USN-1258-1: ClamAV vulnerability

10 November 2011

clamav vulnerability

Packages

  • clamav - Anti-virus utility for Unix

Details

Stephane Chazelas discovered the bytecode engine of ClamAV improperly
handled recursion under certain circumstances. This could allow a remote
attacker to craft a file that could cause ClamAV to crash, resulting in a
denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 11.10
Ubuntu 11.04
Ubuntu 10.10
Ubuntu 10.04

In general, a standard system update will make all the necessary changes.

References