[Bug 2003864] Re: freshclam assert failure: *** stack smashing detected ***: terminated
FWIW I can't reproduce this on a debian sid install of clamav which also uses the same version of libtfm / tomsfastmath. However, Debian is using a newer version of clamav than Ubuntu 23.04 so perhaps this may be fixed by merging that version to Ubuntu (or perhaps even a no-change rebuild of clamav in lunar against the new tomsfastmath may also be enough since it was updated after clamav was merged from Debian back in November). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/2003864 Title: freshclam assert failure: *** stack smashing detected ***: terminated To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/2003864/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2003864] Re: freshclam assert failure: *** stack smashing detected ***: terminated
** Changed in: clamav (Ubuntu) Status: Confirmed => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/2003864 Title: freshclam assert failure: *** stack smashing detected ***: terminated To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/2003864/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2003864] Re: freshclam assert failure: *** stack smashing detected ***: terminated
I can confirm this is a problem in libtfm. I installed libtfm1 (0.13-4.1) from kinetic repository. Freshclam runs correctly now: $ sudo dpkg -i Downloads/libtfm1_0.13-4.1_amd64.deb dpkg: warning: downgrading libtfm1:amd64 from 0.13.1-1 to 0.13-4.1 (Reading database ... 255083 files and directories currently installed.) Preparing to unpack .../libtfm1_0.13-4.1_amd64.deb ... Unpacking libtfm1:amd64 (0.13-4.1) over (0.13.1-1) ... Setting up libtfm1:amd64 (0.13-4.1) ... Processing triggers for libc-bin (2.36-0ubuntu4) ... $ sudo freshclam Tue Feb 14 13:57:52 2023 -> ClamAV update process started at Tue Feb 14 13:57:52 2023 Tue Feb 14 13:57:52 2023 -> daily database available for update (local version: 26759, remote version: 26812) Current database is 53 versions behind. Downloading database patch # 26760... Time:1.3s, ETA:0.0s [>]1.48KiB/1.48KiB ### LOTS OF DOWNLOADS Downloading database patch # 26812... Time:0.4s, ETA:0.0s [>] 14.29KiB/14.29KiB Tue Feb 14 13:58:21 2023 -> Testing database: '/var/lib/clamav/tmp.24bf72ffd7/clamav-2612b7e0fbdb3a18bf680780eff04d81.tmp-daily.cld' ... Tue Feb 14 13:58:26 2023 -> Database test passed. Tue Feb 14 13:58:26 2023 -> daily.cld updated (version: 26812, sigs: 2020880, f-level: 90, builder: raynman) Tue Feb 14 13:58:26 2023 -> main.cld database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr) Tue Feb 14 13:58:26 2023 -> bytecode.cld database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) Tue Feb 14 13:58:26 2023 -> !NotifyClamd: Can't find or parse configuration file /etc/clamav/clamd.conf ** Also affects: tomsfastmath (Ubuntu) Importance: Undecided Status: New ** Changed in: tomsfastmath (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/2003864 Title: freshclam assert failure: *** stack smashing detected ***: terminated To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/2003864/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2007273] Re: I have ubuntu 22.04 on my system and have the following vulnerability : CVE-2022-4743. On which release/path of Ubuntu can I expect them to be fixed ?
Thanks for taking the time to report this bug and helping to make Ubuntu better. This is low priority CVE for us, it will only get patched if a higher priority CVE for libsdl2 in 22.04 shows up. Right now there are none, therefore no ETA. ** Information type changed from Private Security to Public Security ** Changed in: libsdl2 (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/2007273 Title: I have ubuntu 22.04 on my system and have the following vulnerability : CVE-2022-4743. On which release/path of Ubuntu can I expect them to be fixed ? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libsdl2/+bug/2007273/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2007274] Re: I have ubuntu 22.04 on my system and have the following vulnerability : CVE-2022-46908. On which release/path of Ubuntu can I expect them to be fixed ?
Thanks for taking the time to report this bug and helping to make Ubuntu better. This is low priority CVE for us, it will only get patched if a higher priority CVE for sqlite3 in 22.04 shows up. Right now there are none, therefore no ETA. ** Description changed: I have ubuntu 22.04 on my system and it has the following vulnerability : CVE-2022-46908. Here is the link to the Ubuntu CVE link : - https://ubuntu.com/security/CVE-2022-46908#:~:text=SQLite%20through%203.40.,UDF%20functions%20such%20as%20WRITEFILE. - On which version/patch of Ubuntu can I expect this to get fixed ? + https://ubuntu.com/security/CVE-2022-46908. On which version/patch of + Ubuntu can I expect this to get fixed ? ** Information type changed from Private Security to Public Security ** Changed in: sqlite3 (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/2007274 Title: I have ubuntu 22.04 on my system and have the following vulnerability : CVE-2022-46908. On which release/path of Ubuntu can I expect them to be fixed ? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/2007274/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2007273] [NEW] I have ubuntu 22.04 on my system and have the following vulnerability : CVE-2022-4743. On which release/path of Ubuntu can I expect them to be fixed ?
*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Eduardo Barretto (ebarretto): I have ubuntu 22.04 on my system and it has the following vulnerability : CVE-2022-4743. Here is the link to the Ubuntu CVE link : https://ubuntu.com/security/CVE-2022-4743. On which version/patch of Ubuntu can I expect this to get fixed ? ** Affects: libsdl2 (Ubuntu) Importance: Undecided Status: New -- I have ubuntu 22.04 on my system and have the following vulnerability : CVE-2022-4743. On which release/path of Ubuntu can I expect them to be fixed ? https://bugs.launchpad.net/bugs/2007273 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2007274] [NEW] I have ubuntu 22.04 on my system and have the following vulnerability : CVE-2022-46908. On which release/path of Ubuntu can I expect them to be fixed ?
*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Eduardo Barretto (ebarretto): I have ubuntu 22.04 on my system and it has the following vulnerability : CVE-2022-46908. Here is the link to the Ubuntu CVE link : https://ubuntu.com/security/CVE-2022-46908. On which version/patch of Ubuntu can I expect this to get fixed ? ** Affects: sqlite3 (Ubuntu) Importance: Undecided Status: New -- I have ubuntu 22.04 on my system and have the following vulnerability : CVE-2022-46908. On which release/path of Ubuntu can I expect them to be fixed ? https://bugs.launchpad.net/bugs/2007274 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs