date:20170806

[Pkg-clamav-devel] clamav_0.99.3~beta1+dfsg-1_source.changes ACCEPTED into unstable

2017-08-06 Thread Debian FTP Masters



Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 06 Aug 2017 22:13:23 +0200
Source: clamav
Binary: clamav-base clamav-docs clamav libclamav-dev libclamav7 clamav-daemon 
clamdscan clamav-testfiles clamav-freshclam clamav-milter
Architecture: source
Version: 0.99.3~beta1+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: ClamAV Team 
Changed-By: Sebastian Andrzej Siewior 
Description:
 clamav - anti-virus utility for Unix - command-line interface
 clamav-base - anti-virus utility for Unix - base package
 clamav-daemon - anti-virus utility for Unix - scanner daemon
 clamav-docs - anti-virus utility for Unix - documentation
 clamav-freshclam - anti-virus utility for Unix - virus database update utility
 clamav-milter - anti-virus utility for Unix - sendmail integration
 clamav-testfiles - anti-virus utility for Unix - test files
 clamdscan  - anti-virus utility for Unix - scanner client
 libclamav-dev - anti-virus utility for Unix - development files
 libclamav7 - anti-virus utility for Unix - library
Changes:
 clamav (0.99.3~beta1+dfsg-1) unstable; urgency=medium
 .
   * Upload to unstable
   * update to official beta1 release:
 - drop fts-no-use-AC_TRY_RUN.patch, applied upstream.
Checksums-Sha1:
 47780bc9c2498f22684dca9afbd33ae14fe396eb 3089 clamav_0.99.3~beta1+dfsg-1.dsc
 b936f63d16b33e26c283985ffe8cf84c1ad33dc4 5883052 
clamav_0.99.3~beta1+dfsg.orig.tar.xz
 76c620838b0dfb895d2359b92ba13379beabcce8 215856 
clamav_0.99.3~beta1+dfsg-1.debian.tar.xz
 4e0d38023c94da16f36dd9f7194803b2cc2934df 7357 
clamav_0.99.3~beta1+dfsg-1_source.buildinfo
Checksums-Sha256:
 1f1f8c37c8946fc4bf0eff9b91a08442cc67be65ce43fdd164b504d2784fca2e 3089 
clamav_0.99.3~beta1+dfsg-1.dsc
 25ddeb1fca1b6f44f5985b0dfaae68413b51a5c6dd79e28b428d819760f7c020 5883052 
clamav_0.99.3~beta1+dfsg.orig.tar.xz
 f03525b4312bed6efaf59bda88e53abea0e1088fe5516c03372cfd5113e55b03 215856 
clamav_0.99.3~beta1+dfsg-1.debian.tar.xz
 35ab2160f3a9eb4dfeb7c294d9b3ca49b321923da466a0bd28d59f1ad7651ab2 7357 
clamav_0.99.3~beta1+dfsg-1_source.buildinfo
Files:
 c46b3c8517d72b1d7a3ff9ec707869eb 3089 utils optional 
clamav_0.99.3~beta1+dfsg-1.dsc
 04f2220cdaeea29b7938b14001909a39 5883052 utils optional 
clamav_0.99.3~beta1+dfsg.orig.tar.xz
 e2de5e67814de2e626de1168aad1c26d 215856 utils optional 
clamav_0.99.3~beta1+dfsg-1.debian.tar.xz
 65b7e1101c8edd30391e21240690a7ba 7357 utils optional 
clamav_0.99.3~beta1+dfsg-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEErHvQgQWZUb1RregAT+XjJihy5MwFAlmHiN8ACgkQT+XjJihy
5MxPrw//WrI3xS28LKQFt9yygWFaygosAwRP2gQOAaMhrfd0dSoA+Ra09na5BfsV
6wtAI3UkhaIch2BvGkz8FoWTz+Us2B6GeD/SXJgsyNKyW0Myt51ohKrQZ0uT89W3
Nz5hxXLDoNy7YpWI4Ij3l049UgAUxmH8bEx8pZjtaR1oqOwcVkSenZxDuS8U4F0Q
4Ct0LdZ4w3M9LtyK/Itb7uaOk040pbllgTlLRoM8DjzoIi4TZywzg0iDpzbzkFvi
8ZeYxMtlltlvwjeqw8sk+IoViBmwufLw5YtL6Nrl0H20JFrh/swKcFb2IlK8WNKp
ykJgPiL4JiYY4BzxsxV+Bqo64TIfJtksMhoikQPxVqDn2JnftX+QkO69g2VCF7fg
uF2Cuj4nFPaMLWt00rsRkCw8zpaKl/DJyTpAZb8AY87pBnxFwEGqrXDgg/JAsvcZ
vRdqUEuA4MWFem/YLEZV5iwPf7rEMXmCVN0crZm2JPPDmD//AqyqS9wx6fsGKhuY
sauGQYDaYh3qTvmekFgh5qCXQlmaWqv4vnGadE4kHm6EmzkQhuTBfh7tcWaYGa6G
Ac6VnaVpepfZJU25jQCMv4+8YeWi6+jc49evz41QN0O9VA9mBlXGMaML7rBOQqyA
sSo0eH3bRboe6BTU/jHueeNj1wRtMzFYQd5lGK2s47CI8mj3Vck=
=Xblo
-END PGP SIGNATURE-


