Your message dated Sun, 28 Jan 2018 22:02:24 +0000 with message-id <e1efv1s-0007m9...@fasolo.debian.org> and subject line Bug#888484: fixed in clamav 0.99.2+dfsg-6+deb9u1 has caused the Debian Bug report #888484, regarding clamav: Security release 0.99.3 available (CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380) to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 888484: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: clamav Version: 0.99.2+dfsg-0+deb8u2 Severity: important 0.99.3 has been released, see http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html. This fixed a number of overflow bugs, each of which has assigned CVE numbers due to the potential for denial of service. We've have started seeing unexpected clamd crashes on a high-traffic mail system today, though I've been unable to isolate a test case. It's seems like too much of a coincidence that these crashes start happening the day after a security release was announced. We've implemented mitigations but an updated package would be even better. Cheers! Rob N. -- Package-specific info: --- configuration --- Checking configuration files in /etc/clamav Config file: clamd.conf ----------------------- LogFile = "/var/log/clamav/clamav.log" StatsHostID = "auto" StatsEnabled disabled StatsPEDisabled = "yes" StatsTimeout = "10" LogFileUnlock disabled LogFileMaxSize = "4294967295" LogTime = "yes" LogClean disabled LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" ExtendedDetectionInfo = "yes" PidFile disabled TemporaryDirectory disabled DatabaseDirectory = "/var/lib/clamav" OfficialDatabaseOnly disabled LocalSocket = "/var/run/clamav/clamd.ctl" LocalSocketGroup = "clamav" LocalSocketMode = "666" FixStaleSocket = "yes" TCPSocket disabled TCPAddr disabled MaxConnectionQueueLength = "15" StreamMaxLength = "26214400" StreamMinPort = "1024" StreamMaxPort = "2048" MaxThreads = "12" ReadTimeout = "180" CommandReadTimeout = "5" SendBufTimeout = "200" MaxQueue = "100" IdleTimeout = "30" ExcludePath disabled MaxDirectoryRecursion = "15" FollowDirectorySymlinks disabled FollowFileSymlinks disabled CrossFilesystems = "yes" SelfCheck = "3600" DisableCache disabled VirusEvent disabled ExitOnOOM disabled AllowAllMatchScan = "yes" Foreground disabled Debug disabled LeaveTemporaryFiles disabled User = "clamav" AllowSupplementaryGroups disabled Bytecode = "yes" BytecodeSecurity = "TrustSigned" BytecodeTimeout = "60000" BytecodeUnsigned disabled BytecodeMode = "Auto" DetectPUA disabled ExcludePUA disabled IncludePUA disabled AlgorithmicDetection = "yes" ScanPE = "yes" ScanELF = "yes" DetectBrokenExecutables disabled ScanMail = "yes" ScanPartialMessages disabled PhishingSignatures = "yes" PhishingScanURLs = "yes" PhishingAlwaysBlockCloak disabled PhishingAlwaysBlockSSLMismatch disabled PartitionIntersection disabled HeuristicScanPrecedence disabled StructuredDataDetection disabled StructuredMinCreditCardCount = "3" StructuredMinSSNCount = "3" StructuredSSNFormatNormal = "yes" StructuredSSNFormatStripped disabled ScanHTML = "yes" ScanOLE2 = "yes" OLE2BlockMacros disabled ScanPDF = "yes" ScanSWF = "yes" ScanXMLDOCS = "yes" ScanHWP3 = "yes" ScanArchive = "yes" ArchiveBlockEncrypted disabled ForceToDisk disabled MaxScanSize = "104857600" MaxFileSize = "26214400" MaxRecursion = "16" MaxFiles = "10000" MaxEmbeddedPE = "10485760" MaxHTMLNormalize = "10485760" MaxHTMLNoTags = "2097152" MaxScriptNormalize = "5242880" MaxZipTypeRcg = "1048576" MaxPartitions = "50" MaxIconsPE = "100" MaxRecHWP3 = "16" PCREMatchLimit = "10000" PCRERecMatchLimit = "5000" PCREMaxFileSize = "26214400" ScanOnAccess disabled OnAccessMountPath disabled OnAccessIncludePath disabled OnAccessExcludePath disabled OnAccessExcludeUID disabled OnAccessMaxFileSize = "5242880" OnAccessDisableDDD disabled OnAccessPrevention disabled OnAccessExtraScanning disabled DevACOnly