Your message dated Thu, 12 Jun 2014 06:32:08 +0000
with message-id <[email protected]>
and subject line Bug#749715: fixed in clamav 0.98.1+dfsg-1+deb7u4
has caused the Debian Bug report #749715,
regarding clamav: Please update clamav with fix for upstream Bug #10960
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
749715: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=749715
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: clamav
Version: 0.98.1+dfsg-1+deb7u3
Severity: important
Tags: upstream lfs patch
Dear Maintainer,
I'm filing this bug as requested by Scott Kitterman. The issue has
been fixed upstream (Bug #10960) by commits
c6f5ef98d6ab7d3abcd207c25d06eaeb95d68ffc and
99ee2138c496d3d51af67e521e945803565b9f7d. Symptoms are segfaults when
running clamscan, or a report of an invalid pointer by glibc,
depending on whether a directory is recursively scanned or a single
file. I first noticed the reproducible segfault when recursively
scanning, which started happening immediately after a clamav update.
When attempting to isolate a single file that would
cause the issue, I got the invalid pointer report by glibc.
Thank you for the extremely valuable service you provide.
Pascal Meunier
-- Package-specific info:
--- configuration ---
Checking configuration files in /etc/clamav
Config file: clamd.conf
-----------------------
LogFile = "/var/log/clamav/clamav.log"
LogFileUnlock disabled
LogFileMaxSize = "4294967295"
LogTime = "yes"
LogClean disabled
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate = "yes"
ExtendedDetectionInfo = "yes"
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory disabled
DatabaseDirectory = "/var/lib/clamav"
OfficialDatabaseOnly disabled
LocalSocket = "/var/run/clamav/clamd.ctl"
LocalSocketGroup = "clamav"
LocalSocketMode = "666"
FixStaleSocket = "yes"
TCPSocket disabled
TCPAddr disabled
MaxConnectionQueueLength = "15"
StreamMaxLength = "10485760"
StreamMinPort = "1024"
StreamMaxPort = "2048"
MaxThreads = "12"
ReadTimeout = "180"
CommandReadTimeout = "5"
SendBufTimeout = "200"
MaxQueue = "100"
IdleTimeout = "30"
ExcludePath disabled
MaxDirectoryRecursion = "15"
FollowDirectorySymlinks disabled
FollowFileSymlinks disabled
CrossFilesystems = "yes"
SelfCheck = "3600"
VirusEvent disabled
ExitOnOOM disabled
AllowAllMatchScan = "yes"
Foreground disabled
Debug disabled
LeaveTemporaryFiles disabled
User = "clamav"
AllowSupplementaryGroups = "yes"
Bytecode = "yes"
BytecodeSecurity = "TrustSigned"
BytecodeTimeout = "60000"
BytecodeUnsigned disabled
BytecodeMode = "Auto"
DetectPUA disabled
ExcludePUA disabled
IncludePUA disabled
AlgorithmicDetection = "yes"
ScanPE = "yes"
ScanELF = "yes"
DetectBrokenExecutables disabled
ScanMail = "yes"
ScanPartialMessages disabled
PhishingSignatures = "yes"
PhishingScanURLs = "yes"
PhishingAlwaysBlockCloak disabled
PhishingAlwaysBlockSSLMismatch disabled
HeuristicScanPrecedence disabled
StructuredDataDetection disabled
StructuredMinCreditCardCount = "3"
StructuredMinSSNCount = "3"
StructuredSSNFormatNormal = "yes"
StructuredSSNFormatStripped disabled
ScanHTML = "yes"
ScanOLE2 = "yes"
OLE2BlockMacros disabled
ScanPDF = "yes"
ScanSWF = "yes"
ScanArchive = "yes"
ArchiveBlockEncrypted disabled
ForceToDisk disabled
MaxScanSize = "104857600"
MaxFileSize = "26214400"
MaxRecursion = "16"
MaxFiles = "10000"
MaxEmbeddedPE = "10485760"
MaxHTMLNormalize = "10485760"
MaxHTMLNoTags = "2097152"
MaxScriptNormalize = "5242880"
MaxZipTypeRcg = "1048576"
ScanOnAccess disabled
OnAccessIncludePath disabled
OnAccessExcludePath disabled
OnAccessExcludeUID disabled
OnAccessMaxFileSize = "5242880"
DevACOnly disabled
DevACDepth disabled
DevPerformance disabled
DevLiblog disabled
DisableCertCheck disabled
Config file: freshclam.conf
---------------------------
LogFileMaxSize = "4294967295"
LogTime = "yes"
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate disabled
PidFile = "/var/run/clamav/freshclam.pid"
DatabaseDirectory = "/var/lib/clamav"
Foreground disabled
Debug disabled
AllowSupplementaryGroups disabled
UpdateLogFile = "/var/log/clamav/freshclam.log"
DatabaseOwner = "clamav"
Checks = "24"
DNSDatabaseInfo = "current.cvd.clamav.net"
DatabaseMirror = "control21.hubzero.org"
PrivateMirror disabled
MaxAttempts = "5"
ScriptedUpdates disabled
TestDatabases = "yes"
CompressLocalDatabase disabled
ExtraDatabase disabled
