Red Hat Bugzilla – Bug 253780
clamav-0.91.2 is available
Last modified: 2007-11-30 17:12:13 EST
clamav-0.91.2 is already available. Repo version is 0.91.1.
Please update the package.
If you have any questions or suggestions related to Fever,
feel free to write them in this bug or have a look at
Don't send any messages to fevapp at o2.pl please.
New upstream version fixes multiple DoS vulnerabilities (hence severity: high),
as described e.g. here:
No CVE name was assigned to those issue yet.
Found CVE name: CVE-2007-4510
ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and
other products, allows remote attackers to cause a denial of service
(application crash) via (1) a crafted RTF file, which triggers a NULL
dereference in the cli_scanrtf function in libclamav/rtf.c; or (2) a
crafted HTML document with a data: URI, which triggers a NULL
dereference in the cli_html_normalise function in
libclamav/htmlnorm.c. NOTE: some of these details are obtained from
third party information.
Could you push this package (if it is ready) to F7 updates:
clamav-0.91.2-2.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
Found CVE name: CVE-2007-4560
Description (c/p from http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4560):
clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows
remote attackers to execute arbitrary commands via shell metacharacters that are
used in a certain popen call, involving the "recipient field of sendmail."