[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[debian-users:51190] [Translate] [SECURITY] [DSA 1660-1] New clamav packages fix denial of service
かねこです。
URL 等は Debian-security-announce メーリングリストの元記事を確認
ください。
------>8------------>8------------>8------------>8------------>8-
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1660-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
October 26, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : clamav
Vulnerability : ヌルポインタ参照、リソース使い果たし
Problem type : ローカル (リモート)
Debian-specific: いいえ
CVE Id(s) : CVE-2008-3912, CVE-2008-3913, CVE-2008-3914
複数のサービス拒否攻撃に繋がる欠陥が、ClamAV アンチウィルスツールキット
に発見されました。
メモリ不足条件のチェックが不足しているため、ヌルポインタ参照が起きます
(CVE-2008-3912)。
エラー処理論理に誤りがあり、メモリリーク (CVE-2008-3913) やファイルディ
スクリプタリーク (CVE-2008-3914) に繋がります。
安定版 (stable) ディストリビューション (etch) では、これらの問題はバージ
ョン 0.90.1dfsg-4etch15 で修正されています。
テスト版 (testing) および不安定版 (unstable) ディストリビューション
(lenny および sid) では、これらの問題はバージョン 0.94.dfsg-1 で修正さ
れています。
直ぐに clamav パッケージをアップグレードすることを勧めます。
アップグレード手順
------------------
wget url
でファイルを取得できます。
dpkg -i file.deb
で参照されたファイルをインストールできます。
apt-get パッケージマネージャを用いている場合には、本メールのフッタ記載の
行を sources.list に加えて、
apt-get update
を実行して内部データベースを更新し、
apt-get upgrade
によって修正されたパッケージをインストールしてください。
本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。
Debian GNU/Linux 4.0 alias etch
- -------------------------------
ソースアーカイブ:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15.diff.gz
Size/MD5 checksum: 211673 f32684dc7b5c10438ed72ed8c522ced8
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg.orig.tar.gz
Size/MD5 checksum: 11610428 6dc18602b0aa653924d47316f9411e49
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15.dsc
Size/MD5 checksum: 900 5c1aca2a402b405e027e79c7d9fdde39
アーキテクチャに依存しないパッケージ:
http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.90.1dfsg-4etch15_all.deb
Size/MD5 checksum: 1005428 058124325863f5c4d6009547b81d3d10
http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.90.1dfsg-4etch15_all.deb
Size/MD5 checksum: 202184 24e50f137412d6432f489f0c0bccefa2
http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.90.1dfsg-4etch15_all.deb
Size/MD5 checksum: 158456 ee5378f52517374ecc6d45d0954a8da8
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-4etch15_alpha.deb
Size/MD5 checksum: 372930 f51ff2874a06cf834e586ffd629935a4
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-4etch15_alpha.deb
Size/MD5 checksum: 182734 5c0db34ae38a22c21513210c00c3c69b
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-4etch15_alpha.deb
Size/MD5 checksum: 465258 e5745dfa0c5a1b59e19fcce6743b8ea6
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-4etch15_alpha.deb
Size/MD5 checksum: 9305242 c8970fe72c484513f6b405b5bbc2107f
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15_alpha.deb
Size/MD5 checksum: 862312 196a2f722ea12a073ab81ca361a4c8a4
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-4etch15_alpha.deb
Size/MD5 checksum: 597822 f183a3e677f0eda5196f32e164c74bcd
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-4etch15_alpha.deb
Size/MD5 checksum: 180882 91a8a71ea5822c9bb74907d1c273c6a8
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-4etch15_amd64.deb
Size/MD5 checksum: 341716 cf6f3fa99270adead786b673311f8d61
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-4etch15_amd64.deb
Size/MD5 checksum: 9301976 2876b674f6cea7d15c5157e2de2328ee
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-4etch15_amd64.deb
Size/MD5 checksum: 355170 de088b17a337d686b4621770fe4f9857
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15_amd64.deb
Size/MD5 checksum: 856710 666d145be4f30dff32fa4ea4a7baf3cf
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-4etch15_amd64.deb
Size/MD5 checksum: 593892 f998497019eda5c09b4b9d72b28a20cd
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-4etch15_amd64.deb
Size/MD5 checksum: 177632 012e805063b0f0d0add72b3b7e31bc27