DatabaseCustomURL disabled
HTTPProxyServer disabled
HTTPProxyPort disabled
HTTPProxyUsername disabled
HTTPProxyPassword disabled
HTTPUserAgent disabled
NotifyClamd = "/etc/clamav/clamd.conf"
OnUpdateExecute disabled
OnErrorExecute disabled
OnOutdatedExecute disabled
LocalIPAddress disabled
ConnectTimeout = "30"
ReceiveTimeout = "30"
SubmitDetectionStats disabled
DetectionStatsCountry disabled
DetectionStatsHostID disabled
SafeBrowsing disabled
Bytecode = "yes"
clamav-milter.conf not found
Software settings
-----------------
Version: 0.98.1
Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2
JIT
Database information
--------------------
Database directory: /var/lib/clamav
daily.cvd: version 19045, sigs: 973146, built on Thu May 29 04:37:08 2014
main.cvd: version 55, sigs: 2424225, built on Tue Sep 17 10:57:28 2013
bytecode.cvd: version 241, sigs: 46, built on Fri May 23 09:50:34 2014
Total number of signatures: 3397417
Platform information
--------------------
uname: Linux 3.2.0-4-amd64 #1 SMP Debian 3.2.54-2 x86_64
OS: linux-gnu, ARCH: x86_64, CPU: x86_64
zlib version: 1.2.7 (1.2.7), compile flags: a9
Triple: x86_64-pc-linux-gnu
CPU: corei7, Little-endian
platform id: 0x0a214c4c0804070201040702
Build information
-----------------
GNU C: 4.7.2 (4.7.2)
GNU C++: 4.7.2 (4.7.2)
CPPFLAGS: -D_FORTIFY_SOURCE=2
CFLAGS: -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat
-Werror=format-security -Wall
CXXFLAGS: -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat
-Werror=format-security -Wall
LDFLAGS: -Wl,-z,relro
Configure: 'CFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat
-Werror=format-security -Wall' 'CPPFLAGS=-D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2
-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security
-Wall' 'LDFLAGS=-Wl,-z,relro' '--build=x86_64-linux-gnu' '--prefix=/usr'
'--mandir=/usr/share/man' '--infodir=/usr/share/info' '--disable-clamav'
'--with-dbdir=/var/lib/clamav/' '--sysconfdir=/etc/clamav' '--enable-milter'
'--disable-clamuko' '--with-gnu-ld' '--enable-dns-fix' '--disable-unrar'
'--libdir=/usr/lib' '--with-system-tommath' '--without-included-ltdl'
'build_alias=x86_64-linux-gnu'
sizeof(void*) = 8
Engine flevel: 76, dconf: 76
--- data dir ---
total 87384
-rw-r--r-- 1 clamav clamav 73081 May 24 05:18 bytecode.cvd
-rw-r--r-- 1 clamav clamav 24580085 May 29 05:18 daily.cvd
-rw-r--r-- 1 clamav clamav 64720632 Sep 17 2013 main.cvd
-rw------- 1 clamav clamav 1664 May 29 06:18 mirrors.dat
-- System Information:
Debian Release: 7.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/16 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Versions of packages clamav depends on:
ii clamav-freshclam [clamav-data] 0.98.1+dfsg-1+deb7u3
ii libc6 2.13-38+deb7u1
ii libclamav6 0.98.1+dfsg-1+deb7u3
ii zlib1g 1:1.2.7.dfsg-13
Versions of packages clamav recommends:
ii clamav-base 0.98.1+dfsg-1+deb7u3
Versions of packages clamav suggests:
pn clamav-docs <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: clamav
Source-Version: 0.98.1+dfsg-1+deb7u4
We believe that the bug you reported is fixed in the latest version of
clamav, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sebastian Andrzej Siewior <[email protected]> (supplier of updated clamav
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 30 May 2014 20:46:42 +0200
Source: clamav
Binary: clamav-base clamav-docs clamav-dbg clamav libclamav-dev libclamav6
clamav-daemon clamav-testfiles clamav-freshclam clamav-milter
Architecture: source all i386
Version: 0.98.1+dfsg-1+deb7u4
Distribution: stable
Urgency: medium
Maintainer: ClamAV Team <[email protected]>
Changed-By: Sebastian Andrzej Siewior <[email protected]>
Description:
clamav - anti-virus utility for Unix - command-line interface
clamav-base - anti-virus utility for Unix - base package
clamav-daemon - anti-virus utility for Unix - scanner daemon
clamav-dbg - debug symbols for ClamAV
clamav-docs - anti-virus utility for Unix - documentation
clamav-freshclam - anti-virus utility for Unix - virus database update utility
clamav-milter - anti-virus utility for Unix - sendmail integration
clamav-testfiles - anti-virus utility for Unix - test files
libclamav-dev - anti-virus utility for Unix - development files
libclamav6 - anti-virus utility for Unix - library
Closes: 749715
Changes:
clamav (0.98.1+dfsg-1+deb7u4) stable; urgency=medium
.
