You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa clamav

Sigurnosni nedostaci programskog paketa clamav

==========================================================================
Ubuntu Security Notice USN-3814-3
November 13, 2018

clamav vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 ESM

Summary:

Several security issues were fixed in ClamAV.

Software Description:
– clamav: Anti-virus utility for Unix

Details:

USN-3814-2 fixed several vulnerabilities in clamav. This update
provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 It was discovered ClamAV incorrectly handled certain malformed CAB
 files. A remote attacker could use this issue to cause ClamAV to
 crash, resulting in a denial of service. (CVE-2018-18584,CVE-2018-
18585)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  clamav                          0.100.2+dfsg-1ubuntu0.12.04.2

In general, a standard system update will make all the necessary
changes.

References:
  https://usn.ubuntu.com/usn/usn-3814-3
  https://usn.ubuntu.com/usn/usn-3814-1
  CVE-2018-18584, CVE-2018-18585—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJb6rp3AAoJEEW851uECx9pbSoP/3ctZucu4hXdXDsj6OBg2SMm
dul/t+qf4pTxext9eWvLewiTxmCUnp9+8Q97w3mK3cnp+9/MG3/KlwUpvkx+8fO3
nZzi8GJwOW8VOTvA6H6CB6aZAcgG8suua9RZpXmTP+ur5RLi/3w1mkJc4/cXxGuA
Y1850T5jKgd/X3vL/AHepL1s1V9r7Y0CHOqlIShMbRtXTrBX34V/RPOTYuF8+Gix
WQ3Kb9I43DVVAaLXU1jI0iJzGlpzYIcZnTCv+SLMNCcrQ6H7NshzUAdez0KgbHfF
jNuCxnEoRQdVz9M58Z9aRagULEKwlJYHTFrp9737eIhfAavjYLQYCnxIB28sg7yA
XQVlL4IaSa1bulaZHcdWWYMO5bqhyeKPXH9EUkET5cZfDaKzVrar5O8smI3SRL6N
TiK8v8YtAu8k69rT1P0Lh3/bpeY0jr2f/5C9IIAo+wniEp9q/TbWP5gkkpcVcbfd
Jrd0Uk8+sRqjDYhY8ehfyalKbXiyENh3Dh5B/ZSBNEiiKoSy+4ByQ3eSoX2Bu4SC
b5qTzjNX84eii1SVmAtBI+T9iWNDWG8Hwbxibi7txjA3/WJa17fXBnrSluaQo8rv
A3mkxBpnUM0gU5UlR7mX7mLcXJufMM0/H5KzokFoBf3SgFBGzM8f1jiDgwVgZbXE
rtU7vsEhR+QQqFwzXrvJ
=KhEM
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa Red Hat JBoss BRMS

Otkriven je sigurnosni nedostatak u programskom paketu Red Hat JBoss BRMS za operacijski sustav Red Hat. Otkriveni nedostatak potencijalnim napadačima...

Close