disabled DevACDepth disabled DevPerformance disabled DevLiblog disabled DisableCertCheck disabled Config file: freshclam.conf --------------------------- StatsHostID disabled StatsEnabled disabled StatsTimeout disabled LogFileMaxSize = "4294967295" LogTime = "yes" LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" PidFile disabled DatabaseDirectory = "/var/lib/clamav" Foreground disabled Debug disabled AllowSupplementaryGroups disabled UpdateLogFile = "/var/log/clamav/freshclam.log" DatabaseOwner = "clamav" Checks = "24" DNSDatabaseInfo = "current.cvd.clamav.net" DatabaseMirror = "db.local.clamav.net", "database.clamav.net" PrivateMirror disabled MaxAttempts = "5" ScriptedUpdates = "yes" TestDatabases = "yes" CompressLocalDatabase disabled ExtraDatabase disabled DatabaseCustomURL disabled HTTPProxyServer disabled HTTPProxyPort disabled HTTPProxyUsername disabled HTTPProxyPassword disabled HTTPUserAgent disabled NotifyClamd = "/etc/clamav/clamd.conf" OnUpdateExecute disabled OnErrorExecute disabled OnOutdatedExecute disabled LocalIPAddress disabled ConnectTimeout = "30" ReceiveTimeout = "30" SubmitDetectionStats disabled DetectionStatsCountry disabled DetectionStatsHostID disabled SafeBrowsing disabled Bytecode = "yes" clamav-milter.conf not found Software settings ----------------- Version: 0.99.2 Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2 LIBXML2 PCRE ICONV JSON RAR JIT Database information -------------------- Database directory: /var/lib/clamav bytecode.cld: version 283, sigs: 53, built on Thu Jun 23 15:01:37 2016 daily.cld: version 22385, sigs: 730021, built on Tue Oct 18 05:56:58 2016 main.cvd: version 57, sigs: 4218790, built on Wed Mar 16 23:17:06 2016 Total number of signatures: 4948864 Platform information -------------------- uname: Linux 4.9.37-fm64 #1 SMP Fri Jul 14 10:59:57 UTC 2017 x86_64 OS: linux-gnu, ARCH: x86_64, CPU: x86_64 Full OS version: Debian GNU/Linux 8.8 (jessie) zlib version: 1.2.8 (1.2.8), compile flags: a9 Triple: x86_64-pc-linux-gnu CPU: corei7, Little-endian platform id: 0x0a2152520804090201040902 Build information ----------------- GNU C: 4.9.2 (4.9.2) GNU C++: 4.9.2 (4.9.2) CPPFLAGS: -D_FORTIFY_SOURCE=2 CFLAGS: -g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 -fno-strict-aliasing -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE CXXFLAGS: LDFLAGS: -fPIE -pie -Wl,-z,relro -Wl,-z,now -Wl,--as-needed Configure: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=/usr/lib/clamav' '--disable-maintainer-mode' '--disable-dependency-tracking' 'CFLAGS=-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'CPPFLAGS=-D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'LDFLAGS=-fPIE -pie -Wl,-z,relro -Wl,-z,now -Wl,--as-needed' '--with-dbdir=/var/lib/clamav' '--sysconfdir=/etc/clamav' '--disable-clamav' '--disable-unrar' '--enable-milter' '--enable-dns-fix' '--with-libjson' '--with-gnu-ld' '-with-system-llvm=/usr/bin/llvm-config' '--with-llvm-linking=dynamic' '--with-systemdsystemunitdir=/lib/systemd/system' 'build_alias=x86_64-linux-gnu' sizeof(void*) = 8 Engine flevel: 82, dconf: 82 --- data dir --- total 154708 -rw-r--r-- 1 sshd clamav 446464 Jun 23 2016 bytecode.cld -rw-r--r-- 1 sshd clamav 48823808 Oct 18 2016 daily.cld -rw-r--r-- 1 sshd clamav 109143933 Apr 8 2016 main.cvd -rw------- 1 sshd clamav 936 Oct 18 2016 mirrors.dat -- System Information: Debian Release: 8.8 APT prefers oldstable APT policy: (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.37-fm64 (SMP w/16 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Init: sysvinit (via /sbin/init) Versions of packages clamav depends on: ii clamav-freshclam [clamav-data] 0.99.2+dfsg-0+deb8u2 ii libc6 2.19-18+deb8u9 ii libclamav7 0.99.2+dfsg-0+deb8u2 ii libcurl3 7.38.0-4+deb8u8 ii libssl1.0.0 1.0.1t-1+deb8u6 ii zlib1g 1:1.2.8.dfsg-2+b1 Versions of packages clamav recommends: ii clamav-base 0.99.2+dfsg-0+deb8u2 Versions of packages clamav suggests: pn clamav-docs <none> -- no debconf information
