-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Kolab Security Issue 13 20061019
================================

Package:              Kolab Server, ClamAV
Vulnerability:        heap overflow, remotely exploitable (CVE-2006-4182),
                      denial of service, remotely exploitable (CVE-2006-5295)
Kolab Specific:       no
Dependent Packages:   none


Summary
~~~~~~~

CVE-2006-4182

    Damian Put discovered a heap overflow error in the script to rebuild
    PE files, which could lead to the execution of arbitrary code.

CVE-2006-5295

    Damian Put discovered that missing input sanitising in the CHM
    handling code might lead to denial of service.


Affected Versions
~~~~~~~~~~~~~~~~~

This affects versions of ClamAV up to version 0.88.4.
Kolab Server 2.0.4 and Kolab Server 2.1beta2 are vulnerable.
Previous releases are affected.


Fix
~~~

Upgrade to ClamAV 0.88.5.

The ClamAV source RPM is available from the Kolab download mirrors as:
security-updates/20061019/clamav-0.88.5-2.20061018.src.rpm

A binary RPM for Kolab Server 2.0.4 (ix86 Debian GNU/Linux Sarge) is available:
security-updates/20061019/clamav-0.88.5-2.20061018.ix86-debian3.1-kolab.rpm

All other Server versions: Please build from the src.rpm.


The mirrors are listed on http://kolab.org/mirrors.html
While the mirrors are catching up, you can also get the package via rsync:
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20061019/clamav-0.88.5-2.20061018.src.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/20061019/clamav-0.88.5-2.20061018.ix86-debian3.1-kolab.rpm .

MD5 sums:
d449d8970698e3bd3dd30eac7a1e4579  clamav-0.88.5-2.20061018.src.rpm
4c819dcaffe3602a927965115ff328d5  clamav-0.88.5-2.20061018.ix86-debian3.1-kolab.rpm

The package can be installed on your Kolab Server with

# /kolab/bin/openpkg rpm --rebuild clamav-0.88.5-2.20061018.src.rpm
# /kolab/bin/openpkg rpm \
  -Uvh /kolab/RPM/PKG/clamav-0.88.5-2.20061018.<ARCH>-<OS>-kolab.rpm


Details
~~~~~~~

http://sourceforge.net/project/shownotes.php?release_id=455799
	ClamAV 0.88.5 release notes

http://www.securityfocus.com/bid/20535
	Clam Anti-Virus PE Rebuilding Heap Buffer Overflow Vulnerability
	(CVE-2006-4182)

http://www.securityfocus.com/bid/20537
	Clam Anti-Virus CHM Unpacker Denial Of Service Vulnerability
	(CVE-2006-5295)


Timeline
~~~~~~~~
    20061015 ClamAV release 0.88.5.
    20061018 OpenPKG 0.88.5 package release.
    20061019 Kolab Server security advisory published.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFFPLdLW7P1GVgWeRoRAq6vAKCXVpNZPWSGIXG+yZBEcQDpjSRr+QCeOTe/
7IxAqKpYKUa6wOeYakOp90U=
=35r+
-----END PGP SIGNATURE-----