* cherry pick upstream patches to fix a crash while using clamscan. Added
patches: c6f5ef98d ("bb #10970 - Force a filesize limit of UINT_MAX - 2")
and 99ee2138c ("Key off INT_MAX") (Closes: #749715).
Checksums-Sha1:
ecb1176ab4ad0954ec3372be50b32b4b26ea99d6 2648 clamav_0.98.1+dfsg-1+deb7u4.dsc
1c1da6a2ed6db84757d255ad5a3442412ad03598 327730
clamav_0.98.1+dfsg-1+deb7u4.diff.gz
e92d8694f48ae1996b2be1f2338d5bef5b6a2cc6 322606
clamav-base_0.98.1+dfsg-1+deb7u4_all.deb
e30021ea165a8f2200c3ad3353dd826e47f98435 5272086
clamav-testfiles_0.98.1+dfsg-1+deb7u4_all.deb
bde7896f3937c1ff1d9350ea1fb708e30517e285 1265598
clamav-docs_0.98.1+dfsg-1+deb7u4_all.deb
54c8e2e01c5fe6fe07f52f01e5bb83604269594b 4548580
libclamav6_0.98.1+dfsg-1+deb7u4_i386.deb
8398eff41e74118b06324de0f6f4384cfb803a73 353870
clamav_0.98.1+dfsg-1+deb7u4_i386.deb
b40ef49ad7cf58ffecb7e689c2973dd9c6de5dc3 446762
clamav-daemon_0.98.1+dfsg-1+deb7u4_i386.deb
0cd71c9acf4b6b3455da81bec2fe76a85d997b2f 336060
clamav-freshclam_0.98.1+dfsg-1+deb7u4_i386.deb
71cbdab91d54fe43e02b50d08b8276e9b80b5562 372402
clamav-milter_0.98.1+dfsg-1+deb7u4_i386.deb
b2c9c5ac3e24eb9adb07543f46f4f29929abebba 233062
libclamav-dev_0.98.1+dfsg-1+deb7u4_i386.deb
e3c48bfa4301b50e68ab7e74329caa16f377e75e 36143050
clamav-dbg_0.98.1+dfsg-1+deb7u4_i386.deb
Checksums-Sha256:
b6e035d0907b2f2fe3aba504155fed68973dba96d0c9ec03c703de9cd23759ff 2648
clamav_0.98.1+dfsg-1+deb7u4.dsc
304a0d36face67288fc19e2ab072c304ae0db79eb5f3aae0c56cad28eb99de39 327730
clamav_0.98.1+dfsg-1+deb7u4.diff.gz
fe0ca8f2c93373e265893828679cd7765856bb47d73f86853ed9eb798af01b8b 322606
clamav-base_0.98.1+dfsg-1+deb7u4_all.deb
75dc7b926dabb0a0cf5c0a63a5e1d9a0de260c794fbe8aec7d5c7eadf1140b3e 5272086
clamav-testfiles_0.98.1+dfsg-1+deb7u4_all.deb
d3bf7a8413fe61455eb6780b516b0857fe9ab60f815dafa3c510f2b59ef74cc8 1265598
clamav-docs_0.98.1+dfsg-1+deb7u4_all.deb
44ea5b705e58083efc6109b7fb8f20a920b48c4ffd3791c2536594fb82b5733b 4548580
libclamav6_0.98.1+dfsg-1+deb7u4_i386.deb
b76294acfea9e9b7471fb7a28164e2a3b3c313daeab18be447b7e37bb8314379 353870
clamav_0.98.1+dfsg-1+deb7u4_i386.deb
ef9ccdb9ff768bb652721ac344c491573eed30378e5f0611d4363c4672d7494e 446762
clamav-daemon_0.98.1+dfsg-1+deb7u4_i386.deb
c8dc608e7d7bfd608bf598787bd3511a8c53c5217a004be74bca0825df5e363d 336060
clamav-freshclam_0.98.1+dfsg-1+deb7u4_i386.deb
