You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa clamav

Sigurnosni nedostatak programskog paketa clamav

by - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3789-1
October 11, 2018

clamav vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

ClamAV could be made to crash if it opened a specially crafted file.

Software Description:
– clamav: Anti-virus utility for Unix

Details:

It was discovered that ClamAV incorrectly handled unpacking MEW
executables. A remote attacker could possibly use this issue to cause
ClamAV to crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
clamav 0.100.2+dfsg-1ubuntu0.18.04.1

Ubuntu 16.04 LTS:
clamav 0.100.2+dfsg-1ubuntu0.16.04.1

Ubuntu 14.04 LTS:
clamav 0.100.2+dfsg-1ubuntu0.14.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/usn/usn-3789-1
CVE-2018-15378

Package Information:
https://launchpad.net/ubuntu/+source/clamav/0.100.2+dfsg-1ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/clamav/0.100.2+dfsg-1ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/clamav/0.100.2+dfsg-1ubuntu0.14.04.1

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlu/lTUACgkQZWnYVadE
vpMpXhAAtA6kEUl+Q6DPGkDeLIzPrldnWfM3v6YloTfBHmbo98j+yX4U3NtuBFG3
4PhHB8u6i9ArBksyb3Sx13JWQCzkpiFNZJYSek4kkEhwT6eWzG+XxlZEFBVTkUOP
Hvt/YhWtZL17gmt1/txXoTWusVEYQNOHxMQAfPRV50iAej3i8Vf57YNjptR6RCVV
fexYu0GOB5hrphaj0fbD2E07ScnWMB9AF05oLT2p8GK4EVuTATS0Wbpad1ltqF2A
yE5m4kJuU2QLlAus7PkhglfFqV4RtC4FEIWHDqr561SK1gW6Th8+qjDNflQVfGQY
qUN/ccZI0458ntwbINZXfF4hXdO6yewSRprK3h6P4i2ecwa04ICMy4qIICIpBJIr
CMWuJJ4VarSUoTaB1pOw8tlxiufqm2TNNuzLvVpKnJwieLgP3Qr9FZCLQWWnBQ11
KkBTf1+0gVY3VQgvVGkQ1ntdxiE2QOlbThiOgBSEr9GxQUiFqRQ1yfmjs0TbL+5R
syZ428lX4NPcw3j2zjbnyYpgrMa6Fum3uCqqmdxzQ6eF0rRVLyCsCvIUxc43w666
sJaYtI3lN/ZNCEqGpkMf5j4OAJnfyeZ0SjFY6NysdZxnfDoxqVJqLRYsvUAjTbKa
PKOfHG5mE1P3lITP6Alduu7ut4QyiEka38nc0ySwIheErBjzgPs=
=Ggcn
—–END PGP SIGNATURE—–

AutorTomislav Protega
Cert idNCERT-REF-2018-10-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa git

Otkriven je sigurnosni nedostatak u programskom paketu git za Fedoru. Otkriveni nedostatak potencijalnim napadačima omogućuje izvršavanje proizvoljnog programskog koda pomoću...

Close