You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa clamav

Sigurnosni nedostatak programskog paketa clamav

==========================================================================
Ubuntu Security Notice USN-4230-2
January 23, 2020

clamav vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 ESM
– Ubuntu 12.04 ESM

Summary:

ClamAV could be made to crash if it opened a specially crafted file.

Software Description:
– clamav: Anti-virus utility for Unix

Details:

USN-4230-1 fixed a vulnerability in ClamAV. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that ClamAV incorrectly handled certain MIME messages. A
remote attacker could possibly use this issue to cause ClamAV to crash,
resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
clamav 0.102.1+dfsg-0ubuntu0.14.04.1+esm1

Ubuntu 12.04 ESM:
clamav 0.102.1+dfsg-0ubuntu0.12.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/4230-2
https://usn.ubuntu.com/4230-1
CVE-2019-15961
—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl4p7iMACgkQRbznW4QL
H2mZkA/9Eli3ptuya54wKw9P8mzoKH89yHWnvKMK6KNTw0Zt/yV0OqXaB79cOmEe
0RRnevFCvY0Yt1WdwrWQRLZJeFMCqfFaqy4/RJ3ItuR1OGQ4mhDfKH6VgM4j0BWY
PK0EKmhPFmyHdTJltQejIW3GbT01EfRJlXrLY27c2ax12ym4Ossa6hzphsOLfixz
THqi++veGnFiZIOeNGfp1Dr9Wb9vCZA2U1zeQPPNCAgVpD2GGQWrWlfO0tYhxMmd
0oAgRoZAlk6HzTu9WXpCboPTuEy/wq2pIvTno5k/XlxFQuYp6cFo+Ysxhl8h01so
wU01JgkM5ds+zQcUJzVgAWSjiVaEnyLuOFHyL7HSSjqqEBkkGuMoviAuBM1pHR1Z
chKBR9fIqZs8sCXH2HMjm0GO5MWuDfUj1SFeJMRNE8Dgrc6RfdZizzvgVIEzlfZe
z/IRAO8j+uGDXgEEnjYKdGaxhi4c8xrAHj7aDoO0FU/+LxcfqjpiX0gOgeTG4y6D
DXHxkCPIzF8G/bacu0jLBAWwnQ5KEiiywqI7pR0l7Y5eXDvajYSybvecSY8gYRho
YXc93dslkxXbd0qFus8u8o8nBk+lRXqZKSd4VMqJu6pOOd2zNIy0VoQMDby1dQXo
TKCfsxWrDa1l3iqDMTlq9sJ0X5CnIT2IToQYDwC5IyEYgAgKz2M=
=iF0R
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa Ansible

Otkriveni su sigurnosni nedostaci u programskom paketu Ansible za operacijski sustav RHEL. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close