Date: Mon, 11 Dec 2006 17:25:24 -0500 (EST) From: Michael Scheidell <scheidell@secnap.net> To: FreeBSD-gnats-submit@FreeBSD.org Cc: garga@FreeBSD.org Subject: ports/106620: Update clamav to .88.7 (dos attack) Message-ID: <20061211222524.DE8B2137BA3@scanner.secnap.net> Resent-Message-ID: <200612112230.kBBMUCoJ023455@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 106620 >Category: ports >Synopsis: Update clamav to .88.7 (dos attack) >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Mon Dec 11 22:30:12 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Michael Scheidell >Release: FreeBSD 5.5-RELEASE-p8 i386 >Organization: SECNAP Network Security >Environment: System: FreeBSD scanner.secnap.net 5.5-RELEASE-p8 FreeBSD 5.5-RELEASE-p8 #3: Sun Nov 12 20:10:52 EST 2006 scheidell@scanner.secnap.net:/usr/obj/usr/src/sys/HACKERTRAP_305 i386 >Description: .88.6 clamav may have an untar recoursion DOS attack problem. >How-To-Repeat: specially crafter tar archive can cause a DOS using clamav .88.6. >Fix: update to .88.7, patch included. diff -bBru distinfo.orig distinfo --- distinfo.orig Mon Nov 6 06:03:43 2006 +++ distinfo Mon Dec 11 17:17:24 2006 @@ -1,3 +1,3 @@ -MD5 (clamav-0.88.6.tar.gz) = db7f8b947bc21023f36e04bfdd555dd0 -SHA256 (clamav-0.88.6.tar.gz) = cc7f90983aa61b3d893c3311e3f832c5faa204467143cff597ad80bf8ad24daa -SIZE (clamav-0.88.6.tar.gz) = 8929534 +MD5 (clamav-0.88.7.tar.gz) = 34a9d58cf5bcb04dbe3eb32b5367a3f8 +SHA256 (clamav-0.88.7.tar.gz) = 702cb5928bff3d0e647a4a6b505d434e3a0f10f2af74bddac5239a200b92d1e2 +SIZE (clamav-0.88.7.tar.gz) = 9510548 diff -bBru Makefile.orig Makefile --- Makefile.orig Mon Nov 6 06:03:43 2006 +++ Makefile Mon Dec 11 17:13:07 2006 @@ -6,7 +6,7 @@ # PORTNAME= clamav -PORTVERSION= 0.88.6 +PORTVERSION= 0.88.7 CATEGORIES= security MASTER_SITES= SF >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061211222524.DE8B2137BA3>