It was discovered that ClamAV did not properly verify buffers whenprocessing Upack files. A remote attacker could send a crafted file andcause a denial of service via application crash.

==========================================================Ubuntu Security Notice USN-756-1             April 13, 2009
clamav vulnerability
https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/360502
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
  libclamav5                      0.94.dfsg.2-1ubuntu0.3

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that ClamAV did not properly verify buffers when
processing Upack files. A remote attacker could send a crafted file and
cause a denial of service via application crash.


Updated packages for Ubuntu 8.10:

  Source archives:

          Size/MD5:   160035 9ec8019deb73a5a954c97fcb0bf26309
          Size/MD5:     1507 33a07aa02735d0740a991fd53d1690c7
          Size/MD5: 22073819 7b45b0c54b887b23cb49e4bff807cf58

  Architecture independent packages:

          Size/MD5: 19497612 4f42a7f2efa8bab6df3f316dc58644f3
          Size/MD5:  1077770 0eb5f3a51d3d05ab98e9cab30fa689ec
          Size/MD5:   208466 f1161a232ed581d23e34465e4e9b69bf

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   240062 e37dbed6b3807db87a0a564839960c9e
          Size/MD5:   915356 b2d6c5bbe0928fbff8d3f8646e2916bb
          Size/MD5:   255912 8e697047c72b3d631e3215394ed346ef
          Size/MD5:   236034 1c01619d9fc562477c61f7dba6b7e990
          Size/MD5:   575624 14154e0bd4975215d2edce6159e73bba
          Size/MD5:   539994 664164b600a3225e1dd4297394cd5705
          Size/MD5:   233094 c44ed50398c9108188682ea6593f4c12

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   233596 526cdf381eea1dfb2b8a25c9ab47af55
          Size/MD5:   849528 3d7efe88f9bc29680559141b9add7cfc
          Size/MD5:   254090 2858c4a22109947e27a274eab66d2b2d
          Size/MD5:   233118 8275f107c892dade9c8e269294776ddc
          Size/MD5:   543786 89aab0500eb0b1dc290a6ead5e172749
          Size/MD5:   525928 bb809d8829610db1ddbbeb98a17e2777
          Size/MD5:   229716 41f3df00a9eaefa7bbdc44bf90076271

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   233144 bb617f3ed2b61f494702e3c1c67d8e1f
          Size/MD5:   867034 4fad6f85315f71e40f2942d54e74ae5f
          Size/MD5:   254190 96f301fe4b606d3ed7dda39c3d7d5100
          Size/MD5:   232658 99c61d4acf7b1025670189b589e4f4ce
          Size/MD5:   545288 ee5a94b51bad427aeac20db209fe2388
          Size/MD5:   528622 952540615e83e89aa3fcf032a1f67c46
          Size/MD5:   229656 4889c53c828b7e66d54748d954c6f3c7

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   243322 7bc824817425ef6faf4d83c1950d7a7f
          Size/MD5:   904222 4133d09baa03806b109a6a0ba45e15eb
          Size/MD5:   258658 96993b01982151656d85c6978d323f24
          Size/MD5:   240674 e10e69574fce756e0774e936a62e3a8c
          Size/MD5:   615272 8dadb6a8a6da0470745de9d8c558fd7c
          Size/MD5:   556208 dc082d12f3c15a98650253f56f635bc7
          Size/MD5:   233188 dbf6c9f45ab5114e105ebe443562697a

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   233162 6b035e2961759537051f30803e6e4e96
          Size/MD5:   836902 850d4356b9a87db92d5efc2db81d8936
          Size/MD5:   253444 6c0517570fc4ac05b94080f60adcc571
          Size/MD5:   233530 8cc09abef6a0baf488ba3f8c0cadecee
          Size/MD5:   579172 61ee5fb721cd8543113931525737db7a
          Size/MD5:   544798 1f62918b0a49e4e13f6a760642d04c20
          Size/MD5:   230582 9429f9caa92a0cd8feda0d70f9967e6d