[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/etch-security, updated. debian/0.90.1dfsg-4etch16-1-gcd7381b

Michael Tautschnig mt at debian.org
Wed Dec 3 21:31:54 UTC 2008 

The following commit has been merged in the debian/etch-security branch:
commit cd7381b84bbcf9c31269fcd11af1b33449b5ac2b
Author: Michael Tautschnig <mt at debian.org>
Date:   Wed Dec 3 13:28:06 2008 -0800

    Patched patch for others.c
    
    - The problem has been pointed out by Leonel Nunez, but both the old patch and
      the new change only modify dead code (cli_filecopy is never called)
    - See also
      http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/2008-December/000302.html
    
    Signed-off-by: Michael Tautschnig <mt at debian.org>

diff --git a/debian/changelog b/debian/changelog
index 80aedd3..cbd57a6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+clamav (0.90.1dfsg-4etch17) stable-security; urgency=low
+
+  * Corrected error in previous patch for CVE-2008-3914 (thanks Leonel Nunez)
+
+ -- Stephen Gran <sgran at debian.org>  Wed, 03 Dec 2008 13:26:21 -0800
+ 
 clamav (0.90.1dfsg-4etch16) stable-security; urgency=high
 
   * [CVE-2008-5050]: libclamav/vba_extract.c: possible buffer overflow
diff --git a/debian/patches/46.fd-leak.CVE-2008-3914.dpatch b/debian/patches/46.fd-leak.CVE-2008-3914.dpatch
index 6074e2a..f6180be 100644
--- a/debian/patches/46.fd-leak.CVE-2008-3914.dpatch
+++ b/debian/patches/46.fd-leak.CVE-2008-3914.dpatch
@@ -52,18 +52,22 @@ index 4c942a7..679e981 100644
  		fclose(stream_in);
  		return FALSE;
 diff --git a/libclamav/others.c b/libclamav/others.c
-index 1ee20de..e9d9a86 100644
+index 1ee20de..9a08b7c 100644
 --- a/libclamav/others.c
 +++ b/libclamav/others.c
-@@ -812,6 +812,8 @@ int cli_filecopy(const char *src, const char *dest)
+@@ -811,8 +811,11 @@ int cli_filecopy(const char *src, const char *dest)
+ 	return -1;
      }
  
-     if(!(buffer = cli_malloc(FILEBUFF)))
+-    if(!(buffer = cli_malloc(FILEBUFF)))
++    if(!(buffer = cli_malloc(FILEBUFF))) {
 +	close(s);
 +	close(d);
  	return -1;
++    }
  
      while((bytes = cli_readn(s, buffer, FILEBUFF)) > 0)
+ 	cli_writen(d, buffer, bytes);
 diff --git a/libclamav/sis.c b/libclamav/sis.c
 index 2849265..8fd7192 100644
 --- a/libclamav/sis.c

-- 
Debian repository for ClamAV

More information about the Pkg-clamav-commits mailing list