Package: clamav
Version: 0.84-2.sarge.2
Severity: serious
Tags: security
Hi,
the new version 0.87 of clamav fixes vulnerabilities in handling of UPX
and FSG compressed executables.
>From upstreams Changelog:
* Changes backported from CVS:
- libclamav/upx.c: fix possible buffer overflow (acab)
- libclamav/fsg.c: fix possible infinite loop (acab)
For sarge the following patches are the one to fix it:
--- clamav-0.84/libclamav/fsg.c 2005-09-16 17:54:11.121701163 +0200
+++ clamav-0.87/libclamav/fsg.c 2005-09-16 00:49:04.000000000 +0200
@@ -235,7 +235,7 @@
for (i = 0; i < sectcount ; i++) {
uint32_t trva,trsz,traw;
- if ( sections[i].rva < sections[i+1].rva )
+ if ( sections[i].rva <= sections[i+1].rva )
continue;
trva = sections[i].rva;
traw = sections[i].raw;
and:
--- clamav-0.84/libclamav/upx.c 2005-04-27 23:53:57.000000000 +0200
+++ clamav-0.87/libclamav/upx.c 2005-09-16 00:53:54.000000000 +0200
@@ -117,7 +117,7 @@
}
sections = pehdr+0xf8;
- if ( ! (sectcnt = pehdr[6]+256*pehdr[7])) {
+ if ( ! (sectcnt = (unsigned char)pehdr[6]+256*(unsigned char)pehdr[7])) {
cli_dbgmsg("UPX: No sections? - giving up rebuild\n");
return 0;
}
Greetings
Martin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
