[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[debian-users:47478] [Translate] [SECURITY] [DSA 1196-1] New clamav packages fix arbitrary code execution
かねこです。
URL 等は Debian-security-announce メーリングリストの元記事を確認
ください。
------>8------------>8------------>8------------>8------------>8-
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1196-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
October 19th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : clamav
Vulnerability : 複数
Problem-Type : リモート
Debian-specific: いいえ
CVE ID : CVE-2006-4182 CVE-2006-5295
ClamAV マルウェアスキャンエンジンに、任意コード実行の可能性に繋がる複数の
リモートから攻撃可能な問題が発見されました。The Common Vulnerabilities
and Exposures project では以下の問題を認識しています。
CVE-2006-4182
Damian Put さんにより、PE ファイルをリビルドするスクリプトにヒープオ
ーバフローが発見されました。この欠陥は任意コード実行に繋がる可能性が
あります。
CVE-2006-5295
Damian Putさんにより、CHM 処理コードに入力のサニタイズが抜けているた
め、サービス拒否攻撃の可能性があることが発見されました。
安定版 (stable) ディストリビューション (sarge) では、これらの問題はバージ
ョン 0.84-2.sarge.11 で修正されています。技術的問題により、sparc アーキテ
クチャ向けの更新はまだ提供されていませんが、近く提供の予定です。
不安定版 (unstable) ディストリビューション (sid) では、これらの問題はバー
ジョン 0.88.5-1 で修正されています。
直ぐに clamav パッケージをアップグレードすることを勧めます。
アップグレード手順
------------------
wget url
でファイルを取得できます。
dpkg -i file.deb
で参照されたファイルをインストールできます。
apt-get パッケージマネージャを用いている場合には、本メールのフッタ記載の
行を sources.list に加えて、
apt-get update
を実行して内部データベースを更新し、
apt-get upgrade
によって修正されたパッケージをインストールしてください。
本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。
Debian GNU/Linux 3.1 愛称 sarge
- --------------------------------
ソースアーカイブ:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11.dsc
Size/MD5 checksum: 874 28ac6ad45d008a1a40f1043ce208f7e9
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11.diff.gz
Size/MD5 checksum: 176562 4b0c191cf10e3184baee4004c7992b09
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84.orig.tar.gz
Size/MD5 checksum: 4006624 c43213da01d510faf117daa9a4d5326c
Architecture independent components:
http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.84-2.sarge.11_all.deb
Size/MD5 checksum: 154890 32b1629d649ed6168dd411e0458cca08
http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.84-2.sarge.11_all.deb
Size/MD5 checksum: 694414 e8160f6502023138511d613240ff8a7a
http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.84-2.sarge.11_all.deb
Size/MD5 checksum: 123884 82b26302a2c4697b7d58825dd64149c3
Alpha architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_alpha.deb
Size/MD5 checksum: 74768 39a1eb656cb857019708e6a9f13e6670
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_alpha.deb
Size/MD5 checksum: 48830 de988902ce6b7a56b0f72daa6e113614
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_alpha.deb
Size/MD5 checksum: 2176452 e16e6c071d0233820855fb4777b90a7d
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_alpha.deb
Size/MD5 checksum: 42120 fa4bd16b77814caf48f9c32e5ebf10f4
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_alpha.deb
Size/MD5 checksum: 255774 19ff1809f543ca8aadb819be4b879f44
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_alpha.deb
Size/MD5 checksum: 285586 e33630652b74d4a2ddb1c936daf4a7ec
AMD64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_amd64.deb
Size/MD5 checksum: 68850 03fd7d2e437ef1d337236884289f9cfd
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_amd64.deb
Size/MD5 checksum: 44186 3b44c71024838a3d9e367807fe8664dd
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_amd64.deb
Size/MD5 checksum: 2173268 f41d15ff5a51f3aa601d8bc1f5ddad6a
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_amd64.deb
Size/MD5 checksum: 39988 3ae59e939bb67cb743c655089d7c66a7
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_amd64.deb
Size/MD5 checksum: 176496 bb458a66c0422f2c567e0f5bc0db6fc0
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_amd64.deb
Size/MD5 checksum: 259796 ace9bd92aec68b79785d812112df3b8c
ARM architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_arm.deb
Size/MD5 checksum: 63924 13852fbd45ab407a4d12529d3c9af7d1
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_arm.deb
Size/MD5 checksum: 39600 c11f5ed1c7d9867e2d3c8feebffeafc7
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_arm.deb
Size/MD5 checksum: 2171292 a28d43cf47bbf88d6eb750eb32b318ee
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_arm.deb
Size/MD5 checksum: 37314 c12fda2e2e2d6d35ca7b7907e8276cd6
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_arm.deb
Size/MD5 checksum: 174878 4685182160e39404d8f15fe249b64a5e
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_arm.deb
Size/MD5 checksum: 249784 0f7eeccd53136dcd6bb78ea6020e73b0
HP Precision architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_hppa.deb
Size/MD5 checksum: 68278 35e8f30df61e0c77fd22b8c02e2f6ebb
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_hppa.deb
Size/MD5 checksum: 43282 c0d8fe7883d6d4aff3824549bb221e89
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_hppa.deb
Size/MD5 checksum: 2173730 4b003090224b6fedf73abd38a1a32eb2
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_hppa.deb
Size/MD5 checksum: 39456 33b5e0dbc1dc6aff76b0b5f4164b8256
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_hppa.deb
Size/MD5 checksum: 202698 75ddd21a939d57b35a0f2256bf0d99f7
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_hppa.deb
Size/MD5 checksum: 283454 82057fdf8dca950c4dd3a72b5b6f811a
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_i386.deb
