Date: Tue, 8 Aug 2006 06:59:19 -0400 (EDT) From: Michael Scheidell <scheidell@secnap.net> To: FreeBSD-gnats-submit@FreeBSD.org Cc: garga@FreeBSD.org Subject: ports/101649: upgrade to 88.4, possible security issues Message-ID: <20060808105919.45AAA137BC0@scanner.secnap.net> Resent-Message-ID: <200608081100.k78B0fB5061443@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 101649 >Category: ports >Synopsis: upgrade to 88.4, possible security issues >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Tue Aug 08 11:00:41 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Michael Scheidell >Release: FreeBSD 4.11-RELEASE-p16 i386 >Organization: SECNAP Network Security >Environment: System: FreeBSD scanner.secnap.net 4.11-RELEASE-p16 FreeBSD 4.11-RELEASE-p16 #17: Mon Apr 10 13:21:44 EDT 2006 root@scanner.secnap.net:/usr/obj/usr/src/sys/SCANNER i386 >Description: Clamav has released version 88.4 in response to reports of DOS attacks against UPX packer. >From their release notes: * CVE: XXXXXXXXXXXXXXX * Status: Critical * Vulnerable: ClamAV 0.81 - 0.88.3 A heap overflow vulnerability was discovered in libclamav which could cause a denial of service or allow the execution of arbitrary code. The problem is specifically located in the PE file rebuild function used by the UPX unpacker. Due to improper validation it is possible to overflow the above memcpy() beyond the allocated memory block. The problem has been fixed in 0.88.4. >How-To-Repeat: Relevant code from libclamav/upx.c: memcpy(dst, newbuf, foffset); *dsize = foffset; free(newbuf); cli_dbgmsg("UPX: PE structure rebuilt from compressed file\n"); return 1; >Fix: apply patches, upgrade: diff -bBru Makefile.orig Makefile --- Makefile.orig Mon Jul 3 08:42:52 2006 +++ Makefile Mon Aug 7 19:01:20 2006 @@ -6,7 +6,7 @@ # PORTNAME= clamav -PORTVERSION= 0.88.3 +PORTVERSION= 0.88.4 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE_EXTENDED} MASTER_SITE_SUBDIR= clamav diff -bBru distinfo.orig distinfo --- distinfo.orig Mon Jul 3 08:42:52 2006 +++ distinfo Tue Aug 8 06:40:46 2006 @@ -1,3 +1,3 @@ -MD5 (clamav-0.88.3.tar.gz) = 330206089713e73a44afc7a4d6450225 -SHA256 (clamav-0.88.3.tar.gz) = 26104bca0780ed8eb99f5a08259bf09d55a374572ba1af28e661cae64da5fb84 -SIZE (clamav-0.88.3.tar.gz) = 7154152 +MD5 (clamav-0.88.4.tar.gz) = 7759784aa4506b314e6543e0f2a8587b +SHA256 (clamav-0.88.4.tar.gz) = a581f2f7c93fac9e7a4caf5c1f15f5e7722a4739aaaa3f07dd9076e1097d157f +SIZE (clamav-0.88.4.tar.gz) = 7632947 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060808105919.45AAA137BC0>