==========================================================Ubuntu Security Notice USN-770-1               May 04, 2009
clamav vulnerability
https://launchpad.net/bugs/365823
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 9.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.04:
  clamav-milter                   0.95.1+dfsg-1ubuntu1.2

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

A flaw was discovered in the clamav-milter initscript which caused the
ownership of the current working directory to be changed to the 'clamav'
user. This update attempts to repair the incorrect ownership for standard
system directories, but it is recommended that the following command be
performed to report any other directories that may be affected:

  $ sudo find -H / -type d -user clamav \! -group clamav 2>/dev/null

Systems configured to run clamav as a user other than the default 'clamav'
user will need to adjust the above command accordingly.


Updated packages for Ubuntu 9.04:

  Source archives:

          Size/MD5:   240956 16d828dea428d031cc59d41b24b592d1
          Size/MD5:     1540 575dace049ba5216b8ccbd3333b6c2c3
          Size/MD5: 24233062 1e9618ac1b9b58e5c1c1b665adf26749

  Architecture independent packages:

          Size/MD5: 21399900 52b7926a51ada72067819f1c646db8b3
          Size/MD5:  1110124 f7759ab6a73007be3605276cb0e7f28d
          Size/MD5:   225956 d4cc917a76574e27fe7b51643628bb4d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   393938 b905639abb64cbb62f6b088abf5a0231
          Size/MD5:  1184152 675a9cea68762ac8e0dca483292e15cf
          Size/MD5:   281792 d0cbd33bd85b022ee85bbdac7511213f
          Size/MD5:   273934 86fa7c88dd44a77cf563b401d22a1139
          Size/MD5:   605768 951853d338127eb686432233bfb5a341
          Size/MD5:   569884 20ce2a8275351db1eee604558d79d4f7
          Size/MD5:   266000 33d736985619ca166f8f917fb7271d87

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   382140 4440322bc961f0a410ebc92bb95f17aa
          Size/MD5:  1095416 9e2b92403f60728922113a3a27982533
          Size/MD5:   279266 5f2fe7d3e0d045fe4f68e356fd977a04
          Size/MD5:   268354 db1afab9a4b57a37bdcc3ccf471c5cc2
          Size/MD5:   574290 c33b885b054cd55655292c55bed96295
          Size/MD5:   557328 643fd52c2f12ac522a87121e93978e79
          Size/MD5:   263040 0ab591f0b668adb5587edd485e987c13

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   382392 0ea691eea8bd953bc273da4c9b9debc4
          Size/MD5:  1116512 52c01ee04b0107669c566b44cfac727e
          Size/MD5:   279020 aa4872b8c2d9f299d532888d3675ea51
          Size/MD5:   268124 3a3175eb60cea6248bdd6767e5833de2
          Size/MD5:   575506 96c1ca9f26aba0862f42b189fcae7354
          Size/MD5:   559374 04a449e526bbb7d8be9b95c365b3b7f6
          Size/MD5:   263008 ef2bcc6eb89e665ab5fba4cf10d2d2d8

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   400204 94578b9dca844d1434025a51c0109c83
          Size/MD5:  1158670 5a7be46133af1bc18e47adfca1cf6587
          Size/MD5:   283848 2ab5a37504e844051c48c6419e55f336
          Size/MD5:   276786 1003a47361604f8d3b54771e9bb0fa34
          Size/MD5:   645340 365e906bfacae713aa391e827933e9ad
          Size/MD5:   587074 d83bab7ca42ef3a0b37e704aa624558c
          Size/MD5:   269430 29c2c9c54774130407c28ed4422da83b

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   383556 1cea55a1fce839b2ca1e5b03ca632c32
          Size/MD5:  1064340 a6c0dc3a0e3d40a4f89dff2290a6769a
          Size/MD5:   277894 fc8f08a7d044cc9246a8233d1a9cfd2a
          Size/MD5:   268476 c4a9a06151ad123de3cb484f06fc8870
          Size/MD5:   607604 f11ab004f8c8c5c6845bc90c38cf2f4a
          Size/MD5:   574486 e1c8f67fa7300c4759d9c01b9bc4e3c2
          Size/MD5:   262718 ff8884c64206061ec9830b029c06aa8e

Ubuntu 770-1: ClamAV vulnerability

May 4, 2009
A flaw was discovered in the clamav-milter initscript which caused theownership of the current working directory to be changed to the 'clamav'user

Summary

Update Instructions

References

Severity
clamav vulnerability

Package Information

Related News

Google Releases Chrome 130 with Critical Security Fixes for 17 Flaws
3 - 5 min read
Google recently unveiled Chrome 130 , an update that addresses several security vulnerabilities to ensure the web browser's safety and reliability.
U.S. Investigation into China-Backed Telecom Companies Hack: The Role & Risks of Encryption Backdoors
3 - 5 min read
U.S. authorities are on high alert as they investigate an alleged Chinese state-sponsored hack targeting major U.S. telecommunications companies.
FASTCash Linux Malware: A New Cybercrime Menace Targeting Payment Switch Systems
3 - 5 min read
As malware threats evolve to increasingly target Linux systems, admins and organizations must stay up-to-date on the latest Linux malware variants
Optimizing CWPP on Linux Servers: Best Practices and Configurations
3 - 6 min read
Cloud Workload Protection Platforms are now essential for securing virtual environments. These provide a robust security layer vital for addressing
The Infiltration of Supply Chain Attacks in Open-Source Software Management
3 - 6 min read
Open-source projects are renowned for their collaborative nature and widespread adoption, yet more sophisticated supply chain attacks target them
Strengthen Your Linux Software Development Pipeline with Code Security Scanners
3 - 6 min read
Developers recognize the critical nature of protecting software systems as cyberattacks grow more sophisticated, thus necessitating robust security
Everything You Need to Know About Cloud Security Posture Management
3 - 5 min read
Many companies are transitioning from physical servers to cloud operations, but this transformation brings new challenges. Cloud Security Posture
Understanding the Critical Oath-Toolkit Vulnerability and Its Implications for Admins
3 - 5 min read
As Linux security threats advance and evolve, vulnerabilities often surface unexpectedly, exposing systems to potential exploitation. SUSE

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved