Date: Wed, 13 Feb 2008 18:38:46 +0300 From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: freebsd-security@freebsd.org Subject: VuXML entry for CVE-2008-0318 (libclamav) Message-ID: <FbFFZnfylyxPmIBt8pdFVaeGuBI@yKJGB/90arkgDpuqNoncDa0OQcE>
next in thread | raw e-mail | index | archive | help
--Fnm8lRGFTVS/3GuM Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Good day. Attached is the draft of the VuXML entry for the new ClamAV vulnerability. >From what I had seen and from the comments of the iDefence and ClamAV changelog, it seems that the vulnerable Petite PE module is really disabled in daily.cfg. The file has entries 'PE:0xbfff:13:23' and 'PE:0xdeff:24:25', while libclamav/dconf.h has the following: ----- #define PE_CONF_PETITE 0x100 ----- So, Petite compressor is disabled for f-levels 24 (0.92_sf) and 25 (0.92). 23 is 0.92rc2 and Petite is enabled for it and lower versions down to 13 (0.90). F-versions were extracted from libclamav/others.c, macro variable CL_FLEVEL. So I had marked only clamav >= 0.92 and < 0.92.1 as vulnerable. -- Eygene --Fnm8lRGFTVS/3GuM--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FbFFZnfylyxPmIBt8pdFVaeGuBI>