rpms/clamav/FC-5 clamav-0.88.7-CVE-2007-0899.patch, NONE, 1.1 clamav-0.88.7-CVE-2007-0898.patch, NONE, 1.1 clamav-0.88.7-CVE-2007-0897.patch, NONE, 1.1 clamav.spec, 1.40, 1.41
Enrico Scholz (ensc)
fedora-extras-commits at redhat.com
Tue Feb 20 07:48:40 UTC 2007
- Previous message: rpms/clamav/FC-6 clamav-0.88.7-CVE-2007-0899.patch, NONE, 1.1 clamav-0.88.7-CVE-2007-0898.patch, NONE, 1.1 clamav-0.88.7-CVE-2007-0897.patch, NONE, 1.1 clamav.spec, 1.45, 1.46
- Next message: rpms/hunspell-fr import.log,1.1,1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: ensc
Update of /cvs/extras/rpms/clamav/FC-5
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19769/FC-5
Modified Files:
clamav.spec
Added Files:
clamav-0.88.7-CVE-2007-0899.patch
clamav-0.88.7-CVE-2007-0898.patch
clamav-0.88.7-CVE-2007-0897.patch
Log Message:
[SECURITY]: imported Debian patches to fix CVE-2007-0897 (CAB file DOS),
CVE-2007-0898 (Directory traversal vulnerability) and CVE-2007-0899
(Heap overflow). Fix CVE-for 2007-0897 is not perfect (disables CAB file
parsing completely) but the best I can do atm
clamav-0.88.7-CVE-2007-0899.patch:
--- NEW FILE clamav-0.88.7-CVE-2007-0899.patch ---
--- clamav-0.88.7.orig/libclamav/fsg.c
+++ clamav-0.88.7/libclamav/fsg.c
@@ -72,7 +72,8 @@
char *csrc = source, *cdst = dest;
int oob, lostbit = 1;
- /* I assume buffers size is >0 - No checking! */
+ if (ssize<=0 || dsize<=0) return -1;
+
*cdst++=*csrc++;
while ( 1 ) {
clamav-0.88.7-CVE-2007-0898.patch:
--- NEW FILE clamav-0.88.7-CVE-2007-0898.patch ---
--- clamav-0.88.7.orig/libclamav/mbox.c
+++ clamav-0.88.7/libclamav/mbox.c
@@ -3605,6 +3605,8 @@
char outname[NAME_MAX + 1];
time_t now;
+ sanitiseName(id);
+
snprintf(outname, sizeof(outname) - 1, "%s/%s", dir, id);
cli_dbgmsg("outname: %s\n", outname);
clamav-0.88.7-CVE-2007-0897.patch:
--- NEW FILE clamav-0.88.7-CVE-2007-0897.patch ---
--- clamav-0.88.7.orig/libclamav/filetypes.c
+++ clamav-0.88.7/libclamav/filetypes.c
@@ -59,7 +59,7 @@
{0, "\037\213", 2, "GZip", CL_TYPE_GZ},
{0, "BZh", 3, "BZip", CL_TYPE_BZ},
{0, "SZDD", 4, "compress.exe'd", CL_TYPE_MSSZDD},
- {0, "MSCF", 4, "MS CAB", CL_TYPE_MSCAB},
+ /* {0, "MSCF", 4, "MS CAB", CL_TYPE_MSCAB}, */
{0, "ITSF", 4, "MS CHM", CL_TYPE_MSCHM},
{0, "#@~^", 4, "SCRENC", CL_TYPE_SCRENC},
{0, "(This file must be converted with BinHex 4.0)",
Index: clamav.spec
===================================================================
RCS file: /cvs/extras/rpms/clamav/FC-5/clamav.spec,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -r1.40 -r1.41
--- clamav.spec 12 Dec 2006 08:17:53 -0000 1.40
+++ clamav.spec 20 Feb 2007 07:48:08 -0000 1.41
@@ -22,7 +22,7 @@
Summary: End-user tools for the Clam Antivirus scanner
Name: clamav
Version: 0.88.7
-Release: %release_func 1
+Release: %release_func 2
License: GPL
Group: Applications/File
@@ -42,6 +42,9 @@
Patch21: clamav-0.70-path.patch
Patch22: clamav-0.80-initoff.patch
Patch23: clamav-0.88.4-visibility.patch
+Patch50: clamav-0.88.7-CVE-2007-0897.patch
+Patch51: clamav-0.88.7-CVE-2007-0898.patch
+Patch52: clamav-0.88.7-CVE-2007-0899.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
Requires: clamav-lib = %{version}-%{release}
Requires: data(clamav)
@@ -165,6 +168,10 @@
%prep
%setup -q
+%patch50 -p1 -b .cve-2007-0897
+%patch51 -p1 -b .cve-2007-0898
+%patch52 -p1 -b .cve-2007-0899
+
%patch0 -p1 -b '.guys,please-read-the-compiler-warnings-before-doing-a-release.patch'
%patch1 -p1 -b .strncpy
@@ -434,6 +441,13 @@
%endif # _without_milter
%changelog
+* Tue Feb 20 2007 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.88.7-2
+- [SECURITY]: imported Debian patches to fix CVE-2007-0897 (CAB
+ file DOS), CVE-2007-0898 (Directory traversal vulnerability) and
+ CVE-2007-0899 (Heap overflow). Fix CVE-for 2007-0897 is not
+ perfect (disables CAB file parsing completely) but the best I
+ can do atm
+
* Tue Dec 12 2006 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.88.7-1
- updated to 0.88.7
- Previous message: rpms/clamav/FC-6 clamav-0.88.7-CVE-2007-0899.patch, NONE, 1.1 clamav-0.88.7-CVE-2007-0898.patch, NONE, 1.1 clamav-0.88.7-CVE-2007-0897.patch, NONE, 1.1 clamav.spec, 1.45, 1.46
- Next message: rpms/hunspell-fr import.log,1.1,1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list