Debian Bug report logs -
#476694
clamav: CVE-2008-1833 integer overflow leading to heap overflow via crafted wwpack compressed pe binary
Reported by: Nico Golde <nion@debian.org>
Date: Fri, 18 Apr 2008 14:00:02 UTC
Severity: grave
Tags: patch, security
Fixed in versions 0.90.1dfsg-3etch41, clamav/0.92.1~dfsg2-1.1
Done: Nico Golde <nion@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Stephen Gran <sgran@debian.org>:
Bug#476694; Package clamav.
(full text, mbox, link).
Acknowledgement sent to Nico Golde <nion@debian.org>:
New Bug report received and forwarded. Copy sent to Stephen Gran <sgran@debian.org>.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: clamav
Severity: grave
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for clamav.
CVE-2008-1833[0]:
| Heap-based buffer overflow in libclamav in ClamAV 0.92.1 allows remote
| attackers to execute arbitrary code via a crafted WWPack compressed PE
| binary.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1833
http://security-tracker.debian.net/tracker/CVE-2008-1833
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]
Information forwarded to debian-bugs-dist@lists.debian.org, Stephen Gran <sgran@debian.org>:
Bug#476694; Package clamav.
(full text, mbox, link).
Acknowledgement sent to Moritz Muehlenhoff <jmm@inutil.org>:
Extra info received and forwarded to list. Copy sent to Stephen Gran <sgran@debian.org>.
(full text, mbox, link).
Message #10 received at 476694@bugs.debian.org (full text, mbox, reply):
Nico Golde wrote:
> the following CVE (Common Vulnerabilities & Exposures) id was
> published for clamav.
>
>
> CVE-2008-1833[0]:
> | Heap-based buffer overflow in libclamav in ClamAV 0.92.1 allows remote
> | attackers to execute arbitrary code via a crafted WWPack compressed PE
> | binary.
>
> If you fix the vulnerability please also make sure to include the
> CVE id in your changelog entry.
>
> For further information see:
>
> [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1833
> http://security-tracker.debian.net/tracker/CVE-2008-1833
Already fixed in etch and unstable (it's the issue referenced as not
yet having a CVE ID in the DSA).
Cheers,
Moritz
Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#476694; Package clamav.
(full text, mbox, link).
Acknowledgement sent to Stephen Gran <sgran@debian.org>:
Extra info received and forwarded to list.
(full text, mbox, link).
Message #15 received at 476694@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
close 476694 0.92.1~dfsg2-1
close 476694 0.92.1~dfsg-1volatile2
close 476694 0.90.1dfsg-3etch41
thanks
This one time, at band camp, Nico Golde said:
> Hi,
> the following CVE (Common Vulnerabilities & Exposures) id was
> published for clamav.
>
>
> CVE-2008-1833[0]:
> | Heap-based buffer overflow in libclamav in ClamAV 0.92.1 allows remote
> | attackers to execute arbitrary code via a crafted WWPack compressed PE
> | binary.
>
> If you fix the vulnerability please also make sure to include the
> CVE id in your changelog entry.
Fix already uploaded.
--
-----------------------------------------------------------------
| ,''`. Stephen Gran |
| : :' : sgran@debian.org |
| `. `' Debian user, admin, and developer |
| `- http://www.debian.org |
-----------------------------------------------------------------
[signature.asc (application/pgp-signature, inline)]
Bug marked as fixed in version 0.92.1~dfsg2-1, send any further explanations to Nico Golde <nion@debian.org>
Request was from Stephen Gran <sgran@debian.org>
to control@bugs.debian.org.
(Fri, 18 Apr 2008 14:24:04 GMT) (full text, mbox, link).
Bug marked as fixed in version 0.92.1~dfsg-1volatile2, send any further explanations to Nico Golde <nion@debian.org>
Request was from Stephen Gran <sgran@debian.org>
to control@bugs.debian.org.
(Fri, 18 Apr 2008 14:24:05 GMT) (full text, mbox, link).
