Bug 387521

Comment 1 Tim Sammut (RETIRED) 2011-10-18 14:48:13 UTC

Thanks, Hanno.

@net-mail or @antivirus, 0.97.3 is already in the tree. Ok to stabilize it?

Comment 2 Tim Harder 2011-10-18 16:47:32 UTC

(In reply to comment #1)
> Thanks, Hanno.
> 
> @net-mail or @antivirus, 0.97.3 is already in the tree. Ok to stabilize it?

Yes, arches go ahead.

Comment 3 Agostino Sarubbo 2011-10-18 17:00:12 UTC

Arches, please test and mark stable:

=app-antivirus/clamav-0.97.3
target KEYWORDS : "alpha amd64 hppa ia64 ppc ppc64 sparc x86"

Comment 4 Agostino Sarubbo 2011-10-18 22:38:41 UTC

looks perfect on a server, amd64 ok

Comment 5 Jeroen Roovers (RETIRED) 2011-10-19 09:21:20 UTC

Stable for HPPA.

Comment 6 Ian Delaney (RETIRED) 2011-10-19 10:45:43 UTC

amd64:

all ok

Comment 7 Tony Vroon (RETIRED) 2011-10-19 11:06:24 UTC

+  19 Oct 2011; Tony Vroon <chainsaw@gentoo.org> clamav-0.97.3.ebuild:
+  Marked stable on AMD64 based on arch testing by Agostino "ago" Sarubbo & Ian
+  "idella4" Delaney in security bug #387521.

Comment 8 Paweł Hajdan, Jr. (RETIRED) 2011-10-22 07:18:52 UTC

x86 stable

Comment 9 Raúl Porcel (RETIRED) 2011-10-22 11:57:20 UTC

alpha/ia64/sparc stable

Comment 10 Kacper Kowalik (Xarthisius) (RETIRED) 2011-10-22 19:08:10 UTC

We'll need toc workaround[1] for ppc64 before stabilizing, you're ok if I add it?
I'm pretty sure it wasn't needed before :/

[1] use ppc64 && append-flags -mminimal-toc

Comment 11 Kacper Kowalik (Xarthisius) (RETIRED) 2011-10-23 08:24:34 UTC

ppc/ppc64 stable, last arch done

Comment 12 Tim Sammut (RETIRED) 2011-10-23 14:34:33 UTC

Thanks, everyone. Added to pending GLSA request.

Comment 13 GLSAMaker/CVETool Bot 2011-10-23 14:59:36 UTC

This issue was resolved and addressed in
 GLSA 201110-20 at http://security.gentoo.org/glsa/glsa-201110-20.xml
by GLSA coordinator Tim Sammut (underling).

The posted GLSA (http://www.gentoo.org/security/en/glsa/glsa-201110-20.xml)
says:

  Vulnerable version: < 0.97.3
  [...]
  NOTE: This is a legacy GLSA. Updates for all affected architectures are
  available since August 27, 2011. It is likely that your system is already no
  longer affected by this issue. 

Since 0.97.3 was added to the tree only 5 days ago, it seems impossible that
any updates were available on August 27, 2011.

Comment 15 Tim Sammut (RETIRED) 2011-10-24 15:46:52 UTC

(In reply to comment #14)
> The posted GLSA (http://www.gentoo.org/security/en/glsa/glsa-201110-20.xml)
> says:
> 
>   Vulnerable version: < 0.97.3
>   [...]
>   NOTE: This is a legacy GLSA. Updates for all affected architectures are
>   available since August 27, 2011. It is likely that your system is already no
>   longer affected by this issue. 
> 
> Since 0.97.3 was added to the tree only 5 days ago, it seems impossible that
> any updates were available on August 27, 2011.

Thanks for letting me know, Nick. I have corrected the advisory and it should show up online shortly.

http://www.gentoo.org/security/en/glsa/glsa-201110-20.xml

Comment 16 GLSAMaker/CVETool Bot 2011-11-18 06:19:20 UTC

CVE-2011-3627 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3627):
  The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause
  a denial of service (crash) via vectors related to "recursion level" and (1)
  libclamav/bytecode.c and (2) libclamav/bytecode_api.c.