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-4etch15_amd64.deb
Size/MD5 checksum: 178214 9cb0fd2d134382ab68377ea080354c39
arm architecture (ARM)
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-4etch15_arm.deb
Size/MD5 checksum: 175958 61f2238a6151d710f61898a69a7f17dd
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-4etch15_arm.deb
Size/MD5 checksum: 554314 eeca09ab4e6114c1647f58e056bbbe88
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-4etch15_arm.deb
Size/MD5 checksum: 335754 a4455a0a045e44d7fe4e78e3138f9839
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-4etch15_arm.deb
Size/MD5 checksum: 336508 7381b097f4239890fd7ecf3604b18a7b
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15_arm.deb
Size/MD5 checksum: 853888 cc8eb16ceef93c5dc7a344c31b76a1c4
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-4etch15_arm.deb
Size/MD5 checksum: 9299654 079be0e85b9488a6c1a79e47fa473697
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-4etch15_arm.deb
Size/MD5 checksum: 171826 4caa4c8de5d905072458b20c47fe6cf7
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-4etch15_hppa.deb
Size/MD5 checksum: 178420 bb3bf378c5b4b2399066ef14d3a56f99
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-4etch15_hppa.deb
Size/MD5 checksum: 373022 03ab8e9d8f491cc2e36b6231df6a1598
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-4etch15_hppa.deb
Size/MD5 checksum: 572122 49ede4d4a1cfaf08d2335a0643445281
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-4etch15_hppa.deb
Size/MD5 checksum: 178162 def9c5ec2aa784f7dce6292be42f47d9
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15_hppa.deb
Size/MD5 checksum: 857652 5d02382877ea32a59807865743c97bfd
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-4etch15_hppa.deb
Size/MD5 checksum: 396408 ef2e43b492945bb1769a6f706788b658
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-4etch15_hppa.deb
Size/MD5 checksum: 9303936 f3f4d2f867bde284abf7db446705ed95
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-4etch15_i386.deb
Size/MD5 checksum: 9301270 0a5dc62b3aab325ab4ea20276a45442d
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15_i386.deb
Size/MD5 checksum: 856306 8d74ae00e735d95515aa9bb808c6671c
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-4etch15_i386.deb
Size/MD5 checksum: 340162 08312dde22cde79581b15286c44f4301
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-4etch15_i386.deb
Size/MD5 checksum: 172982 22de0edc3a1de0f0fbcb87edca082d50
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-4etch15_i386.deb
Size/MD5 checksum: 338336 d1ef1a5beae644f9f1296d6039bb69ef
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-4etch15_i386.deb
Size/MD5 checksum: 175660 db8eac754a12034b9f75eaf05386ca82
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-4etch15_i386.deb
Size/MD5 checksum: 560354 9c8893eb2188dadfaf3fd17a434f8b06
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-4etch15_ia64.deb
Size/MD5 checksum: 610916 7ad33fed4d558be67ede30630d6c72a7
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-4etch15_ia64.deb
Size/MD5 checksum: 427888 c209553ee479329f7c7363c1ebdc1a74
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-4etch15_ia64.deb
Size/MD5 checksum: 192618 befb38ab9b489751714f779dbea3d291
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15_ia64.deb
Size/MD5 checksum: 879096 61a9e8155e1f09336597fe3f4a37d3fe
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-4etch15_ia64.deb
Size/MD5 checksum: 465992 0c339ef0bb56f9b78396c5cef52d7f9b
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-4etch15_ia64.deb
Size/MD5 checksum: 202350 a7a2a4426c2009d5834d077992fc958c
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-4etch15_ia64.deb
Size/MD5 checksum: 9315990 f98473c93e67b4b211484830daf41832
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-4etch15_mips.deb