Bug marked as fixed in version 0.90.1dfsg-3etch41, send any further explanations to Nico Golde <nion@debian.org>
Request was from Stephen Gran <sgran@debian.org>
to control@bugs.debian.org.
(Fri, 18 Apr 2008 14:24:06 GMT) (full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, Stephen Gran <sgran@debian.org>:
Bug#476694; Package clamav.
(full text, mbox, link).
Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Stephen Gran <sgran@debian.org>.
(full text, mbox, link).
Message #26 received at 476694@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hi Moritz,
* Moritz Muehlenhoff <jmm@inutil.org> [2008-04-18 16:09]:
> Nico Golde wrote:
> > the following CVE (Common Vulnerabilities & Exposures) id was
> > published for clamav.
> >
> >
> > CVE-2008-1833[0]:
> > | Heap-based buffer overflow in libclamav in ClamAV 0.92.1 allows remote
> > | attackers to execute arbitrary code via a crafted WWPack compressed PE
> > | binary.
> >
> > If you fix the vulnerability please also make sure to include the
> > CVE id in your changelog entry.
> >
> > For further information see:
> >
> > [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1833
> > http://security-tracker.debian.net/tracker/CVE-2008-1833
>
> Already fixed in etch and unstable (it's the issue referenced as not
> yet having a CVE ID in the DSA).
Are you sure? Looking at the source code from the unstable
version I still see the affected lines of code:
if((DCONF & PE_CONF_WWPACK) && nsections > 1 &&
exe_sections[nsections-1].raw>0x2b1 &&
vep == exe_sections[nsections - 1].rva &&
exe_sections[nsections - 1].rva + exe_sections[nsections - 1].rsz == max &&
memcmp(epbuff, "\x53\x55\x8b\xe8\x33\xdb\xeb", 7) == 0 &&
memcmp(epbuff+0x68, "\xe8\x00\x00\x00\x00\x58\x2d\x6d\x00\x00\x00\x50\x60\x33\xc9\x50\x58\x50\x50", 19) == 0) {
uint32_t headsize=exe_sections[nsections - 1].raw;
char *dest, *wwp;
for(i = 0 ; i < (unsigned int)nsections-1; i++)
if (exe_sections[i].raw<headsize) headsize=exe_sections[i].raw;
dsize = max-min+headsize-exe_sections[nsections - 1].rsz;
CLI_UNPSIZELIMITS("WWPack", dsize);
if((dest = (char *) cli_calloc(dsize, sizeof(char))) == NULL) {
How was this fixed?
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]
Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#476694; Package clamav.
(full text, mbox, link).
Acknowledgement sent to Stephen Gran <sgran@debian.org>:
Extra info received and forwarded to list.
(full text, mbox, link).
Message #31 received at 476694@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
This one time, at band camp, Nico Golde said:
> Hi Moritz,
> * Moritz Muehlenhoff <jmm@inutil.org> [2008-04-18 16:09]:
> >
> > Already fixed in etch and unstable (it's the issue referenced as not
> > yet having a CVE ID in the DSA).
>
> Are you sure? Looking at the source code from the unstable
> version I still see the affected lines of code:
>
> if((DCONF & PE_CONF_WWPACK) && nsections > 1 &&
> exe_sections[nsections-1].raw>0x2b1 &&
> vep == exe_sections[nsections - 1].rva &&
> exe_sections[nsections - 1].rva + exe_sections[nsections - 1].rsz == max &&
> memcmp(epbuff, "\x53\x55\x8b\xe8\x33\xdb\xeb", 7) == 0 &&
> memcmp(epbuff+0x68, "\xe8\x00\x00\x00\x00\x58\x2d\x6d\x00\x00\x00\x50\x60\x33\xc9\x50\x58\x50\x50", 19) == 0) {
> uint32_t headsize=exe_sections[nsections - 1].raw;
> char *dest, *wwp;
>
> for(i = 0 ; i < (unsigned int)nsections-1; i++)
> if (exe_sections[i].raw<headsize) headsize=exe_sections[i].raw;
>
> dsize = max-min+headsize-exe_sections[nsections - 1].rsz;
>
> CLI_UNPSIZELIMITS("WWPack", dsize);
>
> if((dest = (char *) cli_calloc(dsize, sizeof(char))) == NULL) {
>
> How was this fixed?
