Debian LTS: DLA-1759-1: clamav security update

    Date22 Apr 2019
    CategoryDebian LTS
    457
    Posted ByLinuxSecurity Advisories
    Out-of-bounds read and write conditions have been fixed in clamav. CVE-2019-1787
    Package        : clamav
    Version        : 0.100.3+dfsg-0+deb8u1
    CVE ID         : CVE-2019-1787 CVE-2019-1788 CVE-2019-1789
    Debian Bug     : 
    
    
    Out-of-bounds read and write conditions have been fixed in clamav.
    
    CVE-2019-1787
    
        An out-of-bounds heap read condition may occur when scanning PDF
        documents. The defect is a failure to correctly keep track of the number
        of bytes remaining in a buffer when indexing file data.
    
    CVE-2019-1788
    
        An out-of-bounds heap write condition may occur when scanning OLE2 files
        such as Microsoft Office 97-2003 documents. The invalid write happens when
        an invalid pointer is mistakenly used to initialize a 32bit integer to
        zero. This is likely to crash the application.
    
    CVE-2019-1789
    
        An out-of-bounds heap read condition may occur when scanning PE files
        (i.e. Windows EXE and DLL files) that have been packed using Aspack as a
        result of inadequate bound-checking.
    
    
    For Debian 8 "Jessie", these problems have been fixed in version
    0.100.3+dfsg-0+deb8u1.
    
    We recommend that you upgrade your clamav packages.
    
    Further information about Debian LTS security advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://wiki.debian.org/LTS
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"6","type":"x","order":"1","pct":60,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":30,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":10,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.