22 Fév
2015
22 Fév
'15
09:48
apticron report [Sun, 22 Feb 2015 09:48:15 +0100]
========================================================================
apticron has detected that some packages need upgrading on:
hexagon.federez.net
[ 5.39.82.35 2001:41d0:8:9423::1 5.39.82.35 2001:41d0:8:9423::1 ]
The following packages are currently pending an upgrade:
clamav 0.98.6+dfsg-0+deb7u1
clamav-base 0.98.6+dfsg-0+deb7u1
clamav-daemon 0.98.6+dfsg-0+deb7u1
clamav-freshclam 0.98.6+dfsg-0+deb7u1
e2fslibs 1.42.5-1.1+deb7u1
e2fsprogs 1.42.5-1.1+deb7u1
libclamav6 0.98.6+dfsg-0+deb7u1
libcomerr2 1.42.5-1.1+deb7u1
libss2 1.42.5-1.1+deb7u1
spamc 3.3.2-5+deb7u3
========================================================================
Package Details:
Lecture des fichiers de modifications (« changelog »)...
--- Modifications pour e2fsprogs (e2fslibs e2fsprogs libcomerr2 libss2) ---
e2fsprogs (1.42.5-1.1+deb7u1) stable-security; urgency=high
* Non-maintainer upload by the Security Team.
* Fix CVE-2015-0247: buffer overflow in ext file system open/close routines.
* Fix CVE-2015-1572: incomplete fix for CVE-2015-0247.
-- Michael Gilbert <mgilbert(a)debian.org> Sun, 22 Feb 2015 04:11:53 +0000
--- Modifications pour clamav (clamav clamav-base clamav-daemon clamav-freshclam
libclamav6) ---
clamav (0.98.6+dfsg-0+deb7u1) stable; urgency=medium
[ Sebastian Andrzej Siewior ]
* New upstream bugfix release
- Library shared object revisions.
- Includes a patch from Sebastian Andrzej Siewior making ClamAV pid files
compatible with systemd.
- Fix a heap out of bounds condition with crafted Yoda's crypter files.
This issue was discovered by Felix Groebert of the Google Security Team.
- Fix a heap out of bounds condition with crafted mew packer files. This
issue was discovered by Felix Groebert of the Google Security Team.
- Fix a heap out of bounds condition with crafted upx packer files. This
issue was discovered by Kevin Szkudlapski of Quarkslab.
- Fix a heap out of bounds condition with crafted upack packer files. This
issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328.
- Compensate a crash due to incorrect compiler optimization when handling
crafted petite packer files. This issue was discovered by Sebastian
Andrzej Siewior.
* Update embedded libmspack from 0.4alpha to 0.5alpha (security bugfix
release)
* Don't leak return codes from libmspack to clamav API. (Closes: #774686).
[ Andreas Cadhalpun ]
* Drop Workaround-a-bug-in-libc-on-Hurd.patch, because hurd got fixed.
(see #752237)
* Update libclamav6: embedded-library lintian override for new libclamav6
and make it generic
* Update lintian-overrides for unused-file-paragraph-in-dep5-copyright.
* clamav-base.postinst: always chown /var/log/clamav and /var/lib/clamav
to clamav:clamav, not only on fresh installations. (Closes: #775400)
* debian/copyright: drop files from Files-Excluded only present in github
tarballs
* debian/rules: Remove useless --with-system-tommath --without-included-ltdl
configure options.
[ Scott Kitterman ]
* Stop stripping llvm when repacking the tarball as the system llvm on some
releases is too old to use
[ Javier Fernández-Sanguino ]
* Updated Spanish Debconf template translation (Closes: #773563)
-- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Wed, 04 Feb 2015 21:09:25
+0100
clamav (0.98.5+dfsg-0+deb7u3) stable; urgency=medium
* add "mspack-fix-division-by-zero-in-chm-format-handling" to fix divide
by zero in the chm unpacked. Found & patch by Jakub Wilk (Closes: #774766).
* add "mspack-fix-overflow-in-pointer-arithmetic-on-32bit" to avoid overflow
in pointer arithmetic causing a segfault on 32bit (Closes: #774767).
-- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Wed, 07 Jan 2015 21:56:21
+0100
--- Modifications pour spamassassin (spamc) ---
spamassassin (3.3.2-5+deb7u3) stable; urgency=medium
* Remove references to ahbl.org DNSBL, which has ceased operation.
(Closes: #774768)
-- Noah Meyerhans <noahm(a)debian.org> Sat, 31 Jan 2015 13:32:21 -0800
========================================================================
You can perform the upgrade by issuing the command:
apt-get dist-upgrade
as root on hexagon.federez.net
--
apticron