USN-770-1: ClamAV vulnerability
Posted on: 05/05/2009 12:20 AM

A new ClamAV vulnerability update is available for Ubuntu Linux. Here the announcement:

Ubuntu Security Notice USN-770-1 May 04, 2009
clamav vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 9.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.04:
clamav-milter 0.95.1+dfsg-1ubuntu1.2

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

A flaw was discovered in the clamav-milter initscript which caused the
ownership of the current working directory to be changed to the 'clamav'
user. This update attempts to repair the incorrect ownership for standard
system directories, but it is recommended that the following command be
performed to report any other directories that may be affected:

$ sudo find -H / -type d -user clamav \\! -group clamav 2gt;/dev/null

Systems configured to run clamav as a user other than the default 'clamav'
user will need to adjust the above command accordingly.

Updated packages for Ubuntu 9.04:

Source archives:
Size/MD5: 240956 16d828dea428d031cc59d41b24b592d1
Size/MD5: 1540 575dace049ba5216b8ccbd3333b6c2c3
Size/MD5: 24233062 1e9618ac1b9b58e5c1c1b665adf26749

Architecture independent packages:
Size/MD5: 21399900 52b7926a51ada72067819f1c646db8b3
Size/MD5: 1110124 f7759ab6a73007be3605276cb0e7f28d
Size/MD5: 225956 d4cc917a76574e27fe7b51643628bb4d

amd64 architecture (Athlon64, Opteron, EM64T Xeon):
Size/MD5: 393938 b905639abb64cbb62f6b088abf5a0231
Size/MD5: 1184152 675a9cea68762ac8e0dca483292e15cf
Size/MD5: 281792 d0cbd33bd85b022ee85bbdac7511213f
Size/MD5: 273934 86fa7c88dd44a77cf563b401d22a1139
Size/MD5: 605768 951853d338127eb686432233bfb5a341
Size/MD5: 569884 20ce2a8275351db1eee604558d79d4f7
Size/MD5: 266000 33d736985619ca166f8f917fb7271d87

i386 architecture (x86 compatible Intel/AMD):
Size/MD5: 382140 4440322bc961f0a410ebc92bb95f17aa
Size/MD5: 1095416 9e2b92403f60728922113a3a27982533
Size/MD5: 279266 5f2fe7d3e0d045fe4f68e356fd977a04
Size/MD5: 268354 db1afab9a4b57a37bdcc3ccf471c5cc2
Size/MD5: 574290 c33b885b054cd55655292c55bed96295
Size/MD5: 557328 643fd52c2f12ac522a87121e93978e79
Size/MD5: 263040 0ab591f0b668adb5587edd485e987c13

lpia architecture (Low Power Intel Architecture):
Size/MD5: 382392 0ea691eea8bd953bc273da4c9b9debc4
Size/MD5: 1116512 52c01ee04b0107669c566b44cfac727e
Size/MD5: 279020 aa4872b8c2d9f299d532888d3675ea51
Size/MD5: 268124 3a3175eb60cea6248bdd6767e5833de2
Size/MD5: 575506 96c1ca9f26aba0862f42b189fcae7354
Size/MD5: 559374 04a449e526bbb7d8be9b95c365b3b7f6
Size/MD5: 263008 ef2bcc6eb89e665ab5fba4cf10d2d2d8

powerpc architecture (Apple Macintosh G3/G4/G5):
Size/MD5: 400204 94578b9dca844d1434025a51c0109c83
Size/MD5: 1158670 5a7be46133af1bc18e47adfca1cf6587
Size/MD5: 283848 2ab5a37504e844051c48c6419e55f336
Size/MD5: 276786 1003a47361604f8d3b54771e9bb0fa34
Size/MD5: 645340 365e906bfacae713aa391e827933e9ad
Size/MD5: 587074 d83bab7ca42ef3a0b37e704aa624558c
Size/MD5: 269430 29c2c9c54774130407c28ed4422da83b

sparc architecture (Sun SPARC/UltraSPARC):
Size/MD5: 383556 1cea55a1fce839b2ca1e5b03ca632c32
Size/MD5: 1064340 a6c0dc3a0e3d40a4f89dff2290a6769a
Size/MD5: 277894 fc8f08a7d044cc9246a8233d1a9cfd2a
Size/MD5: 268476 c4a9a06151ad123de3cb484f06fc8870
Size/MD5: 607604 f11ab004f8c8c5c6845bc90c38cf2f4a
Size/MD5: 574486 e1c8f67fa7300c4759d9c01b9bc4e3c2
Size/MD5: 262718 ff8884c64206061ec9830b029c06aa8e

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

Version: GnuPG v1.4.9 (GNU/Linux)


Printed from Linux Compatible (