[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[debian-users:48488] [Translate] [SECURITY] [DSA 1281-1] New clamav packages fix several vulnerabilities
かねこです。
URL 等は Debian-security-announce メーリングリストの元記事を確認
ください。
------>8------------>8------------>8------------>8------------>8-
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1281-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
April 25th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : clamav
Vulnerability : 複数
Problem-Type : リモート
Debian-specific: いいえ
CVE ID : CVE-2007-1745 CVE-2007-1997 CVE-2007-2029
Clam anti-virus ツールキットに、リモートから攻撃可能な複数の問題が発見さ
れました。 The Common Vulnerabilities and Exposures project は以下の問題
を認識しています。
CVE-2007-1745
CHM ファイル形式のハンドラにファイルディスクリプタリークがあり、サー
ビス拒否攻撃が可能であることが発見されました。
CVE-2007-1997
CAB ファイル形式のハンドラにバッファオーバフローがあり、任意コード実
行の可能性があることが発見されました。
CVE-2007-2029
PDF ファイル形式のハンドラにファイルディスクリプタリークがあり、サー
ビス拒否攻撃が可能であることが発見されました。
旧安定版 (stable) ディストリビューション (sarge) では、これらの問題はバー
ジョン 0.84-2.sarge.16 で修正されています。
安定版 (stable) ディストリビューション (etch) では、これらの問題はバージ
ョン 0.90.1-3etch1 で修正されています。
不安定版 (unstable) ディストリビューション (sid) では、これらの問題はバー
ジョン 0.90.2-1 で修正されています。
直ぐに clamav パッケージをアップグレードすることを勧めます。arm, sparc,
m68k および mips-bg/el の各アーキテクチャ向けのものはまだ提供できていま
せん。これらは後日提供予定です。
アップグレード手順
------------------
wget url
でファイルを取得できます。
dpkg -i file.deb
で参照されたファイルをインストールできます。
apt-get パッケージマネージャを用いている場合には、本メールのフッタ記載の
行を sources.list に加えて、
apt-get update
を実行して内部データベースを更新し、
apt-get upgrade
によって修正されたパッケージをインストールしてください。
本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。
Debian GNU/Linux 3.1 愛称 sarge
- --------------------------------
ソースアーカイブ:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16.dsc
Size/MD5 checksum: 874 750b482eeb436112babe47c8d4e462f4
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16.diff.gz
Size/MD5 checksum: 187501 4fa4f6002ac647a88cc991491026f495
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84.orig.tar.gz
Size/MD5 checksum: 4006624 c43213da01d510faf117daa9a4d5326c
アーキテクチャに依存しない内容:
http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.84-2.sarge.16_all.deb
Size/MD5 checksum: 155282 27dda07f76c431190815699c933c96f1
http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.84-2.sarge.16_all.deb
Size/MD5 checksum: 690904 0599cd77c6f729719f7d2218238286dc
http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.84-2.sarge.16_all.deb
Size/MD5 checksum: 124268 dc29df62c5e663ac861871fb261c8f5f
Alpha architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16_alpha.deb
Size/MD5 checksum: 74760 6f5e17b5709704bb3cbb5df87886c535
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.16_alpha.deb
Size/MD5 checksum: 48704 42d401657e3ce03e9b3f8bc8c2eb6c2a
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.16_alpha.deb
Size/MD5 checksum: 2175750 6362f96b3ea12a7756a65be181ade900
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.16_alpha.deb
Size/MD5 checksum: 41738 fc892161427bb646375cd488ccdf8cf4
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.16_alpha.deb
Size/MD5 checksum: 256048 08a862b95ba887ef60d7e782b3860c4b
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.16_alpha.deb
Size/MD5 checksum: 286514 911985fc43f62e1648fc49c699873102
AMD64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16_amd64.deb
Size/MD5 checksum: 69018 d3cdbb0197531ab9c9b2da5fdd3f28d2
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.16_amd64.deb
Size/MD5 checksum: 44290 8dfb6f556b0e94177ced1b8437fd05c6
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.16_amd64.deb
Size/MD5 checksum: 2173300 4bddbe30c350a2cdf7085401d9ba2bd4
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.16_amd64.deb
Size/MD5 checksum: 40044 fe9c8fbf07d5bb4f2ea8c186fa4554d0
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.16_amd64.deb
Size/MD5 checksum: 176820 671a48baa1cff978ba6ac698bd92ce35
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.16_amd64.deb
Size/MD5 checksum: 260434 fcbd3ed5d6d195d941ae8c2c4be78583
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16_i386.deb
Size/MD5 checksum: 65316 388cb174e2802231f2e00be75e557525
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.16_i386.deb
Size/MD5 checksum: 40360 eb1b678e9f9e6902baf07337031a15c9
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.16_i386.deb
Size/MD5 checksum: 2171592 538f510efe1172159b580d2de8a685e3
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.16_i386.deb
Size/MD5 checksum: 38060 fc3bbba2437c2822000e045c6709c8b0
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.16_i386.deb
Size/MD5 checksum: 159914 61cff431ff68479054321cae6ce49434
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.16_i386.deb
Size/MD5 checksum: 255106 06c6210c2302fa4b12539f5d9d6ed90c
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16_ia64.deb
