[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-users:44464] [Translate] [SECURITY] [DSA 776-1] New clamav packages fix several problems



かねこです。
URL 等は Debian-security-announce メーリングリストの元記事を確認
ください。

------>8------------>8------------>8------------>8------------>8-
- --------------------------------------------------------------------------
Debian Security Advisory DSA 776-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
August 16th, 2005                        http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : clamav
Vulnerability  : 整数オーバフロー、無限ループ
Problem-Type   : リモート
Debian-specific: いいえ
CVE ID         : CAN-2005-2450
BugTraq ID     : 14359

mail サーバと協調して添付ファイルのスキャンを行う Unix 向けアンチウィル
ススキャナ Clam AntiVirus にいくつかのバグが発見されました。The Common
Vulnerabilities and Exposures project では以下の問題を認識しています。

CAN-2005-2450

    Neel Mehta さんと Alex Wheeler さんにより、TNEF、CHM および FSG 形
    式のファイルを扱う際の Clam AntiVirus での整数オーバフロー欠陥が発
    見されました。

CVE-NOMATCH

    Mark Pizzolato さんにより、サービス不能攻撃を引き起こす、無限ループ
    をおこす可能性のあるバグが修正されました。

前安定版 (oldstable) ディストリビューション (woody) には、clamav は収録さ
れていません。

安定版  (stable) ディストリビューション (sarge) では、この問題はバージョ
ン 0.84-2.sarge.2 で修正されています。

不安定版 (unstable) ディストリビューション (sid) では、この問題はバージョ
ン 0.86.2-1 で修正されています。

直ぐに clamav パッケージをアップグレードすることを勧めます。

アップグレード手順
------------------

wget url
	でファイルを取得できます。
dpkg -i file.deb
        で参照されたファイルをインストールできます。

を用いて、apt-get パッケージマネージャに以下記載の sources.list を与えて
次のコマンドを使ってください。

apt-get update
        これは内部データベースを更新します。
apt-get upgrade
        これで修正されたパッケージをインストールします。

本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。

Debian GNU/Linux 3.1 愛称 sarge
- --------------------------------

  ソースアーカイブ:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2.dsc
      Size/MD5 checksum:      872 a5d90ac557b114453e0935d95bca8e17

http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2.diff.gz
      Size/MD5 checksum:   169363 b12ac60c0652f68db9116aad830cde7f
    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84.orig.tar.gz
      Size/MD5 checksum:  4006624 c43213da01d510faf117daa9a4d5326c

  Architecture independent components:


http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.84-2.sarge.2_all.deb
      Size/MD5 checksum:   154106 03b1f4f5addba27a157b0a6676555ff8

http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.84-2.sarge.2_all.deb
      Size/MD5 checksum:   689748 84683f319f4c9a8f7e4d1d77d747396c

http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.84-2.sarge.2_all.deb
      Size/MD5 checksum:   123118 58fea3ad4fcc2611f69af0f2ba455af8

  Alpha architecture:


http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_alpha.deb
      Size/MD5 checksum:    74676 3f1d00637a7028c7012c3fe51e1383f4

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_alpha.deb
      Size/MD5 checksum:    48782 937bbc75d644b6c7a2e0ec7b5daa5bf6

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_alpha.deb
      Size/MD5 checksum:  2176324 0e6a0ae9d5ec4b68ed0e8bc688bbfb68

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_alpha.deb
      Size/MD5 checksum:    42116 bdc3ae3b34c0a9be2eb8621cc3177676

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_alpha.deb
      Size/MD5 checksum:   254548 5db908c37914f6fd06b2f3d689de0b81

http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_alpha.deb
      Size/MD5 checksum:   283680 1e88b3d96000f0a1c5cf8a2cd0aad493

  AMD64 architecture:


http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_amd64.deb
      Size/MD5 checksum:    68866 07f764af8962cda289e92a0f7ca2d81a

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_amd64.deb
      Size/MD5 checksum:    44182 8d7dbb6148610b78c81ce135dbf9c7f8

