=========================================================== Ubuntu Security Notice USN-770-1 May 04, 2009 clamav vulnerability https://launchpad.net/bugs/365823 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.04: clamav-milter 0.95.1+dfsg-1ubuntu1.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A flaw was discovered in the clamav-milter initscript which caused the ownership of the current working directory to be changed to the 'clamav' user. This update attempts to repair the incorrect ownership for standard system directories, but it is recommended that the following command be performed to report any other directories that may be affected: $ sudo find -H / -type d -user clamav \! -group clamav 2>/dev/null Systems configured to run clamav as a user other than the default 'clamav' user will need to adjust the above command accordingly. Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.95.1+dfsg-1ubuntu1.2.diff.gz Size/MD5: 240956 16d828dea428d031cc59d41b24b592d1 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.95.1+dfsg-1ubuntu1.2.dsc Size/MD5: 1540 575dace049ba5216b8ccbd3333b6c2c3 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.95.1+dfsg.orig.tar.gz Size/MD5: 24233062 1e9618ac1b9b58e5c1c1b665adf26749 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-base_0.95.1+dfsg-1ubuntu1.2_all.deb Size/MD5: 21399900 52b7926a51ada72067819f1c646db8b3 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-docs_0.95.1+dfsg-1ubuntu1.2_all.deb Size/MD5: 1110124 f7759ab6a73007be3605276cb0e7f28d http://security.ubuntu.com/ubuntu/pool/universe/c/clamav/clamav-testfiles_0.95.1+dfsg-1ubuntu1.2_all.deb Size/MD5: 225956 d4cc917a76574e27fe7b51643628bb4d amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-daemon_0.95.1+dfsg-1ubuntu1.2_amd64.deb Size/MD5: 393938 b905639abb64cbb62f6b088abf5a0231 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-dbg_0.95.1+dfsg-1ubuntu1.2_amd64.deb Size/MD5: 1184152 675a9cea68762ac8e0dca483292e15cf http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-freshclam_0.95.1+dfsg-1ubuntu1.2_amd64.deb Size/MD5: 281792 d0cbd33bd85b022ee85bbdac7511213f http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.95.1+dfsg-1ubuntu1.2_amd64.deb Size/MD5: 273934 86fa7c88dd44a77cf563b401d22a1139 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav-dev_0.95.1+dfsg-1ubuntu1.2_amd64.deb Size/MD5: 605768 951853d338127eb686432233bfb5a341 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav6_0.95.1+dfsg-1ubuntu1.2_amd64.deb Size/MD5: 569884 20ce2a8275351db1eee604558d79d4f7 http://security.ubuntu.com/ubuntu/pool/universe/c/clamav/clamav-milter_0.95.1+dfsg-1ubuntu1.2_amd64.deb Size/MD5: 266000 33d736985619ca166f8f917fb7271d87 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-daemon_0.95.1+dfsg-1ubuntu1.2_i386.deb Size/MD5: 382140 4440322bc961f0a410ebc92bb95f17aa http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-dbg_0.95.1+dfsg-1ubuntu1.2_i386.deb Size/MD5: 1095416 9e2b92403f60728922113a3a27982533 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav-freshclam_0.95.1+dfsg-1ubuntu1.2_i386.deb Size/MD5: 279266 5f2fe7d3e0d045fe4f68e356fd977a04 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/clamav_0.95.1+dfsg-1ubuntu1.2_i386.deb Size/MD5: 268354 db1afab9a4b57a37bdcc3ccf471c5cc2 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav-dev_0.95.1+dfsg-1ubuntu1.2_i386.deb Size/MD5: 