Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 185013 - app-antivirus/clamav < 0.91 null pointer dereference in rar unpacker (CVE-2007-3725)
Summary: app-antivirus/clamav < 0.91 null pointer dereference in rar unpacker (CVE-200...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa] jaervosz
Keywords:
: 185177 (view as bug list)
Depends on:
Blocks:
 
Reported: 2007-07-11 23:23 UTC by Hanno Böck
Modified: 2011-10-30 22:39 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Hanno Böck gentoo-dev 2007-07-11 23:23:47 UTC
See http://www.metaeye.org/advisories/54
Comment 1 Jakub Moc (RETIRED) gentoo-dev 2007-07-13 21:03:47 UTC
*** Bug 185177 has been marked as a duplicate of this bug. ***
Comment 2 Sune Kloppenborg Jeppesen gentoo-dev 2007-07-15 10:32:49 UTC
net-mail/antivirus please provide an updated ebuild.
Comment 3 Torsten Veller (RETIRED) gentoo-dev 2007-07-15 12:25:09 UTC
From Hanno's link:
"Fix: Upgrade to version 0.91."

0.91 is in the tree since Jul 11.

Ticho should be back this evening for further comments if needed.
Comment 4 Hanno Böck gentoo-dev 2007-07-15 12:48:12 UTC
You're right, fixed version is already in the tree.
Archs, please stabilize 0.91.
Comment 5 Raúl Porcel (RETIRED) gentoo-dev 2007-07-15 17:02:20 UTC
alpha/ia64/x86 stable
Comment 6 Tobias Scherbaum (RETIRED) gentoo-dev 2007-07-15 20:48:00 UTC
ppc stable
Comment 7 Gustavo Zacarias (RETIRED) gentoo-dev 2007-07-16 12:37:05 UTC
sparc stable.
Long live 0.91! (which starts up much much faster than 0.90)
Comment 8 Marcus D. Hanwell (RETIRED) gentoo-dev 2007-07-16 18:35:50 UTC
Already marked stable by Steve Dibb (beandog) on amd64.
Comment 9 Markus Rothe (RETIRED) gentoo-dev 2007-07-16 19:06:48 UTC
ppc64 stable
Comment 10 Jeroen Roovers gentoo-dev 2007-07-17 06:10:58 UTC
Stable for HPPA.
Comment 11 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-07-26 11:27:08 UTC
Time to vote here. I tend to vote Yes.
Comment 12 Sune Kloppenborg Jeppesen gentoo-dev 2007-07-26 15:20:42 UTC
I vote YES.
Comment 13 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-07-29 22:16:19 UTC
Yes too (MTA DoS) (ClamAV should think about restarting itself in case of problem, like mysqld_safe for example...)
Comment 14 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-08-09 22:23:23 UTC
it's GLSA 200708-04, sorry for the delay