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_amd64.deb
      Size/MD5 checksum:  2173198 615c7b237d3a4993550955e00e605135

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_amd64.deb
      Size/MD5 checksum:    40010 6941c36e7db2e48dc78f0a97e1b83aed

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_amd64.deb
      Size/MD5 checksum:   175358 ce3229e6277efe07443593432d194e8b

http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_amd64.deb
      Size/MD5 checksum:   257690 c590d1a69e5899e75ef907d55ee2510a

  ARM architecture:


http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_arm.deb
      Size/MD5 checksum:    63820 5871903c9f4789757ca2dda256a29197

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_arm.deb
      Size/MD5 checksum:    39504 bb7f439e8c7e0c7345ac37e537bb1db1

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_arm.deb
      Size/MD5 checksum:  2171180 a13279483c8265842b3b1e8641814fd5

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_arm.deb
      Size/MD5 checksum:    37302 b1400e02bbf2889e0befd15012ca1699

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_arm.deb
      Size/MD5 checksum:   173514 a063023f5ad8e3d21896f21782f05be7

http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_arm.deb
      Size/MD5 checksum:   248174 7e084d71255c9924a90ab7956ae55ff7

  Intel IA-32 architecture:


http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_i386.deb
      Size/MD5 checksum:    65140 ecebd43707069c8ef8f5ba3c4e007d23

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_i386.deb
      Size/MD5 checksum:    40202 d9ab0e02273c9fff0d4f73ed3ec73215

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_i386.deb
      Size/MD5 checksum:  2171494 d2fc4550ac66059e286497b2b9c17ffe

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_i386.deb
      Size/MD5 checksum:    38024 65657d68687180b74819de783d0098b4

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_i386.deb
      Size/MD5 checksum:   158552 e8143195d0a7d26a282a13a8a298e263

http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_i386.deb
      Size/MD5 checksum:   252400 3c2b9d3e379c0c5763f7d8a4162ac1a6

  Intel IA-64 architecture:


http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_ia64.deb
      Size/MD5 checksum:    81732 b010b8ca29e256a80f43fabd673f9d26

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_ia64.deb
      Size/MD5 checksum:    55098 e9ede8cecf6440b9c18620c82ed017f4

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_ia64.deb
      Size/MD5 checksum:  2180096 ae09fef9a1569fe07f77209e1e3bda70

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_ia64.deb
      Size/MD5 checksum:    49202 db0e453890631c462b76c79526034afb

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_ia64.deb
      Size/MD5 checksum:   250438 430797b7c58289c263aa0b3e0b4dbc7f

http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_ia64.deb
      Size/MD5 checksum:   315662 3261606911205a42adaa885a4cce1b0e

  HP Precision architecture:


http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_hppa.deb
      Size/MD5 checksum:    68188 28b4f3e57c32ff42e1609de48f5a4e44

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_hppa.deb
      Size/MD5 checksum:    43232 0204bc7cb2dc0e22b0de6fcac5d7d56d

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_hppa.deb
      Size/MD5 checksum:  2173632 bce3329a057c47e0e5d237fab515ae23

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_hppa.deb
      Size/MD5 checksum:    39456 6c75ce7b7ea86db1e0c6da64da1f95ff

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_hppa.deb
      Size/MD5 checksum:   201268 e101e3b0ff335ee434bc79744d28dae3

http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_hppa.deb
      Size/MD5 checksum:   281626 689202601c916ae9e2da20e7bca6c7a3

  Motorola 680x0 architecture:


http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_m68k.deb
      Size/MD5 checksum:    62454 ff013452d8ad7bc594236ad4612e7314

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_m68k.deb
      Size/MD5 checksum:    38070 0a20559664e319e5f8877d2122fa149d

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_m68k.deb
      Size/MD5 checksum:  2170456 b2cc40301a092d987de075c37fc4f271

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_m68k.deb
      Size/MD5 checksum:    35066 5b7b62906971f1f06d1e8006598de8ca

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_m68k.deb
      Size/MD5 checksum:   145404 47f7a24305acd5201509e3f1d2ca4ceb

http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_m68k.deb
      Size/MD5 checksum:   248852 21681bb560a4036cc8550cf128e0c8f7

