-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2012-06-18 10:28:54 UTC
-
mfrom:
(81.1.6 lucid-security)
-
Revision ID:
package-import@ubuntu.com-20120618102854-8r0dvu7g0638urws
Tags: 0.96.5+dfsg-1ubuntu1.10.04.4
* SECURITY UPDATE: fix detection bypass via malformed tar entry with
length that exceeds tar size
- libclamav/untar.c: scan output at end of truncated tar
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=8e199ae3cfb2b862b8bc36d9a01c8f8d716169ab
- CVE-2012-1457
* SECURITY UPDATE: fix detection bypass via crafted reset interval in
CHM file
- libclamav/mspack.c: properly scan chm with invalid handling.
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=a58b68f8adf2466b761ce05f74a4580c1f74fbe6
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=9d6be7c56091f012e90074122db4ec12d3516011
- CVE-2012-1458
* SECURITY UPDATE: fix detection bypass via tar archive with invalid
length field
- libclamav/untar.c: improve logic, look at checksums
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=c3c807d78b09b3f64630601002fdc7db257d89da
- http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=9d6be7c56091f012e90074122db4ec12d3516011
- CVE-2012-1459