sparc stable.

Comment 6 Tobias Scherbaum (RETIRED) gentoo-dev

2006-01-11 06:05:50 UTC

ppc stable

Comment 7 Simon Stelling (RETIRED) gentoo-dev

2006-01-12 05:41:24 UTC

amd64 stable, sorry for the delay

Comment 8 René Nussbaumer (RETIRED) gentoo-dev

2006-01-12 11:19:53 UTC

Stable on hppa. Sorry for the delay.

Comment 9 Markus Rothe (RETIRED) gentoo-dev

2006-01-12 13:24:27 UTC

stable on ppc64

Comment 10 Stefan Cornelius (RETIRED) gentoo-dev

2006-01-12 13:27:26 UTC

ready for glsa

Comment 11 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-01-12 23:18:40 UTC

GLSA 200601-07

ia64 don't forget to mark stable to benifit from the GLSA.