Articles / Debian: New clamav packages…

Debian: New clamav packages fix potential DOS

A number of potential remote DOS vulnerabilities have been identified in ClamAV. These issues could allow a carefully crafted message to crash a ClamAV scanner or exhaust various resources on the machine running the scanner. Fixed packages are available from .
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA 737-1                                     Michael Stone
July 05, 2005               
- ------------------------------------------------------------------------

Package        : clamav
Vulnerability  : various DOS vulnerabilities
Problem type   : remote DOS
Debian-specific: no
CVE Id(s)      : CAN-2005-1922, CAN-2005-1923, CAN-2005-2056, CAN-2005-2070

A number of potential remote DOS vulnerabilities have been identified in
ClamAV. In addition to the four issues identified by CVE ID above, there
are fixes for issues in libclamav/cvd.c and libclamav/message.c.
Together, these issues could allow a carefully crafted message to crash
a ClamAV scanner or exhaust various resources on the machine running the

For the stable distribution (sarge), these problems have been fixed in
version 0.84-2.sarge.1.

We recommend that you upgrade your clamav package.

Upgrade instructions
- --------------------

wget url
       will fetch the file for you
dpkg -i file.deb
       will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
       will update the internal database
apt-get upgrade
       will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian 3.1 (sarge)
- ------------------

 Sarge was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.

 Source archives:
     Size/MD5 checksum:      990 45ab13b2916ea6e124ea508589dc2513
     Size/MD5 checksum:   165385 4b728b8f0fc9bd18cdbb9362369f9374
     Size/MD5 checksum:  4006624 c43213da01d510faf117daa9a4d5326c

 Architecture independent packages:
     Size/MD5 checksum:   153988 20db24662262e0b9dfa7aa75e97f5571
     Size/MD5 checksum:   122964 2dee7ac0a4733f43062055198abdadc1
     Size/MD5 checksum:   689196 96e29e17789a201af6f3dbb735aa8e86

 alpha architecture (DEC Alpha)
     Size/MD5 checksum:  2176330 e1ce57da96c8f7ba1d9e69f392870658
     Size/MD5 checksum:    74680 c0182e60e49ae35ab39c30920878bcdc
     Size/MD5 checksum:   283114 3e84390b59d5af7774971b8b4c450e39
     Size/MD5 checksum:   253394 58e508402215780d700c04f511ee8d7d
     Size/MD5 checksum:    42122 6bd307350ce2b26acf5f4de59f497794
     Size/MD5 checksum:    48772 d5a7634ec79fd31b2ed99ec622a96c40

 arm architecture (ARM)
     Size/MD5 checksum:  2171212 92dd89faef07eadb80b1e2bbb487ccc5
     Size/MD5 checksum:    37296 86712c3b9f80f020284c1e47c29b9ee6
     Size/MD5 checksum:    39508 766654a8a9995a0f9d3a8b109d333b99
     Size/MD5 checksum:   172722 4702e8e11065c3e23590b64291631914
     Size/MD5 checksum:   247434 179dfac5e8992a9258cba01f489ca7bc
     Size/MD5 checksum:    63810 0f39f35595799adba1e1289108f5ea53

 hppa architecture (HP PA RISC)
     Size/MD5 checksum:    68188 ff19cd8aca67fa7aad210d88864a453b
     Size/MD5 checksum:  2173628 62ec88ef2b2f3112659dccf0ef66613f
     Size/MD5 checksum:    43238 9b571f93adeaf8020371aa59f541dfeb
     Size/MD5 checksum:   280704 d517965637074ba48f158c0bddb82d9a
     Size/MD5 checksum:    39460 3d0a7396633a88f9066e124a1001b673
     Size/MD5 checksum:   200322 9ee598c6a6fa684611b9d29241bd1d09

 i386 architecture (Intel ia32)
     Size/MD5 checksum:   251926 51b46d70e05f5417532aab94c7dd6eae
     Size/MD5 checksum:    65170 04f2a69b6266171654fd57d7577305cf
     Size/MD5 checksum:    40224 7eb9bd0badd30123381cdc2244dff6d6
     Size/MD5 checksum:   157906 bd7b53ae3468b06f356e3e3370035bd6
     Size/MD5 checksum:    38068 3ef8d62ca2f8af2027db477f04c93979
     Size/MD5 checksum:  2171548 f02b058573d0ce47f1e0f8a4f6599f33

