[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-users:49265] [Translate] [SECURITY] [DSA 1366-1] New clamav packages fix several vulnerabilities



かねこです。
URL 等は Debian-security-announce メーリングリストの元記事を確認
ください。

------>8------------>8------------>8------------>8------------>8-
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1366-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
September 1st, 2007                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : clamav
Vulnerability  : 複数
Problem-Type   : リモート
Debian-specific: いいえ
CVE ID         : CVE-2007-4510 CVE-2007-4560

Clam アンチウィルスツールキット(ClamAV) に、リモートから攻撃可能な複数
の問題が発見されました。The Common Vulnerabilities and Exposures project
は以下の問題を認識しています。

CVE-2007-4510

    RTF および RFC2397 パーザに、NULL ポインタ参照によるサービス拒否を引
    き起こすことができる欠陥が発見されました。

CVE-2007-4560

    clamav-milter が入力の十分なサニタイズを行っておらず、その結果任意の
    シェルコマンドの実行が可能であることが発見されました。

旧安定版 (sarge) ではこれらの問題の一部のみの影響があります。更新版は追っ
て提供の予定です。

安定版 (stable) ディストリビューション (etch) では、これらの問題はバージ
ョン 0.90.1-3etch7 で修正されています。

不安定版 (unstable) ディストリビューション (sid) では、これらの問題はバー
ジョン 0.91.2-1 で修正されています。

直ぐに clamav パッケージをアップグレードすることを勧めます。

アップグレード手順
------------------

wget url
        	でファイルを取得できます。
dpkg -i file.deb
                で参照されたファイルをインストールできます。

apt-get パッケージマネージャを用いている場合には、本メールのフッタ記載の
行を sources.list に加えて、

apt-get update
        を実行して内部データベースを更新し、
apt-get upgrade
        によって修正されたパッケージをインストールしてください。

本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。



Debian GNU/Linux 4.0 alias etch
- -------------------------------

  ソースアーカイブ:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch7.dsc
      Size/MD5 checksum:      886 76508137da0c93a144d130323f7eca87
    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch7.diff.gz
      Size/MD5 checksum:   203232 127d4844eb36f41a52c67d461d554c09
    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1.orig.tar.gz
      Size/MD5 checksum: 11643310 cd11c05b5476262eaea4fa3bd7dc25bf

  アーキテクチャに依存しない内容:


http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.90.1-3etch7_all.deb
      Size/MD5 checksum:   201648 4f87137fc2d9dc12ae774ed149c11080

http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.90.1-3etch7_all.deb
      Size/MD5 checksum:  1003456 a2aacc240716f6da56c9cda24e288af1

http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.90.1-3etch7_all.deb
      Size/MD5 checksum:   157834 820e470f5c428c599fc174e0fcadc7ee

  Alpha architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch7_alpha.deb
      Size/MD5 checksum:   863492 e4bb31adae25ba8270c3a7693a5ac203

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch7_alpha.deb
      Size/MD5 checksum:   184710 65a6b05e5f59a1373b27524267f81f61

http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch7_alpha.deb
      Size/MD5 checksum:   644772 fc182ead4b1858dd9e295a1e774f13c7

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch7_alpha.deb
      Size/MD5 checksum:  9303850 fccfb44066fd7028855dd92ac61918ca

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch7_alpha.deb
      Size/MD5 checksum:   180304 d34adfc21674bfd5f804f4c721aff9d5

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch7_alpha.deb
      Size/MD5 checksum:   511144 223b48dbd9cb9a4003a67dbba4bf265e

http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch7_alpha.deb
      Size/MD5 checksum:   406406 6bca766fb1a86d0a58793f7f9603dd85

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch7_amd64.deb
      Size/MD5 checksum:   856522 cae033c2c4d2245ed0c3742982f9bb67

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch7_amd64.deb
      Size/MD5 checksum:   178452 cf29bd7447cfc3163974b60cc29955a1

http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch7_amd64.deb
      Size/MD5 checksum:   638384 11df3244f048ed156ef97d99ddf13ee2

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch7_amd64.deb
      Size/MD5 checksum:  9301956 ee98e922039c3ae2e58e00fa46f3682f

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch7_amd64.deb
      Size/MD5 checksum:   177470 a2fc25aecce75dfd7b506bfd852110cd