Size/MD5 checksum: 179764 7993bddf6d20c53d04dfa82db8c45f17
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-4etch15_mips.deb
Size/MD5 checksum: 343582 963becae67065832dc9544c1b81c6af9
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-4etch15_mips.deb
Size/MD5 checksum: 9301686 cc048163c4d480e18e26fc43a20557a5
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-4etch15_mips.deb
Size/MD5 checksum: 599950 0cdd81bdd2254f51bb0042b9aff03799
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-4etch15_mips.deb
Size/MD5 checksum: 398656 085b4754c33410f999a6c92a7fab83e5
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-4etch15_mips.deb
Size/MD5 checksum: 175634 aa1d7b2f22ed7e3e1d380e8e8b81affd
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15_mips.deb
Size/MD5 checksum: 855198 0a1ff9eb459bd43042abd61a5e417b7b
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-4etch15_powerpc.deb
Size/MD5 checksum: 591114 c8462b221e0ffa9e98768074c1a35e46
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-4etch15_powerpc.deb
Size/MD5 checksum: 372666 368d9b9438ad78195fab6682815d0658
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-4etch15_powerpc.deb
Size/MD5 checksum: 350662 e003d2a4c115aa56b5cb58703ea8abb8
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-4etch15_powerpc.deb
Size/MD5 checksum: 182422 50b96cab6541a0ea2809a60ec2977f6e
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-4etch15_powerpc.deb
Size/MD5 checksum: 177040 c44f2cdab20f3159c6e05decd53e5a42
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15_powerpc.deb
Size/MD5 checksum: 857930 14100228766332ab199d6d0e5e023a31
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-4etch15_powerpc.deb
Size/MD5 checksum: 9303010 8d9887c249921ffd2d077060b86c33cd
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-4etch15_s390.deb
Size/MD5 checksum: 176984 c73d0d25cb9c6fb1471dc75dc1eae93b
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-4etch15_s390.deb
Size/MD5 checksum: 370222 85073bbf0c93b0febd8653ea69d4bdd8
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-4etch15_s390.deb
Size/MD5 checksum: 581758 20aad1ce19fb1e89f14f14cb9cb15abc
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-4etch15_s390.deb
Size/MD5 checksum: 361652 5a0de663fbef083c9dcbd26bec3be8b1
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15_s390.deb
Size/MD5 checksum: 855896 ba7952cb99fcbe5f7d95e3ee94a8cc60
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-4etch15_s390.deb
Size/MD5 checksum: 177818 667e53e87004a1a3dec45f976223b5ff
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-4etch15_s390.deb
Size/MD5 checksum: 9301658 bc0b5281a733ed8dad0721921f3074d8
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-4etch15_sparc.deb
Size/MD5 checksum: 174724 e0ba1dd7dc376ed26e1ad691be01bc28
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-4etch15_sparc.deb
Size/MD5 checksum: 852022 571af9e5cca4709e67315bc8d4e27f8d
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-4etch15_sparc.deb
Size/MD5 checksum: 172782 e1f14cbb1310608ae919dbe2ba6dc2da
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-4etch15_sparc.deb
Size/MD5 checksum: 9299404 dc0687d0d19b33a47549213a92986141
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-4etch15_sparc.deb
Size/MD5 checksum: 541198 a7f2f8746008045edf1b94acacc60db9
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-4etch15_sparc.deb
Size/MD5 checksum: 358074 71ddd770d23bd40dc8da26271556471a
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-4etch15_sparc.deb
Size/MD5 checksum: 349468 24934fe9a2cd03571fcbdcac63aa11c9
これらのファイルは次の版の安定版リリース時そちらに移されます。
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
------>8------------>8------------>8------------>8------------>8-
--
Seiji Kaneko skaneko@xxxxxxxxxxxx
---------------------------------------------------------