Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 100178 - app-antivirus/clamav 0.86.2 fixes integer overflows
Summary: app-antivirus/clamav 0.86.2 fixes integer overflows
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High critical (vote)
Assignee: Gentoo Security
URL: http://www.securityfocus.com/archive/...
Whiteboard: A1 [glsa] jaervosz
Keywords:
: 100248 (view as bug list)
Depends on:
Blocks:
 
Reported: 2005-07-24 22:21 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified: 2005-07-26 13:57 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-07-24 22:21:28 UTC
From Changelog: 
 
libclamav/fsg.c: Fix possible integer overflow (acab) Reported by Alex 
Wheeler. 
libclamav/chmunpack.c: Fix possible malloc overflow (trog) Reported by Alex 
Wheeler. 
libclamav/tnef.c: Fix possible crash if the length field is 0 or negative in 
headers (njh) Reported by Alex Wheeler (alexbling at gmail.com)
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-07-24 22:25:06 UTC
net-mail/antivirus please advise and provide an updated ebuild if needed. I'm 
not sure how easy these are to exploit, not much detail provided. 
Comment 2 Andrej Kacian (RETIRED) gentoo-dev 2005-07-25 02:44:14 UTC
Eh, I have committed the ebuild first thing this morning, when I found sf.net
release announce in my mail, before reading this bug. So, there goes, unstable
for all used arches. :)
Comment 3 Andrej Kacian (RETIRED) gentoo-dev 2005-07-25 02:59:04 UTC
Looks like the third mentioned overflow would be easy to exploit, since all it
takes is wrong value in headers of incoming data. Second one should be
exploitable as well, judging from the code, since it deals with too long filename.

As for the first mentioned changelog entry, it's some sort of boundary checking,
but I don't know clamav code too well, so I couldn't say whether it was
something with internal data, or with outside data.
Comment 4 Stefan Cornelius (RETIRED) gentoo-dev 2005-07-25 09:42:04 UTC
*** Bug 100248 has been marked as a duplicate of this bug. ***
Comment 5 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-07-25 10:38:02 UTC
Arches please test and mark stable. 
Comment 6 René Nussbaumer (RETIRED) gentoo-dev 2005-07-25 11:28:31 UTC
Stable on hppa
Comment 7 Herbie Hopkins (RETIRED) gentoo-dev 2005-07-25 12:03:50 UTC
Stable on amd64.
Comment 8 Gustavo Zacarias (RETIRED) gentoo-dev 2005-07-25 12:06:08 UTC
sparc stable.
Comment 9 Tobias Scherbaum (RETIRED) gentoo-dev 2005-07-25 12:30:53 UTC
ppc stable
Comment 10 Andrej Kacian (RETIRED) gentoo-dev 2005-07-25 13:01:41 UTC
x86 happy
Comment 11 Markus Rothe (RETIRED) gentoo-dev 2005-07-25 23:36:56 UTC
stable on ppc64
Comment 12 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-07-26 13:31:58 UTC
Stable on alpha, bug 100178.  
 
Thx kloeri 
Comment 13 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-07-26 13:57:10 UTC
GLSA 200507-25