* Henrik K <[EMAIL PROTECTED]>: > On Thu, Aug 07, 2008 at 10:30:17AM +0200, Ralf Hildebrandt wrote: > > On our amavisd-new box: > > > > Jul 30 16:36:42 mail kernel: [608438.105690] lha[700]: segfault at bfcf4d55 > > ip 0804d62a sp bfceb04c error 4 in lha[8048000+d000] > > Jul 30 16:41:11 mail kernel: [608707.038312] lha[1970]: segfault at > > bfd9ddf5 ip 0804d62a sp bfd940ec error 4 in lha[8048000+d000] > > Jul 30 21:29:54 mail kernel: [626030.125254] lha[16033]: segfault at > > bf8868e5 ip 0804d62a sp bf87cbdc error 4 in lha[8048000+d000] > > Jul 30 21:39:58 mail kernel: [626634.337639] lha[18297]: segfault at > > bffab805 ip 0804d62a sp bffa1afc error 4 in lha[8048000+d000] > > > > It seems that "Trojan.Zbot-1730" makes LHA crash?! > > It would seem wiser to just let ClamAV handle LHA, instead of using some > ancient binary (I don't think there is any modern/updated version?).
And clamav uses which libraries? :) All the recent exploits in clam* were due to bugs in the archiver routines. ii lha 1.14i-10.3 lzh archiver And yes, it's ancient. Last non-NMU dates back from Sat, 13 Nov 2004 -- Ralf Hildebrandt (i.A. des IT-Zentrums) [EMAIL PROTECTED] Charite - Universitätsmedizin Berlin Tel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-Berlin Fax. +49 (0)30-450 570-962 IT-Zentrum Standort CBF send no mail to [EMAIL PROTECTED] ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
