View Full Version : USN-684-1: ClamAV vulnerability

December 2nd, 2008, 11:40 PM
================================================== ========= Ubuntu Security Notice USN-684-1 December 02, 2008 clamav vulnerability https://bugs.launchpad.net/bugs/304017 ================================================== ========= A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: libclamav5 0.94.dfsg.2-1ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Ilja van Sprundel discovered that ClamAV did not handle recursive JPEG information. If a remote attacker sent a specially crafted JPEG file, ClamAV would crash, leading to a denial of service.

More... (http://www.ubuntu.com/usn/usn-684-1)