Size/MD5 checksum: 65200 a945220bc5697dece23aafc00fed3d5f
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_i386.deb
Size/MD5 checksum: 40308 60923ec7ee8c7b86881f4e5389cf43cb
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_i386.deb
Size/MD5 checksum: 2171624 59374c11897bcaf9f3dc7c71bcb6fa56
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_i386.deb
Size/MD5 checksum: 38038 05b67aee86f2c60105806ad74d77e32d
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_i386.deb
Size/MD5 checksum: 159720 074ef1d4d28391d2eb394ea24c702e78
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_i386.deb
Size/MD5 checksum: 254468 a80e82dfeb22354d3623a40e85fbbcc6
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_ia64.deb
Size/MD5 checksum: 81828 c46f0b2c499e816a3cb440d0651a2b55
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_ia64.deb
Size/MD5 checksum: 55246 7a442d4f53746822fe60cb1628730d00
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_ia64.deb
Size/MD5 checksum: 2180272 33333853b7919432646bcfdae6abd54c
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_ia64.deb
Size/MD5 checksum: 49190 53a172cf4d463f4e1650d33b4851e832
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_ia64.deb
Size/MD5 checksum: 252174 8e184d5dba13b625ae0e44e89485c6a7
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_ia64.deb
Size/MD5 checksum: 317870 2222c0d7e5cf059381ebd9a151b8a5af
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_m68k.deb
Size/MD5 checksum: 62518 7f0f240a3ecc077fc140e88bac5b1fe8
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_m68k.deb
Size/MD5 checksum: 38194 06f87cf4f5bcccf1f8d8b1099bef70d3
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_m68k.deb
Size/MD5 checksum: 2170504 809d90d8aedaa980866431ffa90a28aa
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_m68k.deb
Size/MD5 checksum: 35070 02f5faec5ab1070cb09e5488d24d910b
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_m68k.deb
Size/MD5 checksum: 146328 99c2e58e91dbbf20c126b29f0af6bc2c
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_m68k.deb
Size/MD5 checksum: 250494 87ad44430613edb59b8b8d300786a8b7
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_mips.deb
Size/MD5 checksum: 67956 2e78155905e710e6b0ff27b53e45f269
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_mips.deb
Size/MD5 checksum: 43800 fb236f7c6cf785d6a55aae1a4515338a
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_mips.deb
Size/MD5 checksum: 2173046 ac2d5755af45a3d4a0c20c29508066c8
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_mips.deb
Size/MD5 checksum: 37668 48b4aa4c897d00929da982ef07c8a15a
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_mips.deb
Size/MD5 checksum: 195568 bb600d223c0b65faa1b646df27dc7e74
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_mips.deb
Size/MD5 checksum: 257606 679b4cce53bcc33e8ac10650aff4c5a0
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_mipsel.deb
Size/MD5 checksum: 67556 4520d58dd04533e2777f3cca4975a4d3
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_mipsel.deb
Size/MD5 checksum: 43598 92da7fbb103c7a1c37b05522ae1e19a2
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_mipsel.deb
Size/MD5 checksum: 2173008 e6745c1d5156d5cfca2dac85be5f1423
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_mipsel.deb
Size/MD5 checksum: 37954 95d22e916f84828d555c5d13674e5d4c
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_mipsel.deb
Size/MD5 checksum: 191974 604b00ff88ac5373c196248e906beb0d
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_mipsel.deb
Size/MD5 checksum: 255282 e904a9e0a41a5256e36fc71781135f05
PowerPC architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_powerpc.deb
Size/MD5 checksum: 69294 07c0764302ddd5a9140581c6ede04487
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_powerpc.deb
Size/MD5 checksum: 44674 8c9d17ca61c993632aa25da98c8b6cef
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_powerpc.deb
Size/MD5 checksum: 2173668 5a591aa69f1d101cfce0597398c25ae6
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_powerpc.deb
Size/MD5 checksum: 38870 8ea03838330fa3c56482e2f343c5431a
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_powerpc.deb
Size/MD5 checksum: 187714 10bc94cec5fa66dcff4c76f49ba2e3c1
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_powerpc.deb
Size/MD5 checksum: 264980 c5452abaf240f6f8d927ef69ea29d0b5
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_s390.deb
Size/MD5 checksum: 67898 68e72a9d5ac378fc62e1cd6bb076da18
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_s390.deb
Size/MD5 checksum: 43554 207dcf7c5897971f44c5afbed4b660e5
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_s390.deb
Size/MD5 checksum: 2172956 7408bb7618f0b0d4b984e009b15e3a34
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_s390.deb
Size/MD5 checksum: 38932 dc9a5cc5dfcbd829dc65811713d84ba8
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_s390.deb
Size/MD5 checksum: 182686 a743f6f9a8dd3aa06e51c168e6a78cf2
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_s390.deb
Size/MD5 checksum: 269600 382c4a08915ddc6d50208aeb9468bdab
これらのファイルは次の版の安定版リリース時そちらに移されます。
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
------>8------------>8------------>8------------>8------------>8-
--
Seiji Kaneko skaneko@xxxxxxxxxxxx
---------------------------------------------------------