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch7_amd64.deb
      Size/MD5 checksum:   386568 6a1f79b33c45bbf7f63361c5bc3e5301

http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch7_amd64.deb
      Size/MD5 checksum:   367274 a313b9e7a274000923f2a4c508ce630d

  ARM architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch7_arm.deb
      Size/MD5 checksum:   852934 030a5f8950c9917033dd4a73e500d177

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch7_arm.deb
      Size/MD5 checksum:   171200 c37973b52dbee496410dc338826c89c3

http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch7_arm.deb
      Size/MD5 checksum:   598014 2e698cb351c2a6821e4cc4a4c4f39d48

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch7_arm.deb
      Size/MD5 checksum:  9299226 06ca0c49348eb0deeddac6e1b4d87378

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch7_arm.deb
      Size/MD5 checksum:   175344 b38253709f390f65a27363f0d41e14c7

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch7_arm.deb
      Size/MD5 checksum:   366618 f555885ad50c5a205bfe52bc5c05bf32

http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch7_arm.deb
      Size/MD5 checksum:   363474 47905b28d3fa482eb2ba05c08de1f395

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch7_hppa.deb
      Size/MD5 checksum:   857242 7d921dd3dc4d8dc97c8289e6ed2dc56c

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch7_hppa.deb
      Size/MD5 checksum:   178162 f0e8edeadf8a35002982a166b84f5bd8

http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch7_hppa.deb
      Size/MD5 checksum:   618354 dd56899c90c0826a029ad632fe3d784e

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch7_hppa.deb
      Size/MD5 checksum:  9303278 352b5455ef66f4faebf1622bba6d6abb

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch7_hppa.deb
      Size/MD5 checksum:   177404 1d571b923902dfeadab4c4d79485ca24

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch7_hppa.deb
      Size/MD5 checksum:   432894 5700bd90730816ae355bb969a3a0d726

http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch7_hppa.deb
      Size/MD5 checksum:   405100 8e2345c87a460779a4588a51b5d3d4fa

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch7_i386.deb
      Size/MD5 checksum:   853954 9cb2105c0b125d06b6cd55c3afc034df

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch7_i386.deb
      Size/MD5 checksum:   174810 26e058c602e245cdd93b617a6433f3eb

http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch7_i386.deb
      Size/MD5 checksum:   604246 9229e00e4fd2f479c4991579527dda05

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch7_i386.deb
      Size/MD5 checksum:  9300180 2ea193af166b258bafc507ee39fe5ed5

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch7_i386.deb
      Size/MD5 checksum:   175306 a9249b84ddf8381fddaefdad2d838a7e

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch7_i386.deb
      Size/MD5 checksum:   367860 d88bcc54abe004b0cac9dace8b1a97cb

http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch7_i386.deb
      Size/MD5 checksum:   365930 25dfe3b0f5db7fd318f508f981447c5b

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch7_ia64.deb
      Size/MD5 checksum:   878502 6819ecbe6de1e78d7a794bd57be5242c

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch7_ia64.deb
      Size/MD5 checksum:   201696 b6aad73bb42bc06ebe2c7e7cf6638e8e

http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch7_ia64.deb
      Size/MD5 checksum:   657016 a8700ddde5a27b6e5543c26b94ebaccb

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch7_ia64.deb
      Size/MD5 checksum:  9315332 5e70f38d3e2c545c2a3a0e886a9d31bf

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch7_ia64.deb
      Size/MD5 checksum:   191962 096679339d39f00c721efb8b443a4eaa

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch7_ia64.deb
      Size/MD5 checksum:   521666 d782256097bd91daac7c281bc5b9c04a

http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch7_ia64.deb
      Size/MD5 checksum:   475118 9672c4a0370689ab46e98bbe4b5abdae

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch7_mips.deb
      Size/MD5 checksum:   854704 4c88a5d9a1dba0a9b1bff65a873b3088

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch7_mips.deb
      Size/MD5 checksum:   179932 6eddaad912a230c6b5e8d7b66503a99d

http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch7_mips.deb
      Size/MD5 checksum:   647356 783a1e4fed71df9f0556616b54cb3a93