Thank you for your contribution to Debian.

___
Pkg-clamav-devel mailing list
Pkg-clamav-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-clamav-devel

[Pkg-clamav-devel] Processing of clamav_0.99.3~beta1+dfsg-1_source.changes

2017-08-06 Thread Debian FTP Masters

clamav_0.99.3~beta1+dfsg-1_source.changes uploaded successfully to localhost
along with the files:
  clamav_0.99.3~beta1+dfsg-1.dsc
  clamav_0.99.3~beta1+dfsg.orig.tar.xz
  clamav_0.99.3~beta1+dfsg-1.debian.tar.xz
  clamav_0.99.3~beta1+dfsg-1_source.buildinfo

Greetings,

Your Debian queue daemon (running on host usper.debian.org)

___
Pkg-clamav-devel mailing list
Pkg-clamav-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-clamav-devel

Re: [Pkg-clamav-devel] Bug#868956: libmspack: CVE-2017-11423

2017-08-06 Thread Sebastian Andrzej Siewior

On 2017-08-06 10:22:11 [+0100], Stuart Caie wrote:
> Commited a fix: 
> https://github.com/kyz/libmspack/commit/17038206fcc384dcee6dd9e3a75f08fd3ddc6a38
> 
> I'll put out a release in the near future.

thank you Stuart.
Marc do plan you upload something to unstable/security soon, wait for a
new release or would you prefer someone else to NMU it with this
change?

> Regards
> Stuart

Sebastian

___
Pkg-clamav-devel mailing list
Pkg-clamav-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-clamav-devel

Re: [Pkg-clamav-devel] Bug#868956: libmspack: CVE-2017-11423

2017-08-06 Thread Stuart Caie


On 05/08/17 10:36, Stuart Caie wrote:

libmspack is wrong to convert to unsigned without checking for errors first.

When I get to my computer, I'll check all calls to mspack_system 
read/write/seek/tell methods, to be sure this doesn't happen anywhere else.

I checked all the other mspack_system calls, they're handled correctly.

Commited a fix: 
https://github.com/kyz/libmspack/commit/17038206fcc384dcee6dd9e3a75f08fd3ddc6a38


I'll put out a release in the near future.

Before fix, allowing N reads before always failing in cabd_memory.c 
sys->read():

Allow 3 reads -> mspack/cabd.c:528 (cabd_read_string) len=4294967295
Allow 4 reads -> mspack/cabd.c:528 (cabd_read_string) len=193
Allow 5 reads -> mspack/cabd.c:528 (cabd_read_string) len=193 
mspack/cabd.c:528 (cabd_read_string) len=4294967295
Allow 6 reads -> mspack/cabd.c:528 (cabd_read_string) len=193 
mspack/cabd.c:528 (cabd_read_string) len=169


After fix:
Allowing 3 reads -> error caught and no len printed
Allowing 4 reads -> mspack/cabd.c:531 (cabd_read_string) len=193
Allowing 5 reads -> mspack/cabd.c:531 (cabd_read_string) len=193, error 
caught and no len printed
Allowing 6 reads -> mspack/cabd.c:531 (cabd_read_string) len=193 
mspack/cabd.c:531 (cabd_read_string) len=169


Regards
Stuart

___
Pkg-clamav-devel mailing list
Pkg-clamav-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-clamav-devel

[Pkg-clamav-devel] clamav_0.99.3~beta1+dfsg-1_source.changes ACCEPTED into unstable

[Pkg-clamav-devel] Processing of clamav_0.99.3~beta1+dfsg-1_source.changes

Re: [Pkg-clamav-devel] Bug#868956: libmspack: CVE-2017-11423

Re: [Pkg-clamav-devel] Bug#868956: libmspack: CVE-2017-11423

4 matches

Site Navigation

Mail list logo

Footer information