[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[debian-users:45653] [Translate] [SECURITY] [DSA 947-1] New ClamAV packages fix heap overflow
かねこです。
URL 等は Debian-security-announce メーリングリストの元記事を確認
ください。
------>8------------>8------------>8------------>8------------>8-
- --------------------------------------------------------------------------
Debian Security Advisory DSA 947-1 security@debian.org
http://www.debian.org/security/ Michael Stone
January 21st, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : clamav
Vulnerability : ヒープオーバフロー
Problem type : リモート
Debian-specific: いいえ
CVE IDs : CVE-2006-0162
Debian Bug : 320014
ウィルススキャナ ClamAV に、特殊な形式の UPX エンコードされた実行形式を
ClamAV を実行しているシステムに送付することで、攻撃者が任意のコードを実
行可能である欠陥が発見されました。他の潜在的なオーバフロー箇所も修正し
ています。
前安定版 (oldstable) ディストリビューション (woody) には、clamav パッケ
ージは収録されていません。
安定版 (stable) ディストリビューション (sarge) では、この問題はバージョ
ン 0.84-2.sarge.7 で修正されています。
不安定版 (unstable) ディストリビューション (sid) では、この問題はバージ
ョン 0.86.2-1 で修正されています。
直ぐに clamav パッケージをアップグレードすることを勧めます。
アップグレード手順
- --------------------
wget url
でファイルを取得できます。
dpkg -i file.deb
で参照されたファイルをインストールできます。
apt-get パッケージマネージャを用いている場合には、本メールのフッタ記載の
行を sources.list に加えて、
apt-get update
を実行して内部データベースを更新し、
apt-get upgrade
によって修正されたパッケージをインストールしてください。
本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。
Debian GNU/Linux 3.1 愛称 sarge
- --------------------------------
ソースアーカイブ:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.7.dsc
Size/MD5 checksum: 872 df3aecc6060155de842ad1851143d85c
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.7.diff.gz
Size/MD5 checksum: 179637 b25e29ec071c32768df2689f3d7061a4
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84.orig.tar.gz
Size/MD5 checksum: 4006624 c43213da01d510faf117daa9a4d5326c
Architecture independent components:
http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.84-2.sarge.7_all.deb
Size/MD5 checksum: 154692 5149fc2bd991fd87863932ed0ac3e7fd
http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.84-2.sarge.7_all.deb
Size/MD5 checksum: 690338 5b7e9db683622fb49b766bfbd9168a4d
http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.84-2.sarge.7_all.deb
Size/MD5 checksum: 123696 6707d97d0544a6cd245d75f3aa1542b1
Alpha architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.7_alpha.deb
Size/MD5 checksum: 74672 bfd688e1fa1041d819c3319aa15a8530
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.7_alpha.deb
Size/MD5 checksum: 48798 673fc52d2a3fe74bef2637114f2cd453
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.7_alpha.deb
Size/MD5 checksum: 2176344 49586708a8006ec8f32e0128e817d2a7
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.7_alpha.deb
Size/MD5 checksum: 42110 2f52766489cba71f29daf38455b52020
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.7_alpha.deb
Size/MD5 checksum: 255576 f813f572a9b8b83225e4e9ad24461a17
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.7_alpha.deb
Size/MD5 checksum: 285310 0135368aab8cb6def0573b62de849964
AMD64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.7_amd64.deb
Size/MD5 checksum: 68868 cd0022f63fbd4b64b662c8c8aa092d3e
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.7_amd64.deb
Size/MD5 checksum: 44190 4db755a324f658589732bd2ce6aa4b8d
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.7_amd64.deb
Size/MD5 checksum: 2173202 cb7d17d25ee13d02ce8c72e0ed06a3e9
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.7_amd64.deb
Size/MD5 checksum: 39994 63e129299ea15b26a4ade57e96a452b8
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.7_amd64.deb
Size/MD5 checksum: 176356 5846918c951fac82f23a88619a2cea3d
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.7_amd64.deb
Size/MD5 checksum: 259488 5df5123b2619575ea5e955550ba71f24
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.7_i386.deb
Size/MD5 checksum: 65156 1946d6cf8d0af3ebf4ed758f59c19b65
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.7_i386.deb
Size/MD5 checksum: 40204 c64e261503f707d6c647521feda8b4bf
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.7_i386.deb
Size/MD5 checksum: 2171518 502a36afbd597e4b0389b4e2621a63ce
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.7_i386.deb
Size/MD5 checksum: 38016 b4538b96bf9460a87ffc96a7eeae0f22
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.7_i386.deb
Size/MD5 checksum: 159468 50857534f3bac68c8a1825c622fca79d
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.7_i386.deb
Size/MD5 checksum: 254174 23d65ce39c60118ad01a5e2f631dcaa7
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.7_ia64.deb
Size/MD5 checksum: 81718 b61f42422463bc3ffb660ed4aa580fa4
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.7_ia64.deb
Size/MD5 checksum: 55100 301227c416f24fd8d2ef0ab36c9603ba
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.7_ia64.deb
Size/MD5 checksum: 2180080 8f4e17639f1c984dd5aea42e938f2f10