 ia64 architecture (Intel ia64)
     Size/MD5 checksum:    55088 b6aa3ba3880bc3d5aebf6c1bc3951326
     Size/MD5 checksum:  2180072 214adf5f285ad624e6744e9128e06f34
     Size/MD5 checksum:    49192 29a386cfac367dd659430e1aca3e04dd
     Size/MD5 checksum:    81704 a0c11d330719a27c296b88634b953d7a
     Size/MD5 checksum:   314816 e3854f4a055f16bf563515ef83e5abf4
     Size/MD5 checksum:   249462 063fe07e837dee3f52f5ba47a66d29d3

 m68k architecture (Motorola Mc680x0)
     Size/MD5 checksum:   144754 44a88bbe267a6cbf7ea55e42e58671ec
     Size/MD5 checksum:    35068 f507ca3a8730f37330d816beaa56e168
     Size/MD5 checksum:    38088 6858b82dec09fa97770fcc8e10865cba
     Size/MD5 checksum:  2170444 3e3cdaa835838fe85177b36fccb3a843
     Size/MD5 checksum:    62458 847986f045f59c26905116889b2066d1
     Size/MD5 checksum:   248324 f26c08e0192d43000a8df2596aa38bcb

 mips architecture (MIPS (Big Endian))
     Size/MD5 checksum:  2172960 897382cb5c5ba5d8a9d110bd79a19e09
     Size/MD5 checksum:   193560 4835e74c37f560ca8044db911a6358d7
     Size/MD5 checksum:    43664 d17e5f89d441d6d83dde9969f3b1fb37
     Size/MD5 checksum:    67852 f27d620c68cd6304e9bc463602d77c01
     Size/MD5 checksum:    37670 107b733da72668d17220fe0bdfa805d4
     Size/MD5 checksum:   255276 edfe71ac3f6d24a7ea824f9ace06f482

 mipsel architecture (MIPS (Little Endian))
     Size/MD5 checksum:  2172922 94bad9cc0de7538cc4f71ba7c6b7d7df
     Size/MD5 checksum:   189818 9c26e78b9dbfc1819bc9c0e4db51ffde
     Size/MD5 checksum:   252688 f85304c4271406913ec7f4912bd549a3
     Size/MD5 checksum:    43480 592fba9185897c20d9f80676f4e82d30
     Size/MD5 checksum:    67494 3c72fac489ac473bc7ae7c3b853df115
     Size/MD5 checksum:    37960 c14d7359a8861769f99ced4bc8e79ab6

 powerpc architecture (PowerPC)
     Size/MD5 checksum:   185860 a16ed6de40309ebf5416be527979b0ab
     Size/MD5 checksum:    38872 1935692d1134cbbf6645ec0cd309834d
     Size/MD5 checksum:    69234 4296d8fe45db28c94ecacc983409b951
     Size/MD5 checksum:   262318 498c34c716b47a93ad0eba5a6aaaa3dc
     Size/MD5 checksum:    44578 d031213f49f04f9bd7b2418e21943911
     Size/MD5 checksum:  2173540 a9f0d11dbed04bd72f94b1eac97ca41f

 s390 architecture (IBM S/390)
     Size/MD5 checksum:   266996 360bb7b5bd2593d8601c00a663ed5a38
     Size/MD5 checksum:    67782 5245801f0b13779b9b4a99974ca19bea
     Size/MD5 checksum:  2172862 f7908b1ecf02aa2caef7778e440c1d93
     Size/MD5 checksum:    43422 17abea4bf457a747d8b62c27af78d504
     Size/MD5 checksum:    38936 8ec95f29d7cee631b1451ecc9cc97e09
     Size/MD5 checksum:   180852 604d74d06225f105763b0844af66cfe3

 sparc architecture (Sun SPARC/UltraSPARC)
     Size/MD5 checksum:  2171084 89a8fdbef7aa886bfc85da3e32969641
     Size/MD5 checksum:   174352 15b7ec68667d8c919ddfb242c1fbba35
     Size/MD5 checksum:    36848 8c982ca9f8c9305aa04ebb5054180061
     Size/MD5 checksum:    64332 72ec3fe2dcf04bda145acc1e1737eb2c
     Size/MD5 checksum:   262698 90ef80c039a660e566196483ba07f488
     Size/MD5 checksum:    39380 1641564e1819fb17cf8962c0a58ee38c

- -------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
Package info: `apt-cache show ' and
Version: GnuPG v1.4.1 (GNU/Linux)


Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.


Project Spotlight


An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.