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch7_mips.deb
      Size/MD5 checksum:  9301594 fc06728c15469aace7857a24f5fc53ee

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch7_mips.deb
      Size/MD5 checksum:   175694 1389bf57964bee7e61a49fe148dfd06c

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch7_mips.deb
      Size/MD5 checksum:   435530 6ff83829f607222759f9bc74add7b77e

http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch7_mips.deb
      Size/MD5 checksum:   372356 569d451c407c05823032836b2b44d89c

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch7_mipsel.deb
      Size/MD5 checksum:   854664 4d78fb80f34622cfabd610d707b74ed3

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch7_mipsel.deb
      Size/MD5 checksum:   180046 e2a0871e9171da32be01adf62ad1d128

http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch7_mipsel.deb
      Size/MD5 checksum:   636224 2476d9168a9dc29ec7c466f87a234dbc

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch7_mipsel.deb
      Size/MD5 checksum:  9301726 91fbb41f97a05431b3a192b7fb1be1ab

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch7_mipsel.deb
      Size/MD5 checksum:   175936 bca774cbae1f58760b3e865189615238

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch7_mipsel.deb
      Size/MD5 checksum:   426980 282f62187b9cd468416f8fd614d4067c

http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch7_mipsel.deb
      Size/MD5 checksum:   365596 6a7c6a9c3f466ec1af406bc5c58d8322

  PowerPC architecture:


http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch7_powerpc.deb
      Size/MD5 checksum:   857324 71e8777c0bd9373b31bafc1aa00c8be0

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch7_powerpc.deb
      Size/MD5 checksum:   181870 76e72290201ed98010991f3639c6a87e

http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch7_powerpc.deb
      Size/MD5 checksum:   637432 d3d0cf8a8288a340ade551737721ddcf

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch7_powerpc.deb
      Size/MD5 checksum:  9302318 7574fcc75525c788c93ff3b28b214458

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch7_powerpc.deb
      Size/MD5 checksum:   176394 9f861a15da4a7d3d460948dce1e97037

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch7_powerpc.deb
      Size/MD5 checksum:   405822 f84a324e6d6101046dce37495a5fc1db

http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch7_powerpc.deb
      Size/MD5 checksum:   378474 ec5ab7ea0b45d507ad5ffd0bdd91921b

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch7_s390.deb
      Size/MD5 checksum:   855284 451dd987867f18df691343826ae2f11f

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch7_s390.deb
      Size/MD5 checksum:   176424 46cc5eddcc876479e988b9e10e879f8c

http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch7_s390.deb
      Size/MD5 checksum:   628526 2c75c9e4150a0b8eb0c6446e5d112735

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch7_s390.deb
      Size/MD5 checksum:  9300942 04eb856a3a44098ea1e483921e272c46

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch7_s390.deb
      Size/MD5 checksum:   177166 52c5cba6197a33b62c912bfddde59782

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch7_s390.deb
      Size/MD5 checksum:   401818 b8f39319d247f3aa8077c5cfd308185c

http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch7_s390.deb
      Size/MD5 checksum:   391486 24119acc8394847bbde1a957449b0f15

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch7_sparc.deb
      Size/MD5 checksum:   851414 6da36840b5725d962426971f01e2419c

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch7_sparc.deb
      Size/MD5 checksum:   172124 0ad57992d8e2538850137a3b9580dfc0

http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch7_sparc.deb
      Size/MD5 checksum:   584052 69fd3f5d67b2a54b1735414184f6a92c

http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch7_sparc.deb
      Size/MD5 checksum:  9298816 2c3e7b1aa338c7fb3d04ce3807ec28bd

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch7_sparc.deb
      Size/MD5 checksum:   174044 16c23d0e5057d3d852e21ad226601ec2

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch7_sparc.deb
      Size/MD5 checksum:   389466 45e786e946ddde5fc22c9532a7169f5e

http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch7_sparc.deb
      Size/MD5 checksum:   377484 58b6b3b0d422300d241f406f9985cfa9

  これらのファイルは次の版の安定版リリース時そちらに移されます。


- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
------>8------------>8------------>8------------>8------------>8-
-- 
Seiji Kaneko                         skaneko@xxxxxxxxxxxx
---------------------------------------------------------