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.7_ia64.deb
Size/MD5 checksum: 49204 a37aeeba10fb089f32ad70c94bfed116
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.7_ia64.deb
Size/MD5 checksum: 251894 02f094895cd7590fb2b2ce2f91d59dcc
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.7_ia64.deb
Size/MD5 checksum: 317446 b627015d823405aec3429dc9b7b21e53
HP Precision architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.7_hppa.deb
Size/MD5 checksum: 68186 63eec7e0e90b6fc8f86c3babc6e82f56
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.7_hppa.deb
Size/MD5 checksum: 43250 11ba8ecd4a732575461275a7484909f2
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.7_hppa.deb
Size/MD5 checksum: 2173636 8e7c104c58b497e7a433ade110d2c180
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.7_hppa.deb
Size/MD5 checksum: 39442 ebac1fc335c9439a50bd8d3e006ad453
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.7_hppa.deb
Size/MD5 checksum: 202424 3d002ce40e0fc3998ac8a6378e9ca8ce
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.7_hppa.deb
Size/MD5 checksum: 283226 4a06474427572cdb4e12b1319f75b04d
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.7_m68k.deb
Size/MD5 checksum: 62464 7027409bec94fabd943ff225bd9223e2
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.7_m68k.deb
Size/MD5 checksum: 38076 472e2770dbe8604f6cb7911f5eae3476
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.7_m68k.deb
Size/MD5 checksum: 2170434 4e34f115c603d78ad8bda209e6af637d
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.7_m68k.deb
Size/MD5 checksum: 35070 a23dd7f83de0edd777ec2273779d1bfa
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.7_m68k.deb
Size/MD5 checksum: 146176 1a4cea45e3ced312277798317a02f435
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.7_m68k.deb
Size/MD5 checksum: 250122 c4da2db2305664e34a1d8c63ceab5e42
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.7_mips.deb
Size/MD5 checksum: 67854 863b035070058be0aba33ed4d3dcf05c
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.7_mips.deb
Size/MD5 checksum: 43676 cf16ba18ec6c1f781305ecc51d58e09d
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.7_mips.deb
Size/MD5 checksum: 2172970 117d308e5403c682cfdedfd9adf1794c
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.7_mips.deb
Size/MD5 checksum: 37674 d4c7280abc505d092eb71bfe3f512a4e
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.7_mips.deb
Size/MD5 checksum: 195386 d1b4cf396c148c451ab75b0a330bb564
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.7_mips.deb
Size/MD5 checksum: 257298 1c9e948e084bce86929a3607005e63d8
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.7_mipsel.deb
Size/MD5 checksum: 67484 9e3d8af7bbe1467e758cc77a4ea8cd01
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.7_mipsel.deb
Size/MD5 checksum: 43510 93d697215e9097c1b8591b0bc0b5e63c
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.7_mipsel.deb
Size/MD5 checksum: 2172916 ff2c34e00fbef8ab22cb9d7dba130fca
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.7_mipsel.deb
Size/MD5 checksum: 37966 c7fed399a7710a8b97735fea92582fb7
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.7_mipsel.deb
Size/MD5 checksum: 191722 5c1a2761a44b4cd3ef84ffd263de795c
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.7_mipsel.deb
Size/MD5 checksum: 254890 ac8cccfc09c1514ca3b3b36f17bfdf4f
PowerPC architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.7_powerpc.deb
Size/MD5 checksum: 69222 23d6780eaef8b389e592bfa56966ad12
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.7_powerpc.deb
Size/MD5 checksum: 44584 ebfefcf4dae235511c7e7fa894ebca79
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.7_powerpc.deb
Size/MD5 checksum: 2173550 c83136cb13f45502680a4dddb6ba222c
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.7_powerpc.deb
Size/MD5 checksum: 38872 cd220dfa23ebb70b61ac58ffa4007189
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.7_powerpc.deb
Size/MD5 checksum: 187578 a3d58d08dd81372d517cbdf675d60b21
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.7_powerpc.deb
Size/MD5 checksum: 264616 76f9bd4db6421a3ddc648995c80d8668
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.7_s390.deb
Size/MD5 checksum: 67780 ce6e06ba73a315849d11493941fb9e81
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.7_s390.deb
Size/MD5 checksum: 43438 8c9b2489a98ac88e64f8fbda83185fda
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.7_s390.deb
Size/MD5 checksum: 2172856 cfbff79cb40c7160a87d0c292657d5bb
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.7_s390.deb
Size/MD5 checksum: 38936 a83437aa3b3d90c521e84af
これらのファイルは次の版の安定版リリース時そちらに移されます。
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
------>8------------>8------------>8------------>8------------>8-
--
Seiji Kaneko skaneko@xxxxxxxxxxxx
---------------------------------------------------------