Date: Fri, 06 Dec 2013 21:10:55 -0700 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: CVE request: ClamAV vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 11/29/2013 06:35 PM, George Theall wrote: > > On Nov 29, 2013, at 12:58 PM, Kurt Seifried <kseifried@...hat.com> > wrote: > > On 11/29/2013 02:20 AM, Sergey Popov wrote: >>>> It's a bit late, but i would like to request CVE for two >>>> vulnerabilities, that present in ClamAV before 0.97.7: >>>> >>>> 1) A double-free error exists within the >>>> "unrar_extract_next_prepare()" function >>>> (libclamunrar_iface/unrar_iface.c) when parsing a RAR file. >>>> >>>> 2) An unspecified error within the "wwunpack()" function >>>> (libclamav/wwunpack.c) when unpacking a WWPack file can be >>>> exploited to corrupt heap memory. >>>> >>>>  - https://secunia.com/advisories/52647/ >>>> > > The blog entry > > http://blog.clamav.net/2013/03/clamav-0977-has-been-released.html > > contains no mention of security flaws, > >> Hrm, at least the copy I see says “ClamAV 0.97.7 addresses >> several reported potential security bugs.”. While it doesn’t >> identify the issues per se, it does at least indicate this is a >> security release. > >> Jan Lieskovsky talked about both of these last March — see >> <http://seclists.org/oss-sec/2013/q1/672>. The double-free was >> fixed in this commit : > >> https://github.com/vrtadmin/clamav-devel/commit/b2212def1bb92b5ac45c82da100dc0d1376de6a3 > >> and the 'wwunpack()’ issue maps to : > >> https://bugzilla.clamav.net/show_bug.cgi?id=6806 > >> Hope that helps, > > > Also the ChangeLog: > > https://github.com/vrtadmin/clamav-devel/blob/0.97/ChangeLog > > Doesn't contain any mention of the above flaws. Can you provide > links to source code/bug reports or something so I can verify this? > Thanks. Just a heads up I know at least one person is trying to get details from SourceFire (they bought ClamAV some time back). Until I can match issues up I can't assign CVEs. > George > - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iQIcBAEBAgAGBQJSop/OAAoJEBYNRVNeJnmTOl8P/3F+8wBFgC2AHXllbYnPa4ZP HDYbDCaTsqNQdBdFyZuKuwN7UbnUnXL2HYm+VQrRf6HeMjXj4ghPBasnzwQrHhcR 9wlBvKwDJkn5LRQJItHZ7AG6T3FlkKA2ksFFkzLgKmRgT+aW3TVlj6MJP8uaD5KQ kivaiXwToPNGz8u/HiDB9DLDBDz+ObImhNQEClmrQkPLUFVGmShkp6UZGVen7MiH 9iCrvtxHQ12fevdXfqOHFuFCtrn6X23Y8uccCWdAZWFx0t8dlhC0loXugIrnL0xv kxoSsDAMtPWB1FkO31hVSFXlvPSe90Ji7k1Yow9hThncL3qbcWQJ7hR31qVQeEkp dXBwLAXbi5Bd2zZJvpGtyDfPKJtgzqtXTMQXSeWj2FcSkBqk9sOjn8tCyoCiBNF7 V2ayPrW/PCaVhDsCtwICbbKSnz+M7hIc6ggCK7Ng4QcvBRXkAM6k07+H5S9VBmdu BowhiVPSjErHUDqL4llHjnfmBS44FatEWkyz13/9nh5+avHAX48vQp8FFm1oqPvc K/AlfVNFXkp1GF2bb/j7qqkv9J7fTqyIN6zFM8BrDjCb8QZZ98CtAlYnIh4UVTRE IOEGGVY/2qdYP+p6+1TXeDq83uK7uXve/8Sbg0X8mWe4wGkZIgkx5Ymi5yXgmIr5 WXq9kVEcAGVG3C55rNZX =1yV3 -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.