Packages
- clamav - Anti-virus utility for Unix
Details
It was discovered that ClamAV would incorrectly parse a UPX-packed
executable, leading to possible inappropriate heap reads. An attacker
could use this issue to cause ClamAV to crash, resulting in a denial of
service, or possibly execute arbitrary code. (CVE-2013-2020)
It was discovered that ClamAV would incorrectly parse a PDF document,
potentially writing beyond the size of a static array. An attacker could
use this issue to cause ClamAV to crash, resulting in a denial of service,
or possibly execute arbitrary code. (CVE-2013-2021)
It was discovered that ClamAV would incorrectly parse a UPX-packed
executable, leading to possible inappropriate heap reads. An attacker
could use this issue to cause ClamAV to crash, resulting in a denial of
service, or possibly execute arbitrary code. (CVE-2013-2020)
It was discovered that ClamAV would incorrectly parse a PDF document,
potentially writing beyond the size of a static array. An attacker could
use this issue to cause ClamAV to crash, resulting in a denial of service,
or possibly execute arbitrary code. (CVE-2013-2021)
Update instructions
This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart ClamAV to make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 13.04 raring | clamav – 0.97.8+dfsg-1ubuntu1.13.04.1 | ||
| 12.10 quantal | clamav – 0.97.8+dfsg-1ubuntu1.12.10.1 | ||
| 12.04 precise | clamav – 0.97.8+dfsg-1ubuntu1.12.04.1 | ||
| 11.10 oneiric | clamav – 0.97.8+dfsg-1ubuntu1.11.10.1 | ||
| 10.04 lucid | clamav – 0.97.8+dfsg-1ubuntu1.10.04.1 | ||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.