oss-sec mailing list archives

Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive

From: Marcus Meissner <meissner () suse de>
Date: Wed, 22 Apr 2009 17:43:35 +0200

Stephen,

These two clamav 0.95.1 issues still need CVEs I think.

On Thu, Apr 09, 2009 at 12:15:54PM +0200, Tomas Hoger wrote:

On Tue, 7 Apr 2009 14:08:15 +0200 Thomas Biege <thomas () suse de> wrote:

These two bugs possibly need a CVE-ID.


Upstream 0.95.1 seems to fix at least 2 other issues that may be of
interest:

https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1552
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1553

svn diff -c 5032 http://svn.clamav.net/svn/clamav-devel/

-- 
Tomas Hoger / Red Hat Security Response Team


-- 
Working, but not speaking, for the following german company:
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)

Current thread:

CVE request: clamav clamd and clamscan DoS and bypass by malformated archive Thomas Biege (Apr 07)
- Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive Nico Golde (Apr 07)
  - Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive Jamie Strandboge (Apr 07)
    - Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive Nico Golde (Apr 07)
- Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive Steven M. Christey (Apr 08)
- Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive Tomas Hoger (Apr 09)
  - Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive Hanno Böck (Apr 09)
    - Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive Marcus Meissner (Apr 09)
  - Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive Marcus Meissner (Apr 22)
    - Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive Steven M. Christey (Apr 23)