Arg - you may be right - I see the upack vulnerability fixed in
unstable, but it looks like I may not have gotten the wwpack
vulnerability in the patch. Sorry - this week has been really bad for
me (I have guests staying and I'm really busy at work, so my
concentration is a bit shot). It looks like I may also have missed it
for volatile. Damn.
This appears to be the patch in question:
http://git.debian.org/?p=users/sgran/clamav-devel.git;a=commitdiff;h=65f47ca3711e1bc99970c5eabc0a0598dcd46f26#patch43
I'll apply the patch here, but I'm unlikely to be able to upload to
unstable before Monday night - I'm off for a disconnected weekend in 2
hours, and I'm still at work. Feel free to NMU, if you like.
--
-----------------------------------------------------------------
| ,''`. Stephen Gran |
| : :' : sgran@debian.org |
| `. `' Debian user, admin, and developer |
| `- http://www.debian.org |
-----------------------------------------------------------------
[signature.asc (application/pgp-signature, inline)]
Information forwarded to debian-bugs-dist@lists.debian.org, Stephen Gran <sgran@debian.org>:
Bug#476694; Package clamav.
(full text, mbox, link).
Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Stephen Gran <sgran@debian.org>.
(full text, mbox, link).
Message #36 received at 476694@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hi Stephen,
* Stephen Gran <sgran@debian.org> [2008-04-18 18:00]:
> This one time, at band camp, Nico Golde said:
> > * Moritz Muehlenhoff <jmm@inutil.org> [2008-04-18 16:09]:
> > >
> > > Already fixed in etch and unstable (it's the issue referenced as not
> > > yet having a CVE ID in the DSA).
> >
> > Are you sure? Looking at the source code from the unstable
> > version I still see the affected lines of code:
[...]
> > How was this fixed?
>
> Arg - you may be right - I see the upack vulnerability fixed in
> unstable, but it looks like I may not have gotten the wwpack
> vulnerability in the patch.
Ok fine. Usually I ask for verification if I don't already
know if this is fixed or not if I file a bug, I can be wrong thought ;-P
> Sorry - this week has been really bad for
> me (I have guests staying and I'm really busy at work, so my
> concentration is a bit shot). It looks like I may also have missed it
> for volatile. Damn.
Happens, stable should be unfixed as well cause I used the
stable diff to check for changes.
> This appears to be the patch in question:
> http://git.debian.org/?p=users/sgran/clamav-devel.git;a=commitdiff;h=65f47ca3711e1bc99970c5eabc0a0598dcd46f26#patch43
>
> I'll apply the patch here, but I'm unlikely to be able to upload to
> unstable before Monday night - I'm off for a disconnected weekend in 2
> hours, and I'm still at work. Feel free to NMU, if you like.
Ok, will do that tomorrow.
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]
Bug reopened, originator not changed.
Request was from Nico Golde <nion@debian.org>
to control@bugs.debian.org.
(Fri, 18 Apr 2008 17:27:11 GMT) (full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#476694; Package clamav.
(full text, mbox, link).
Acknowledgement sent to Stephen Gran <sgran@debian.org>:
Extra info received and forwarded to list.
(full text, mbox, link).
Message #43 received at 476694@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
This one time, at band camp, Nico Golde said:
> Happens, stable should be unfixed as well cause I used the
> stable diff to check for changes.
Stable is fixed - the code is quite different but had a conceptually
similar failure to check bounds. Look at 41.pe.c.wwpack.overflow.dpatch
in the source for how it was fixed for stable/security.
