Red Hat Bugzilla – Bug 495039
clamav: security fixes in upstream 0.95.1 (CVE-2009-1371, CVE-2009-1372)
Last modified: 2010-09-29 15:19:37 EDT
Upstream clamav version 0.95.1 seems to fix two bugs that may cause clamscan / clamd to crash when scanning certain inputs:
Crash when scanning a malformed file packed with UPack
cli_url_canon buffer overflow (this only seems to affect 0.95.x)
Both fixed upstream in:
svn diff -c 5032 http://svn.clamav.net/svn/clamav-devel/
Package: clamav-0.95.1-1.fc11 Tag: dist-f11 Status: complete Built by: robert
1963 (clamav): Build on target fedora-5-epel succeeded.
1965 (clamav): Build on target fedora-4-epel succeeded.
The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before
0.95.1 allows remote attackers to cause a denial of service
(application crash) via a malformed file with UPack encoding.
Stack-based buffer overflow in the cli_url_canon function in
libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers
to cause a denial of service (application crash) and possibly execute
arbitrary code via a crafted URL.
*** Bug 522157 has been marked as a duplicate of this bug. ***