574290 c33b885b054cd55655292c55bed96295 http://security.ubuntu.com/ubuntu/pool/main/c/clamav/libclamav6_0.95.1+dfsg-1ubuntu1.2_i386.deb Size/MD5: 557328 643fd52c2f12ac522a87121e93978e79 http://security.ubuntu.com/ubuntu/pool/universe/c/clamav/clamav-milter_0.95.1+dfsg-1ubuntu1.2_i386.deb Size/MD5: 263040 0ab591f0b668adb5587edd485e987c13 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/clamav/clamav-daemon_0.95.1+dfsg-1ubuntu1.2_lpia.deb Size/MD5: 382392 0ea691eea8bd953bc273da4c9b9debc4 http://ports.ubuntu.com/pool/main/c/clamav/clamav-dbg_0.95.1+dfsg-1ubuntu1.2_lpia.deb Size/MD5: 1116512 52c01ee04b0107669c566b44cfac727e http://ports.ubuntu.com/pool/main/c/clamav/clamav-freshclam_0.95.1+dfsg-1ubuntu1.2_lpia.deb Size/MD5: 279020 aa4872b8c2d9f299d532888d3675ea51 http://ports.ubuntu.com/pool/main/c/clamav/clamav_0.95.1+dfsg-1ubuntu1.2_lpia.deb Size/MD5: 268124 3a3175eb60cea6248bdd6767e5833de2 http://ports.ubuntu.com/pool/main/c/clamav/libclamav-dev_0.95.1+dfsg-1ubuntu1.2_lpia.deb Size/MD5: 575506 96c1ca9f26aba0862f42b189fcae7354 http://ports.ubuntu.com/pool/main/c/clamav/libclamav6_0.95.1+dfsg-1ubuntu1.2_lpia.deb Size/MD5: 559374 04a449e526bbb7d8be9b95c365b3b7f6 http://ports.ubuntu.com/pool/universe/c/clamav/clamav-milter_0.95.1+dfsg-1ubuntu1.2_lpia.deb Size/MD5: 263008 ef2bcc6eb89e665ab5fba4cf10d2d2d8 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/clamav/clamav-daemon_0.95.1+dfsg-1ubuntu1.2_powerpc.deb Size/MD5: 400204 94578b9dca844d1434025a51c0109c83 http://ports.ubuntu.com/pool/main/c/clamav/clamav-dbg_0.95.1+dfsg-1ubuntu1.2_powerpc.deb Size/MD5: 1158670 5a7be46133af1bc18e47adfca1cf6587 http://ports.ubuntu.com/pool/main/c/clamav/clamav-freshclam_0.95.1+dfsg-1ubuntu1.2_powerpc.deb Size/MD5: 283848 2ab5a37504e844051c48c6419e55f336 http://ports.ubuntu.com/pool/main/c/clamav/clamav_0.95.1+dfsg-1ubuntu1.2_powerpc.deb Size/MD5: 276786 1003a47361604f8d3b54771e9bb0fa34 http://ports.ubuntu.com/pool/main/c/clamav/libclamav-dev_0.95.1+dfsg-1ubuntu1.2_powerpc.deb Size/MD5: 645340 365e906bfacae713aa391e827933e9ad http://ports.ubuntu.com/pool/main/c/clamav/libclamav6_0.95.1+dfsg-1ubuntu1.2_powerpc.deb Size/MD5: 587074 d83bab7ca42ef3a0b37e704aa624558c http://ports.ubuntu.com/pool/universe/c/clamav/clamav-milter_0.95.1+dfsg-1ubuntu1.2_powerpc.deb Size/MD5: 269430 29c2c9c54774130407c28ed4422da83b sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/clamav/clamav-daemon_0.95.1+dfsg-1ubuntu1.2_sparc.deb Size/MD5: 383556 1cea55a1fce839b2ca1e5b03ca632c32 http://ports.ubuntu.com/pool/main/c/clamav/clamav-dbg_0.95.1+dfsg-1ubuntu1.2_sparc.deb Size/MD5: 1064340 a6c0dc3a0e3d40a4f89dff2290a6769a http://ports.ubuntu.com/pool/main/c/clamav/clamav-freshclam_0.95.1+dfsg-1ubuntu1.2_sparc.deb Size/MD5: 277894 fc8f08a7d044cc9246a8233d1a9cfd2a http://ports.ubuntu.com/pool/main/c/clamav/clamav_0.95.1+dfsg-1ubuntu1.2_sparc.deb Size/MD5: 268476 c4a9a06151ad123de3cb484f06fc8870 http://ports.ubuntu.com/pool/main/c/clamav/libclamav-dev_0.95.1+dfsg-1ubuntu1.2_sparc.deb Size/MD5: 607604 f11ab004f8c8c5c6845bc90c38cf2f4a http://ports.ubuntu.com/pool/main/c/clamav/libclamav6_0.95.1+dfsg-1ubuntu1.2_sparc.deb Size/MD5: 574486 e1c8f67fa7300c4759d9c01b9bc4e3c2 http://ports.ubuntu.com/pool/universe/c/clamav/clamav-milter_0.95.1+dfsg-1ubuntu1.2_sparc.deb Size/MD5: 262718 ff8884c64206061ec9830b029c06aa8e
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/