[USN-3722-3] ClamAV regression


This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
–===============5668118694917576106==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol=”application/pgp-signature”;
boundary=”B1bP6foSN6kT8HxPdDh2DRut5FUQAirGk”

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
–B1bP6foSN6kT8HxPdDh2DRut5FUQAirGk
Content-Type: multipart/mixed; boundary=”nILJd60wkeMsWuPMrr9c3FKm7x5FVRk1l”;
protected-headers=”v1″
From: Marc Deslauriers
Reply-To: Ubuntu Security
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID:
Subject: [USN-3722-3] ClamAV regression

–nILJd60wkeMsWuPMrr9c3FKm7x5FVRk1l
Content-Type: text/plain; charset=utf-8
Content-Language: en-CA
Content-Transfer-Encoding: quoted-printable

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Ubuntu Security Notice USN-3722-3
July 26, 2018

clamav regression
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

USN-3722-1 introduced a regression in ClamAV.

Software Description:
– clamav: Anti-virus utility for Unix

Details:

USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version
removed some configuration options which caused the daemon to fail to sta=
rt
in environments where the ClamAV configuration file was manually edited.
This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that ClamAV incorrectly handled parsing certain HWP
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0360)
It was discovered that ClamAV incorrectly handled parsing certain PDF
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0361)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.18.04.2

Ubuntu 16.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.16.04.2

Ubuntu 14.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.14.04.2

In general, a standard system update will make all the necessary changes.=

References:
https://usn.ubuntu.com/usn/usn-3722-3
https://usn.ubuntu.com/usn/usn-3722-1
https://launchpad.net/bugs/1783632

Package Information:
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.18.04=
=2E2
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.16.04=
=2E2
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.14.04=
=2E2

–nILJd60wkeMsWuPMrr9c3FKm7x5FVRk1l–

–B1bP6foSN6kT8HxPdDh2DRut5FUQAirGk
Content-Type: application/pgp-signature; name=”signature.asc”
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename=”signature.asc”

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAltZ+74ACgkQZWnYVadE
vpOblQ/5Ab3Z+yekDwYwRQKEDh9zKramG0MGN6bIBSST6MGDBvLfkKGXUHWkcrRK
5V64Boczah8xiicUxG2f+jELIlkox0A0W5+wMIFlPe43XIZCUMypNABJDyUSQJU8
RioPYbRyKoWEeGsd3ztnbTg07aT6QAEVgEGjOSHvNHsB9ETBZEOBC3IKmPOmTgSS
yt43FWtX2zcyDdXggcb8X/8M2pMQorDq3r3EwUMgJ3A+WPn6sM/J5JWOWnq2dLvG
+OvOM28txD6KnRZSJpNxrxfWX94hKnXwBvr/23yz2VjDWRh2b+nQooUkZ5Zo1xOq
tSJ+4AGHabHNUz81+U84aun7xeN5oZ6zBDqrfdCLLwk6B98RAqdDfoKB7/GFO0RZ
jIH/7GQdeknTMG7WLHqIv2TPyoGSXYqbEwa9cb3tJPDn8k1k3p2G+L7jQEWqmXSO
5ruRB9SVKShfBkhr0YGxZlQA+gs2l1Yp8MJtIPsFjVZ7fnb8l8rWx7FziPkXsvNh
wSIhCKOMUleXi9d23lftWomM9G4RY4U6c23y4BZaD8ix4MLx/a17I8RZqueXTXk3
pI9MgE3+FKwGvf1VI169NkU4sYosKj7nT1bBnGYxgQo2EV140vfhlmxGUnwGUZo6
4JRR+AzVgT7V1BbZOcJtgT+jQ38xZjdrXz1/OYDx3fEUxX08sMc=
=F7oh
—–END PGP SIGNATURE—–

–B1bP6foSN6kT8HxPdDh2DRut5FUQAirGk–

–===============5668118694917576106==
Content-Type: text/plain; charset=”utf-8″
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK

–===============5668118694917576106==–