Package: clamav Version: 0.90.1-3etch7 Severity: critical Tags: security
Two new CVEs for clamav: Name: CVE-2007-6595 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6595 Reference: BUGTRAQ:20071229 TK53 Advisory #2: Multiple vulnerabilities in ClamAV Reference: URL:http://www.securityfocus.com/archive/1/archive/1/485631/100/0/threaded Reference: BID:27064 Reference: URL:http://www.securityfocus.com/bid/27064 ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files in the cli_gentempfd function in libclamav/others.c or on (2) .ascii files in sigtool, when utf16-decode is enabled. Name: CVE-2007-6596 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6596 Reference: BUGTRAQ:20071229 TK53 Advisory #2: Multiple vulnerabilities in ClamAV Reference: URL:http://www.securityfocus.com/archive/1/archive/1/485631/100/0/threaded Reference: BID:27064 Reference: URL:http://www.securityfocus.com/bid/27064 ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows remote attackers to bypass the scanner via a Base64-UUEncoded file. I'd say ignore CVE-2007-6596, as clamav also doesn't recognise insert-random-proprietary-encoding-here either, so it's not really a valid issue (imo). Tags for versions are: CVE-2007-6595 isn't relevant for sarge, and only part (2) is in etch. Lenny/sid affected fully. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]