--- End Message ---
--- Begin Message ---Source: clamav Source-Version: 0.99.2+dfsg-6+deb9u1 We believe that the bug you reported is fixed in the latest version of clamav, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 888...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sebastian Andrzej Siewior <sebast...@breakpoint.cc> (supplier of updated clamav package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 27 Jan 2018 00:33:28 +0100 Source: clamav Binary: clamav-base clamav-docs clamav libclamav-dev libclamav7 clamav-daemon clamdscan clamav-testfiles clamav-freshclam clamav-milter Architecture: source Version: 0.99.2+dfsg-6+deb9u1 Distribution: stretch Urgency: medium Maintainer: ClamAV Team <pkg-clamav-devel@lists.alioth.debian.org> Changed-By: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Description: clamav - anti-virus utility for Unix - command-line interface clamav-base - anti-virus utility for Unix - base package clamav-daemon - anti-virus utility for Unix - scanner daemon clamav-docs - anti-virus utility for Unix - documentation clamav-freshclam - anti-virus utility for Unix - virus database update utility clamav-milter - anti-virus utility for Unix - sendmail integration clamav-testfiles - anti-virus utility for Unix - test files clamdscan - anti-virus utility for Unix - scanner client libclamav-dev - anti-virus utility for Unix - development files libclamav7 - anti-virus utility for Unix - library Closes: 888484 Changes: clamav (0.99.2+dfsg-6+deb9u1) stretch; urgency=medium . * Apply security patches from 0.99.3 (Closes: #888484): - fixes for the following CVE's: CVE-2017-6418, CVE-2017-6420, CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377, CVE-2017-12378, CVE-2017-12379, CVE-2017-12380. * Bump symbol version of cl_retflevel because CL_FLEVEL changed. Checksums-Sha1: 42c9fe9fe0b0bf1de1269d6cffd61a18146131a4 3108 clamav_0.99.2+dfsg-6+deb9u1.dsc 9de4fa0ecc630d1b3bab68faa647dbcf066ea59d 262460 clamav_0.99.2+dfsg-6+deb9u1.debian.tar.xz 450a86a2529f137073373ef23a52924e931dcbf3 7239 clamav_0.99.2+dfsg-6+deb9u1_source.buildinfo Checksums-Sha256: a7bbe43cc4d09628d8f21512a0ef23d51f97987e7dbbd89750fffe50d27d0884 3108 clamav_0.99.2+dfsg-6+deb9u1.dsc 8cb95ed5b5a71c660d7f9ea41c2701bd2d2c343ee8016daf84725d6d6df8cf50 262460 clamav_0.99.2+dfsg-6+deb9u1.debian.tar.xz 5118ec13ba1dab8bcab2e6217c2bd5eef37314c4227ecacb1fe89f6f49d8393f 7239 clamav_0.99.2+dfsg-6+deb9u1_source.buildinfo Files: f296a7da0ee9a0e1ffcbcd72d275c83e 3108 utils optional clamav_0.99.2+dfsg-6+deb9u1.dsc 2182b1c6d632fe0f30f2288c5bd05590 262460 utils optional clamav_0.99.2+dfsg-6+deb9u1.debian.tar.xz 4b51928085468a6b8564157ef1db7d38 7239 utils optional clamav_0.99.2+dfsg-6+deb9u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJMBAEBCgA2FiEErHvQgQWZUb1RregAT+XjJihy5MwFAlpuLFMYHHNlYmFzdGlh bkBicmVha3BvaW50LmNjAAoJEE/l4yYocuTM/tsQAIu/HiZbZaRBtjLV7fl6StEU cee6MnuEqiDeZPR+l9Dj5A9EXDuwXg/7kB+Fr9aNfBiBohv7PnZhOWG1ax3TpKWM bRPN7SVOeHCuCXPfrvQSVTX30learrYZ3MOQSaMPvI8shaOSxzG+LXHZvXTW3mgz MaJPza8Sb1AwQbP4pcDsy8wm1Q4kyKh4VosbLiR5cvDajnztVsfvgaTezqq/PVex CzDUHV1QH0sUG6s8HoKUnj6/jooJv4TqXHo6gcjxdZtqMKed1k7tAzrqbiO6qpLD 9N5rIdAlswbXXu9rC4fChLqDGN42J7Gia3FDvZ9kME9/1IqsktA3mLbZQwZCPW8B fl885bJyJvTNj5WLAkdktlWkBVM1szIUftx7LSRPQO5NS/r0OrlfFd32xdbgtpQs WFVaFQX4OlQI1RBdPYxKQrLD7mgbY+ONzKgucu+mrBEaNfRIOI1XNPmnoUPDC1n6 J3f6t5EHzme7THaaYx5MdwB3/RDVVM1zu22WQ3Iq7eXfaMqoRY4DZUZLyNEebSOE KDztZwRrxniEGffV/6nV31AvBRiyZZBRIdqJzxGArHoHau2Y9ze76mTR30qGB2Yr 2clgHPwE8SXC+5PIKYkCaWZE24PYMfccWf5VRwDMhWS8kqrakKKYpcIsaz4tEGn8 W4XAXhDsoZtBT/L+Qak3 =yKvy -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ Pkg-clamav-devel mailing list Pkg-clamav-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-clamav-devel
