Tested the provided corrupted.rar on dapper and and it's not vulnerable
Shows error : RAR module failure ERROR
--
unrar.c Remote DoS in clamav before 0.91
https://bugs.launchpad.net/bugs/126471
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug cont
Clamav people send me a corrupted.rar to test
Tested the unpatched clamav with the provided corrupted.rar and the
unpatched version ends with a core dumped
updated to clamav 0.90.2-0ubuntu1.3 tested and all worked fine
libclamav reports :
LibClamAV Warning: RAR CRC error. Please report
Not yet on the mirror we sync from, but someone uploaded 0.91.1-0ubuntu1
to gutsy, so that should be ok for now.
--
(please sync from Debian unstable to universe) unrar.c Remote DoS in clamav
before 0.91
https://bugs.launchpad.net/bugs/126471
You received this bug notification because you are a
clamav (0.90.2-0ubuntu1.3) feisty-security; urgency=low
* SECURITY UPDATE: Remote DoS in RAR Files
* Added 55_cve-2007-3725.dpatch: backported upstream fix (LP: #126471).
* References
CVE-2007-3725
-- Leonel Nunez <[EMAIL PROTECTED]> Mon, 16 Jul 2007 21:23:43
-0600
** Changed in: cl