--
-----------------------------------------------------------------
| ,''`. Stephen Gran |
| : :' : sgran@debian.org |
| `. `' Debian user, admin, and developer |
| `- http://www.debian.org |
-----------------------------------------------------------------
[signature.asc (application/pgp-signature, inline)]
Bug marked as fixed in version 0.90.1dfsg-3etch41.
Request was from Nico Golde <nion@debian.org>
to control@bugs.debian.org.
(Sat, 19 Apr 2008 10:36:02 GMT) (full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, Stephen Gran <sgran@debian.org>:
Bug#476694; Package clamav.
(full text, mbox, link).
Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Stephen Gran <sgran@debian.org>.
(full text, mbox, link).
Message #50 received at 476694@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
tags 476694 + patch pending
thanks
Hi,
* Stephen Gran <sgran@debian.org> [2008-04-18 18:15]:
[...]
> I'll apply the patch here, but I'm unlikely to be able to upload to
> unstable before Monday night - I'm off for a disconnected weekend in 2
> hours, and I'm still at work. Feel free to NMU, if you like.
debdiff for unstable attached.
It will be also archived on:
http://people.debian.org/~nion/nmu-diff/clamav-0.92.1~dfsg2-1_0.92.1~dfsg2-1.1.patch
If someone has time, please review or test the packages
cause I have no possibility to test clamav.
unstable: http://people.debian.org/~nion/clamav/unstable/
volatile: http://people.debian.org/~nion/clamav/volatile/
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[clamav-0.92.1~dfsg2-1_0.92.1~dfsg2-1.1.patch (text/x-diff, attachment)]
[Message part 3 (application/pgp-signature, inline)]
Tags added: patch, pending
Request was from Nico Golde <nion@debian.org>
to control@bugs.debian.org.
(Sat, 19 Apr 2008 12:51:05 GMT) (full text, mbox, link).
Reply sent to Nico Golde <nion@debian.org>:
You have taken responsibility.
(full text, mbox, link).
Notification sent to Nico Golde <nion@debian.org>:
Bug acknowledged by developer.
(full text, mbox, link).
Message #57 received at 476694-close@bugs.debian.org (full text, mbox, reply):
Source: clamav
Source-Version: 0.92.1~dfsg2-1.1
We believe that the bug you reported is fixed in the latest version of
clamav, which is due to be installed in the Debian FTP archive:
clamav-base_0.92.1~dfsg2-1.1_all.deb
to pool/main/c/clamav/clamav-base_0.92.1~dfsg2-1.1_all.deb
clamav-daemon_0.92.1~dfsg2-1.1_amd64.deb
to pool/main/c/clamav/clamav-daemon_0.92.1~dfsg2-1.1_amd64.deb
clamav-dbg_0.92.1~dfsg2-1.1_amd64.deb
to pool/main/c/clamav/clamav-dbg_0.92.1~dfsg2-1.1_amd64.deb
clamav-docs_0.92.1~dfsg2-1.1_all.deb
to pool/main/c/clamav/clamav-docs_0.92.1~dfsg2-1.1_all.deb
clamav-freshclam_0.92.1~dfsg2-1.1_amd64.deb
to pool/main/c/clamav/clamav-freshclam_0.92.1~dfsg2-1.1_amd64.deb
clamav-milter_0.92.1~dfsg2-1.1_amd64.deb
to pool/main/c/clamav/clamav-milter_0.92.1~dfsg2-1.1_amd64.deb
clamav-testfiles_0.92.1~dfsg2-1.1_all.deb