Size/MD5 checksum: 81948 b2532d41280dd297e11fe259cda69f43
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.16_ia64.deb
Size/MD5 checksum: 55324 4ece492972b78bd0a85a0a349219ba0c
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.16_ia64.deb
Size/MD5 checksum: 2180240 d59d5be58695e7eda4bb850329b61eaf
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.16_ia64.deb
Size/MD5 checksum: 49242 25aebadfb837f4b693c0ca7f00d7d7e5
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.16_ia64.deb
Size/MD5 checksum: 252464 9a98dab31c6cbd4010a070af84586379
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.16_ia64.deb
Size/MD5 checksum: 318554 ebfcc4e83fcce638cf4d6fd204f406ba
PowerPC architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16_powerpc.deb
Size/MD5 checksum: 69390 825a3ff9344b0ff0040c9009043d0345
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.16_powerpc.deb
Size/MD5 checksum: 44728 719d0f39e79ca450060ccf2b31841893
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.16_powerpc.deb
Size/MD5 checksum: 2173682 4da2c1673aec276f67dd78f418e20418
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.16_powerpc.deb
Size/MD5 checksum: 38890 13405ffbf96d22acac493dd5ca2561f9
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.16_powerpc.deb
Size/MD5 checksum: 187910 3f20cb90f59c59296469564288bc851f
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.16_powerpc.deb
Size/MD5 checksum: 265536 7f953c829582ff78a9c059e9a21c7ecc
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.16_s390.deb
Size/MD5 checksum: 67964 2e69d92100ff9b5af69d2c6482c332e6
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.16_s390.deb
Size/MD5 checksum: 43642 4bc4573c069697913e88f90ce180bc78
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.16_s390.deb
Size/MD5 checksum: 2172968 095a7323846207c070de4be0cfca904b
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.16_s390.deb
Size/MD5 checksum: 38966 20219f58e85b9bd3742941042bf536b0
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.16_s390.deb
Size/MD5 checksum: 182852 1c38c0a2187b948fa7062a50a93d26ce
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.16_s390.deb
Size/MD5 checksum: 270160 298f91ebdd0f8fec45c7115a71e9ff76
Debian GNU/Linux 4.0 alias etch
- -------------------------------
ソースアーカイブ:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1.dsc
Size/MD5 checksum: 886 03ca483d25aa8a5843c0334454fa854b
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1.diff.gz
Size/MD5 checksum: 198874 332face9b6c9dd61ea183b97920d58e6
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1.orig.tar.gz
Size/MD5 checksum: 11643310 cd11c05b5476262eaea4fa3bd7dc25bf
アーキテクチャに依存しない内容:
http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.90.1-3etch1_all.deb
Size/MD5 checksum: 201166 15ff75fe7f8d74c20a1ed138a3ef96a3
http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.90.1-3etch1_all.deb
Size/MD5 checksum: 1002982 c522f91db205e1317d7ffa4fcff219cc
http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.90.1-3etch1_all.deb
Size/MD5 checksum: 157358 8f0bccc0ffe35df7afd1c970e7a6424d
Alpha architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1_alpha.deb
Size/MD5 checksum: 863012 56735cac5c48a2b1cff498aa74af5b74
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch1_alpha.deb
Size/MD5 checksum: 184208 d61917178e7334eb9267834929ec3ac1
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch1_alpha.deb
Size/MD5 checksum: 643690 8a9d04ad670ff22316a894a6ee693526
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch1_alpha.deb
Size/MD5 checksum: 9303270 89869fa569a5b7a8175c5eae35d2dc4c
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch1_alpha.deb
Size/MD5 checksum: 179372 7a1dba33725c9de4ece9641d2b1c4b2f
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch1_alpha.deb
Size/MD5 checksum: 509666 e47d02325d68fe25a875843c6d390b80
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch1_alpha.deb
Size/MD5 checksum: 405480 38ccb1a5c657c5c70f410f94d66c93a1
AMD64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1_amd64.deb
Size/MD5 checksum: 856028 b605cea366cd60582a4f2926cd8dbbf0
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch1_amd64.deb
Size/MD5 checksum: 177964 d26c6f071ae2f9ef5a6a446ffdc79dac
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch1_amd64.deb
Size/MD5 checksum: 637432 dc8505b28e41acc8ae53502ddaeae429
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch1_amd64.deb
Size/MD5 checksum: 9301322 90c4819bcecb55a12dc94fdbd868b5e8
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch1_amd64.deb
Size/MD5 checksum: 176430 16d4a80aef673ec34e4c771013835463
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch1_amd64.deb
Size/MD5 checksum: 385728 391eab43682d135cd5a7321067b358e1
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch1_amd64.deb