  Big endian MIPS architecture:


http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_mips.deb
      Size/MD5 checksum:    67862 97a3b0443ee81ea46597039bbe2dc182

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_mips.deb
      Size/MD5 checksum:    43678 f6a8c79489fb6ba605b57058b72226da

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_mips.deb
      Size/MD5 checksum:  2172976 2969543db5ee78197b4b836c9d78d371

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_mips.deb
      Size/MD5 checksum:    37676 a4a7297f5e3fc3bfc1492bd26f97a788

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_mips.deb
      Size/MD5 checksum:   194322 cc37bcbd31388e6f562c54e142d13ac0

http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_mips.deb
      Size/MD5 checksum:   255894 3ea583ce7f2505142e194b703d1ca942

  Little endian MIPS architecture:


http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_mipsel.deb
      Size/MD5 checksum:    67488 a21ff89942ffbadfa4e689cdb1909866

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_mipsel.deb
      Size/MD5 checksum:    43488 01e504336acf95fcc1b0ee8944f4878a

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_mipsel.deb
      Size/MD5 checksum:  2172936 02a85640ed6e25f8941bee026350e243

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_mipsel.deb
      Size/MD5 checksum:    37962 6ea7d7fdf1107411c7dbde7c1a42653b

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_mipsel.deb
      Size/MD5 checksum:   190668 b889c22d131758864a4879b5cb7348ec

http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_mipsel.deb
      Size/MD5 checksum:   253402 f574c054c397f0260667e745775815cc

  PowerPC architecture:


http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_powerpc.deb
      Size/MD5 checksum:    69232 c93efea8ad9bfc150702ab8ff3263bf5

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_powerpc.deb
      Size/MD5 checksum:    44574 89e9935711c574c4034626d865908f8e

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_powerpc.deb
      Size/MD5 checksum:  2173542 48fe9cda367a7cc27f92d85d92b41039

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_powerpc.deb
      Size/MD5 checksum:    38874 8a2bb630dbb823a6ff17215e1f0af758

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_powerpc.deb
      Size/MD5 checksum:   186630 bdc7b36545911ed04ec782d58b227efb

http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_powerpc.deb
      Size/MD5 checksum:   263034 66b57b4acafa6e429c02794885c48e60

  IBM S/390 architecture:


http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_s390.deb
      Size/MD5 checksum:    67778 590e6c18c9d02596f49d64b4611eb54e

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_s390.deb
      Size/MD5 checksum:    43430 c096db0fd3865f26623d7885effd6751

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_s390.deb
      Size/MD5 checksum:  2172874 7fc9489259f2e4fb14b34322f191b79c

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_s390.deb
      Size/MD5 checksum:    38944 25af940b6ce231410cc82c4a818e0f5b

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_s390.deb
      Size/MD5 checksum:   181600 80fb485a2ef322a9b2e42b261688e4d7

http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_s390.deb
      Size/MD5 checksum:   267588 d194c77d7317c1b716ff44edaf6ccb65

  Sun Sparc architecture:


http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_sparc.deb
      Size/MD5 checksum:    64324 a26a1f0208c60f37a85ff6e120dab86c

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_sparc.deb
      Size/MD5 checksum:    39392 bc8760a6e2ae4737260682f513242afd

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_sparc.deb
      Size/MD5 checksum:  2171058 47adaeb9cfab1857a6d24476e5bd792b

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_sparc.deb
      Size/MD5 checksum:    36854 356607cd1e092378da0471c6dd6fcfa1

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_sparc.deb
      Size/MD5 checksum:   174914 be5710250858efd4181ac13f9febd723

http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_sparc.deb
      Size/MD5 checksum:   263320 828259b0260780173ffd0514b39fe0ba


 これらのファイルは次の版の安定版リリース時そちらに移されます。

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
------>8------------>8------------>8------------>8------------>8-
-- 
Seiji Kaneko                         skaneko@xxxxxxxxxxxx
---------------------------------------------------------