to pool/main/c/clamav/clamav-testfiles_0.92.1~dfsg2-1.1_all.deb
clamav_0.92.1~dfsg2-1.1.diff.gz
to pool/main/c/clamav/clamav_0.92.1~dfsg2-1.1.diff.gz
clamav_0.92.1~dfsg2-1.1.dsc
to pool/main/c/clamav/clamav_0.92.1~dfsg2-1.1.dsc
clamav_0.92.1~dfsg2-1.1_amd64.deb
to pool/main/c/clamav/clamav_0.92.1~dfsg2-1.1_amd64.deb
libclamav-dev_0.92.1~dfsg2-1.1_amd64.deb
to pool/main/c/clamav/libclamav-dev_0.92.1~dfsg2-1.1_amd64.deb
libclamav3_0.92.1~dfsg2-1.1_amd64.deb
to pool/main/c/clamav/libclamav3_0.92.1~dfsg2-1.1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 476694@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nico Golde <nion@debian.org> (supplier of updated clamav package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 19 Apr 2008 12:42:18 +0200
Source: clamav
Binary: clamav-base clamav-docs clamav-dbg clamav libclamav-dev libclamav3 clamav-daemon clamav-testfiles clamav-freshclam clamav-milter
Architecture: source all amd64
Version: 0.92.1~dfsg2-1.1
Distribution: unstable
Urgency: high
Maintainer: Stephen Gran <sgran@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description:
clamav - anti-virus utility for Unix - command-line interface
clamav-base - anti-virus utility for Unix - base package
clamav-daemon - anti-virus utility for Unix - scanner daemon
clamav-dbg - debug symbols for ClamAV
clamav-docs - anti-virus utility for Unix - documentation
clamav-freshclam - anti-virus utility for Unix - virus database update utility
clamav-milter - anti-virus utility for Unix - sendmail integration
clamav-testfiles - anti-virus utility for Unix - test files
libclamav-dev - anti-virus utility for Unix - development files
libclamav3 - anti-virus utility for Unix - library
Closes: 476694
Changes:
clamav (0.92.1~dfsg2-1.1) unstable; urgency=high
.
* Non-maintainer upload by the Security Team.
* This update addresses the following security issue:
- CVE-2008-1833: heap-based buffer overflow allows remote
attackers to execute arbitrary code via a crafted WWPack compressed
PE binary (Closes: #476694).
Checksums-Sha1:
ad6d0b38eeb97ec975493ed4e872d0281da4c441 1308 clamav_0.92.1~dfsg2-1.1.dsc
e9824c6dfd38f5da3dbdd4f204e3c05dbb3f3f51 161277 clamav_0.92.1~dfsg2-1.1.diff.gz
b24c7bbe2e02a57ad33f53d34094e7c51192c357 12680280 clamav-base_0.92.1~dfsg2-1.1_all.deb
40d984f6d61a30ab578f34e7d201718446297903 179826 clamav-testfiles_0.92.1~dfsg2-1.1_all.deb
c669091061677f6affae7ba274e0e52dfff53a78 1032966 clamav-docs_0.92.1~dfsg2-1.1_all.deb
45e82c0155ed6ecc14103079517b248a3adfe129 454456 libclamav3_0.92.1~dfsg2-1.1_amd64.deb
918e3a9e37f8e38cd4d6be5d8e8822f2890784bd 896042 clamav_0.92.1~dfsg2-1.1_amd64.deb
c836019e3afdbaa206ddf9a32c3c850e35663e99 200492 clamav-daemon_0.92.1~dfsg2-1.1_amd64.deb
c572ca523a489e88a549c5ed0cdcf9a6b56a7588 217726 clamav-freshclam_0.92.1~dfsg2-1.1_amd64.deb
8bf03bb5fa6b9130b8e9a64c9f084c3a751b4d38 204680 clamav-milter_0.92.1~dfsg2-1.1_amd64.deb