Size/MD5 checksum: 366562 c71cc7f8c0cb058a725b7e8d6cc76df0
HP Precision architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1_hppa.deb
Size/MD5 checksum: 856792 69390669062759614b5068a91daf47fd
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch1_hppa.deb
Size/MD5 checksum: 177694 4e12f71d9e471ab44270ef8629c566f9
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch1_hppa.deb
Size/MD5 checksum: 617522 5157056214621eed9948cfcd417b56c3
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch1_hppa.deb
Size/MD5 checksum: 9302752 c8176be01a85cce59bce5869643e425a
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch1_hppa.deb
Size/MD5 checksum: 176522 f4379b7ca228397a28a2e040e890a3a5
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch1_hppa.deb
Size/MD5 checksum: 432108 07f29046db300ff6a57a86367c940e44
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch1_hppa.deb
Size/MD5 checksum: 404280 d69e5a48f1ff41d90885029f7212963b
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1_i386.deb
Size/MD5 checksum: 853434 e33737d0e8eeae82880dee160b884e4c
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch1_i386.deb
Size/MD5 checksum: 174318 188d945b3c78e3d540a8288115eb4923
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch1_i386.deb
Size/MD5 checksum: 603398 56ab1e4be6b9a86ef5b9ccfbf9d6faa2
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch1_i386.deb
Size/MD5 checksum: 9299850 b15d3a6570be05bf476bd9cd5821f179
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch1_i386.deb
Size/MD5 checksum: 174450 d33e361d311972a8f832e9a5c9cacd02
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch1_i386.deb
Size/MD5 checksum: 367182 c46322a281159fad5ee98725b293f295
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch1_i386.deb
Size/MD5 checksum: 365140 33b24038fd1f0cd610e18c5e9a6a45a8
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1_ia64.deb
Size/MD5 checksum: 878008 af774d8ff869cf7f6c2f01ecc7c066bf
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch1_ia64.deb
Size/MD5 checksum: 201168 74a33b6216e0e8210f6cd64d9b01e84a
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch1_ia64.deb
Size/MD5 checksum: 656168 74cd735a0f44db53d22d0d97847375fa
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch1_ia64.deb
Size/MD5 checksum: 9314758 b82acf9cc3c39df48574d645ff66dbcc
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch1_ia64.deb
Size/MD5 checksum: 190824 94493ed780a6188f973d4bff2b54b1dd
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch1_ia64.deb
Size/MD5 checksum: 520604 a139c1db4f8e08468e3138b3c17412c1
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch1_ia64.deb
Size/MD5 checksum: 474144 354eec2bd1aa062fb9e1150068b88f77
PowerPC architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1_powerpc.deb
Size/MD5 checksum: 856836 db956d3268e97ee29c056b92bfe175c6
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch1_powerpc.deb
Size/MD5 checksum: 181406 31d55adca529fcd1f843d35c4fe5733e
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch1_powerpc.deb
Size/MD5 checksum: 636432 c15e564ca0bba6f47553a15c52f70224
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch1_powerpc.deb
Size/MD5 checksum: 9301660 e57ce0bdd33f992cf842c47146160272
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch1_powerpc.deb
Size/MD5 checksum: 175544 806666c67449d7539310ce20e986892c
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch1_powerpc.deb
Size/MD5 checksum: 405180 b1a347e43bf7d8e0f5f89012d59b5bb6
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch1_powerpc.deb
Size/MD5 checksum: 377662 fa0be5ca2222ba19f85549416daf0333
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch1_s390.deb
Size/MD5 checksum: 854784 38773a96cc7e238cfbff8e301af67e7f
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch1_s390.deb
Size/MD5 checksum: 175982 314d4bb67d61d26c374a80d2fb7d177e
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch1_s390.deb
Size/MD5 checksum: 627524 9b9f81c79c2fca92d060163a6cba5d3d
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch1_s390.deb
Size/MD5 checksum: 9300600 19ab58095839cac85be2f22f326859a3
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch1_s390.deb
Size/MD5 checksum: 176114 3375fd42709def635bf4929fe404a6f2
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch1_s390.deb
Size/MD5 checksum: 401188 28cde64e90a013bdf66a28f1b7d9058b
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch1_s390.deb
Size/MD5 checksum: 390658 40ead43ae79832d790c0e8fd290f0b8e
これらのファイルは次の版の安定版リリース時そちらに移されます。
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
------>8------------>8------------>8------------>8------------>8-
--
Seiji Kaneko skaneko@xxxxxxxxxxxx
---------------------------------------------------------