3beb4506eea75af81fb06f3346049825c4765738bc63b0b8650ee547856ffa7e 372402
clamav-milter_0.98.1+dfsg-1+deb7u4_i386.deb
c761053001b49b8838f5f4f8a2bb4dbb837c91c4259ff0f35050a31e4a02aef5 233062
libclamav-dev_0.98.1+dfsg-1+deb7u4_i386.deb
477a2c2f77d2a9c58a2cb6e91a8b4a0a6241793e172623f3a2e6cb96b45826ba 36143050
clamav-dbg_0.98.1+dfsg-1+deb7u4_i386.deb
Files:
d10d5fdf3eae2461cc57f653657e5160 2648 utils optional
clamav_0.98.1+dfsg-1+deb7u4.dsc
d1a0b17d3f78fd81fc6146a0820fed97 327730 utils optional
clamav_0.98.1+dfsg-1+deb7u4.diff.gz
d772e9ef67963f0c10651fbaa8d1cac9 322606 utils optional
clamav-base_0.98.1+dfsg-1+deb7u4_all.deb
a13b991336850128c1cd1d6eea633916 5272086 utils optional
clamav-testfiles_0.98.1+dfsg-1+deb7u4_all.deb
7f9e816ae9ea5c2632e08edfaecc2c9a 1265598 doc optional
clamav-docs_0.98.1+dfsg-1+deb7u4_all.deb
a94a4f6254ae161294cac6dc2e558624 4548580 libs optional
libclamav6_0.98.1+dfsg-1+deb7u4_i386.deb
3a5dc58e84552a36c0cd0747d29032cb 353870 utils optional
clamav_0.98.1+dfsg-1+deb7u4_i386.deb
e7dc320a38f8a94b3e96252019d935aa 446762 utils optional
clamav-daemon_0.98.1+dfsg-1+deb7u4_i386.deb
bca85b7e5cc83f679aec473f722bbff5 336060 utils optional
clamav-freshclam_0.98.1+dfsg-1+deb7u4_i386.deb
e4f3a92b5ba04e5dd152a1c66b61835e 372402 utils extra
clamav-milter_0.98.1+dfsg-1+deb7u4_i386.deb
b8181b0a7cfc661287e68838bfdf3667 233062 libdevel optional
libclamav-dev_0.98.1+dfsg-1+deb7u4_i386.deb
fad9a36d1e1eb483fa260e940bf98cfe 36143050 debug extra
clamav-dbg_0.98.1+dfsg-1+deb7u4_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJTkx0FAAoJEHjX3vua1Zrx7ScP/AoMRGnn3pkP8WYcgchsPygd
bgV6PS8jA2HTKVeZ6ooY5d5+xPIHC02H15captxavJd2d2YYXuybjUnJmk+Fu35u
HbGUy8OlzM8g0eG8qxLwQAwTeOonKAEWqKk0IxxSAybw9we9vstB3WUp173zmE1a
JUgM19d5kdcJvGLPDzQLKrs7RU97IzJOA028ptIZgcLs879SNEZpo7Q6K1dUiXcP
3Lukgbu66NFujHPr8+xdvmCwPyhDt9pasMHEdszY+szpd8WLb3VvKNlFB7t94lxJ
sbPTwPSHE8ZVEasbqLYJ433blpIYAzHHfHU1JH9bPLHtEjdE8HMrQAU40uL/+x3C
CW8JSSvcJ34fRnshr1TogdGbmrV8MS4dFjV0dz7CmHhkL8O7fki0UbuURnMC0ZAb
dmF6aVmesaCR1zUgZ+iUAUEEtfZ0SE+N8qBndcJMnJkAjCubsCdUbDvn+RrfEhRx
/ijQ0x38b7ruTy3qaS2BtF2fF1WBgegLwtVY1F9JO+zNR34E7ZiJV0n7ASn3QPKd
zl+yKlYqm3OoKzIgW0oN00g7j6dv/B0StB1X9cvB6Pqijjow84FhMNMt7D0cQHy4
3fU5avafGz0MnqdcZPnsx8/+9t2/YaCyYexf0vyGKOY+2dzoNIBBHqguNHtEXSPf
Qks/X4OZsEQfyhegb5X3
=eRDO
-----END PGP SIGNATURE-----
--- End Message ---