7aa06af1ed9a4586e82160021d4bba6ad414c5b5 473872 libclamav-dev_0.92.1~dfsg2-1.1_amd64.deb
ec79db4cfcfb8e171b40a8a6abc9b758b54e1255 713176 clamav-dbg_0.92.1~dfsg2-1.1_amd64.deb
Checksums-Sha256:
9a57654095f2d6ccd11c1b25bc248c5145f6f6645ef76b96022574541ed922ec 1308 clamav_0.92.1~dfsg2-1.1.dsc
f815acedb0effb74b4769f450c2b187c7e30f3bf7bdaf1a21561289273f0bd05 161277 clamav_0.92.1~dfsg2-1.1.diff.gz
e6f0242f3d19f3d627baa797ab037c491de3789b4ed3f33eace46b214cf88328 12680280 clamav-base_0.92.1~dfsg2-1.1_all.deb
13ab1412021e7fed518766627bc6cffedad3ffa59d766f18d2035acef2b20254 179826 clamav-testfiles_0.92.1~dfsg2-1.1_all.deb
67009bd071d45c9f1e0ab7727673227f5c57e43963528ebd5b7ba9c352f45c9a 1032966 clamav-docs_0.92.1~dfsg2-1.1_all.deb
ddfaeaf20d8c395c9240f57eaa8b4bab947209fc3dcf9e0039e8673bcecf1e2a 454456 libclamav3_0.92.1~dfsg2-1.1_amd64.deb
81a9d12b7c37d2db531cf8a14c11c161404695a4f74a87e08b4bc5a96a15ec8b 896042 clamav_0.92.1~dfsg2-1.1_amd64.deb
98db461e9ad276f4c66124ee3a6bb335055413193061ed9c2b9d814e346611ac 200492 clamav-daemon_0.92.1~dfsg2-1.1_amd64.deb
b9c2ccd71f64c19a03b11726b3d13e0123d05bf089dff499034d8513bcc349fd 217726 clamav-freshclam_0.92.1~dfsg2-1.1_amd64.deb
8e8a598841df95b433f6fe52ecc0a910c05e1bd4ac10dd165596017119ce54ec 204680 clamav-milter_0.92.1~dfsg2-1.1_amd64.deb
84f91d188adf9601652b3854d10b22430ccffab10e07709aa0bab0fb7839b340 473872 libclamav-dev_0.92.1~dfsg2-1.1_amd64.deb
67a7fa613751adaf49e1a96d95bbb41a6827d4085f2ff155fe42b773602dc65b 713176 clamav-dbg_0.92.1~dfsg2-1.1_amd64.deb
Files:
34a36d096b7670ad52b028992242d487 1308 utils optional clamav_0.92.1~dfsg2-1.1.dsc
38a1366957796c9fe732ec4df5821e98 161277 utils optional clamav_0.92.1~dfsg2-1.1.diff.gz
bdf606937526def34dcb634b5007058d 12680280 utils optional clamav-base_0.92.1~dfsg2-1.1_all.deb
8dc1afedc921ba9d813deecd2483737e 179826 utils optional clamav-testfiles_0.92.1~dfsg2-1.1_all.deb
a3ed23e3d491ae4b989c96ba015f7e2d 1032966 doc optional clamav-docs_0.92.1~dfsg2-1.1_all.deb
fd0f59d2aedc07c2672a191c4920a887 454456 libs optional libclamav3_0.92.1~dfsg2-1.1_amd64.deb
7553c15a2864bd7834320fb179e62b42 896042 utils optional clamav_0.92.1~dfsg2-1.1_amd64.deb
0f621fc9ebf547bc01f64ac33995da07 200492 utils optional clamav-daemon_0.92.1~dfsg2-1.1_amd64.deb
6cf4729697158d4c36634e5a4b96fd5f 217726 utils optional clamav-freshclam_0.92.1~dfsg2-1.1_amd64.deb
9c485e3390c97d0ead66ca45200dab4c 204680 utils extra clamav-milter_0.92.1~dfsg2-1.1_amd64.deb
37c262ece980c9fe5b7cd543909b6aea 473872 libdevel optional libclamav-dev_0.92.1~dfsg2-1.1_amd64.deb
fe484d43ec24bc15294e46a02bc9281c 713176 utils extra clamav-dbg_0.92.1~dfsg2-1.1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFICeuuHYflSXNkfP8RAljtAJ9VAxRLxisbR2ReRdkU2D1+XzD5lgCgrdvq
hN4qIfaXJ8bAokMLVB/25h8=
=76kY
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 27 Jul 2008 07:35:16 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 15:20:48 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon