Debian Bug report logs - #333566
libclamav1: [CAN-2005-3239] OLE2 unpacker stack overflow

version graph

Package: libclamav1; Maintainer for libclamav1 is (unknown);

Reported by: Marcin Owsiany <marcin@owsiany.pl>

Date: Wed, 12 Oct 2005 17:48:05 UTC

Severity: important

Tags: security, upstream

Fixed in version clamav/0.87.1-1

Done: Stephen Gran <sgran@debian.org>

Bug is archived. No further changes may be made.

Forwarded to bugs@clamav.net

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Stephen Gran <sgran@debian.org>:
Bug#333566; Package clamav. Full text and rfc822 format available.

Acknowledgement sent to Marcin Owsiany <marcin@owsiany.pl>:
New Bug report received and forwarded. Copy sent to Stephen Gran <sgran@debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Marcin Owsiany <marcin@owsiany.pl>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: OLE2 unpacker stack overflow
Date: Wed, 12 Oct 2005 19:43:23 +0200
Package: clamav
Version: 0.87-1
Severity: important
Tags: security

I recently stumbled upon a (probably corrupted) DOC file, which caused
clamd (running with ArchiveMaxFiles 10000) to segfault, causing a DoS. After
specifying --max-files=100000 to clamscan, I could also get clamscan to
segfault.

Here is a backtrace I obtained:

#0  0xb7d993a7 in vfprintf () from /lib/tls/libc.so.6
#1  0xb7dbb4e1 in vsnprintf () from /lib/tls/libc.so.6
#2  0xb7e9e7ae in cli_dbgmsg (str=0xb7ee2090 "%34s ") at others.c:122
#3  0xb7ebb8f4 in print_property_name (pname=0xbf0238b0 "\001", size=18) at ole2_extract.c:186
#4  0xb7ebb961 in print_ole2_property (property=0xbf0238b0) at ole2_extract.c:197
#5  0xb7ebc87c in ole2_walk_property_tree (fd=3, hdr=0xbf8222fc, dir=0x87aa028 "/tmp/clamav-ad8ca4a99a5aca3d", prop_index=5,
    handler=0xb7ebcc14 <handler_writefile>, rec_level=1, file_count=0xbf8222a0, limits=0x87a1e58) at ole2_extract.c:509
#6  0xb7ebca1b in ole2_walk_property_tree (fd=3, hdr=0xbf8222fc, dir=0x87aa028 "/tmp/clamav-ad8ca4a99a5aca3d", prop_index=2,
    handler=0xb7ebcc14 <handler_writefile>, rec_level=1, file_count=0xbf8222a0, limits=0x87a1e58) at ole2_extract.c:536
#7  0xb7ebca4b in ole2_walk_property_tree (fd=3, hdr=0xbf8222fc, dir=0x87aa028 "/tmp/clamav-ad8ca4a99a5aca3d", prop_index=5,
    handler=0xb7ebcc14 <handler_writefile>, rec_level=1, file_count=0xbf8222a0, limits=0x87a1e58) at ole2_extract.c:538
#8  0xb7ebca1b in ole2_walk_property_tree (fd=3, hdr=0xbf8222fc, dir=0x87aa028 "/tmp/clamav-ad8ca4a99a5aca3d", prop_index=2,
    handler=0xb7ebcc14 <handler_writefile>, rec_level=1, file_count=0xbf8222a0, limits=0x87a1e58) at ole2_extract.c:536
#9  0xb7ebca4b in ole2_walk_property_tree (fd=3, hdr=0xbf8222fc, dir=0x87aa028 "/tmp/clamav-ad8ca4a99a5aca3d", prop_index=5,
    handler=0xb7ebcc14 <handler_writefile>, rec_level=1, file_count=0xbf8222a0, limits=0x87a1e58) at ole2_extract.c:538
#10 0xb7ebca1b in ole2_walk_property_tree (fd=3, hdr=0xbf8222fc, dir=0x87aa028 "/tmp/clamav-ad8ca4a99a5aca3d", prop_index=2,
    handler=0xb7ebcc14 <handler_writefile>, rec_level=1, file_count=0xbf8222a0, limits=0x87a1e58) at ole2_extract.c:536
[...]
#13791 0xb7ebca1b in ole2_walk_property_tree (fd=3, hdr=0xbf8222fc, dir=0x87aa028 "/tmp/clamav-ad8ca4a99a5aca3d",
    prop_index=3, handler=0xb7ebcc14 <handler_writefile>, rec_level=1, file_count=0xbf8222a0, limits=0x87a1e58)
    at ole2_extract.c:536
#13792 0xb7ebc9a1 in ole2_walk_property_tree (fd=3, hdr=0xbf8222fc, dir=0x87aa028 "/tmp/clamav-ad8ca4a99a5aca3d",
    prop_index=0, handler=0xb7ebcc14 <handler_writefile>, rec_level=0, file_count=0xbf8222a0, limits=0x87a1e58)
    at ole2_extract.c:523
#13793 0xb7ebd68c in cli_ole2_extract (fd=3, dirname=0x87aa028 "/tmp/clamav-ad8ca4a99a5aca3d", limits=0x87a1e58)
    at ole2_extract.c:826
#13794 0xb7ea7419 in cli_scanole2 (desc=3, virname=0xbf8226bc, scanned=0x80536fc, root=0x8054720, limits=0x87a1e58,
    options=107, arec=1, mrec=0) at scanners.c:1142
#13795 0xb7ea802a in cli_magic_scandesc (desc=3, virname=0xbf8226bc, scanned=0x80536fc, root=0x8054720, limits=0x87a1e58,
    options=107, arec=1, mrec=0) at scanners.c:1454
#13796 0xb7ea8421 in cl_scandesc (desc=3, virname=0xbf8226bc, scanned=0x80536fc, root=0x8054720, limits=0x87a1e58,
    options=107) at scanners.c:1563
#13797 0x0804e6b4 in checkfile (filename=0x87aa018 "KOCH.DOC", root=0x8054720, limits=0x87a1e58, options=107, printclean=1)
    at manager.c:764
#13798 0x0804d77b in scanfile (filename=0x87aa018 "KOCH.DOC", root=0x8054720, user=0x0, opt=0x8054008, limits=0x87a1e58,
    options=107) at manager.c:436
---Type <return> to continue, or q <return> to quit---
#13799 0x0804cf5d in scanmanager (opt=0x8054008) at manager.c:263
#13800 0x0804b40b in clamscan (opt=0x8054008) at clamscan.c:159
#13801 0x0804bcf6 in main (argc=4, argv=0xbf822dd4) at options.c:177

I ran it under gdb, and apparently the problem is that the doc file's property
tree is not actually a tree:

Index  Property            Prev Next Child
------------------------------------------
0      RootEntry           -1   -1     3
3      SummaryInformation   2    4    -1
2      WordDocument         5   -1    -1
5      CompObj              0    2     1083217721

This makes ole2_walk_property_tree bounce between properties 2 5 and 0, until
either MaxFiles limit is reached, or (apparently) stack is overflowed.

I do not yet have the authorization to forward the doc file in question to you,
but I guess any file with such property graph will do.

This segfault occured after 13k+ calls, but the clamd on which I discovered the
problem segfaulted with only about 3500+ calls (I have a strace, but it
contains data I am not authorized to forward). I think the difference can be
explained by different system (sid vs sarge), kernel version and program (clamd
vs clamscan).

I guess the problem can be solved in several ways:
 - changing ole2_walk_property_tree to an iterative implementation
 - keeping a cache of already visited nodes and short-circuiting on second visit

Either way, a warning should be put in the documentation on any recursive
unpacking algorithm in clamav, so one can choose a saner maxfiles limit.

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-1-686
Locale: LANG=pl_PL, LC_CTYPE=pl_PL (charmap=ISO-8859-2)

Versions of packages clamav depends on:
ii  clamav-freshclam [clamav-data 0.87-1     downloads clamav virus databases f
ii  libc6                         2.3.5-6    GNU C Library: Shared libraries an
ii  libclamav1                    0.87-1     virus scanner library
ii  zlib1g                        1:1.2.3-4  compression library - runtime

Versions of packages clamav recommends:
pn  arj                           <none>     (no description available)
pn  unzoo                         <none>     (no description available)

-- no debconf information



Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#333566; Package clamav. Full text and rfc822 format available.

Acknowledgement sent to Stephen Gran <sgran@debian.org>:
Extra info received and forwarded to list. Full text and rfc822 format available.

Message #10 received at 333566@bugs.debian.org (full text, mbox):

From: Stephen Gran <sgran@debian.org>
To: Marcin Owsiany <marcin@owsiany.pl>, 333566@bugs.debian.org
Cc: Debian BTS control <control@bugs.debian.org>, ClamAV Bugs <bugs@clamav.net>
Subject: Re: Bug#333566: OLE2 unpacker stack overflow
Date: Wed, 12 Oct 2005 22:50:13 +0100
[Message part 1 (text/plain, inline)]
tags 333566 +upstream
forwarded 333566 bugs@clamav.net
thanks
This one time, at band camp, Marcin Owsiany said:
> I recently stumbled upon a (probably corrupted) DOC file, which caused
> clamd (running with ArchiveMaxFiles 10000) to segfault, causing a DoS. After
> specifying --max-files=100000 to clamscan, I could also get clamscan to
> segfault.

Ouch.  Thanks for the debugging.  I am forwarding this upstream, so they
can take a look at it, and hopefully get a fix out.  Your ideas seem
reasonable, but I'll run it by them first.

Clam team - can you take a look at debian bug 333566, viewable at
http://bugs.debian.org/333566 for the full debug info?

Thanks all,
-- 
 -----------------------------------------------------------------
|   ,''`.                                            Stephen Gran |
|  : :' :                                        sgran@debian.org |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |
 -----------------------------------------------------------------
[signature.asc (application/pgp-signature, inline)]

Tags added: upstream Request was from Stephen Gran <sgran@debian.org> to control@bugs.debian.org. Full text and rfc822 format available.

Noted your statement that Bug has been forwarded to bugs@clamav.net. Request was from Stephen Gran <sgran@debian.org> to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Stephen Gran <sgran@debian.org>:
Bug#333566; Package clamav. Full text and rfc822 format available.

Acknowledgement sent to Marcin Owsiany <porridge@mailin1.expro.pl>:
Extra info received and forwarded to list. Copy sent to Stephen Gran <sgran@debian.org>. Full text and rfc822 format available.

Message #19 received at 333566@bugs.debian.org (full text, mbox):

From: Marcin Owsiany <porridge@mailin1.expro.pl>
To: 333566@bugs.debian.org
Subject: The doc file
Date: Fri, 14 Oct 2005 11:38:45 +0200
[Message part 1 (text/plain, inline)]
Finally, here's the aforementioned doc file itself.

Marcin
[KOCH.DOC (application/msword, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#333566; Package clamav. Full text and rfc822 format available.

Acknowledgement sent to Stephen Gran <sgran@debian.org>:
Extra info received and forwarded to list. Full text and rfc822 format available.

Message #24 received at 333566@bugs.debian.org (full text, mbox):

From: Stephen Gran <sgran@debian.org>
To: Marcin Owsiany <marcin@owsiany.pl>, 333566@bugs.debian.org
Cc: Debian BTS control <control@bugs.debian.org>, ClamAV Bugs <bugs@clamav.net>
Subject: Re: Bug#333566: OLE2 unpacker stack overflow
Date: Fri, 14 Oct 2005 19:49:10 +0100
[Message part 1 (text/plain, inline)]
retitle 333566 libclamav1: [CAN-2005-3239] OLE2 unpacker stack overflow
reassign 333566 libclamav1
thanks

Just noting the assigned number in the bug.  Thanks again all.
-- 
 -----------------------------------------------------------------
|   ,''`.                                            Stephen Gran |
|  : :' :                                        sgran@debian.org |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |
 -----------------------------------------------------------------
[signature.asc (application/pgp-signature, inline)]

Changed Bug title. Request was from Stephen Gran <sgran@debian.org> to control@bugs.debian.org. Full text and rfc822 format available.

Bug reassigned from package `clamav' to `libclamav1'. Request was from Stephen Gran <sgran@debian.org> to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#333566; Package libclamav1. Full text and rfc822 format available.

Acknowledgement sent to Stephen Gran <sgran@debian.org>:
Extra info received and forwarded to list. Full text and rfc822 format available.

Message #33 received at 333566@bugs.debian.org (full text, mbox):

From: Stephen Gran <sgran@debian.org>
To: 333566@bugs.debian.org, 333566-submitter@bugs.debian.org, team@security.debian.org
Subject: tentative patch for this bug
Date: Sat, 22 Oct 2005 22:43:10 +0100
[Message part 1 (text/plain, inline)]
So, it looks like this is the patch that fixes the infinite loop.
Comments, etc, appreciated.  Security folks, does this look to you like
it does the job, and can I upload it for sarge?

No word about a new upstream for sid.  Will probably apply manually.
-- 
 -----------------------------------------------------------------
|   ,''`.                                            Stephen Gran |
|  : :' :                                        sgran@debian.org |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |
 -----------------------------------------------------------------
[CAN-2005-3239.patch (text/plain, attachment)]
[signature.asc (application/pgp-signature, inline)]

Message sent on to Marcin Owsiany <marcin@owsiany.pl>:
Bug#333566. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Stephen Gran <sgran@debian.org>:
Bug#333566; Package libclamav1. Full text and rfc822 format available.

Acknowledgement sent to Florian Weimer <fw@deneb.enyo.de>:
Extra info received and forwarded to list. Copy sent to Stephen Gran <sgran@debian.org>. Full text and rfc822 format available.

Message #41 received at 333566@bugs.debian.org (full text, mbox):

From: Florian Weimer <fw@deneb.enyo.de>
To: Stephen Gran <sgran@debian.org>
Cc: 333566@bugs.debian.org
Subject: Re: Bug#333566: tentative patch for this bug
Date: Sun, 23 Oct 2005 11:32:46 +0200
* Stephen Gran:

> So, it looks like this is the patch that fixes the infinite loop.
> Comments, etc, appreciated.  Security folks, does this look to you like
> it does the job, and can I upload it for sarge?

This is basically a reimplementation of mpz_setbit and friends.  If
GMP is a mandatory build dependency of ClamAV, these functions should
probably be used instead.



Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#333566; Package libclamav1. Full text and rfc822 format available.

Acknowledgement sent to Stephen Gran <sgran@debian.org>:
Extra info received and forwarded to list. Full text and rfc822 format available.

Message #46 received at 333566@bugs.debian.org (full text, mbox):

From: Stephen Gran <sgran@debian.org>
To: Florian Weimer <fw@deneb.enyo.de>, 333566@bugs.debian.org
Subject: Re: Bug#333566: tentative patch for this bug
Date: Mon, 24 Oct 2005 08:56:59 +0100
[Message part 1 (text/plain, inline)]
This one time, at band camp, Florian Weimer said:
> * Stephen Gran:
> 
> > So, it looks like this is the patch that fixes the infinite loop.
> > Comments, etc, appreciated.  Security folks, does this look to you like
> > it does the job, and can I upload it for sarge?
> 
> This is basically a reimplementation of mpz_setbit and friends.  If
> GMP is a mandatory build dependency of ClamAV, these functions should
> probably be used instead.

It is a build dep in Debian, because otherwise you get loud complaints
in your log files about being unable to verify the signatures on the
database updates.  The normal upstream source builds and runs without it,
but is happier with it.

I think that probably the right thing is to make it a requirement
upstream, so I will speak to them about it.

Thanks,
-- 
 -----------------------------------------------------------------
|   ,''`.                                            Stephen Gran |
|  : :' :                                        sgran@debian.org |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |
 -----------------------------------------------------------------
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#333566; Package libclamav1. Full text and rfc822 format available.

Acknowledgement sent to Stephen Gran <sgran@debian.org>:
Extra info received and forwarded to list. Full text and rfc822 format available.

Message #51 received at 333566@bugs.debian.org (full text, mbox):

From: Stephen Gran <sgran@debian.org>
To: Florian Weimer <fw@deneb.enyo.de>, 333566@bugs.debian.org
Cc: team@security.debian.org, 333566-submitter@bugs.debian.org
Subject: Re: Bug#333566: tentative patch for this bug
Date: Mon, 31 Oct 2005 13:17:29 +0000
[Message part 1 (text/plain, inline)]
This one time, at band camp, Florian Weimer said:
> * Stephen Gran:
> 
> > So, it looks like this is the patch that fixes the infinite loop.
> > Comments, etc, appreciated.  Security folks, does this look to you like
> > it does the job, and can I upload it for sarge?
> 
> This is basically a reimplementation of mpz_setbit and friends.  If
> GMP is a mandatory build dependency of ClamAV, these functions should
> probably be used instead.

I have discussed this with upstream, and they don't want to make gmp
mandatory (right now it's an option to configure).  I have confirmed
that it no longer loops on the file in question.  Do we want to go ahead
with this, or no?  I am ready for an upload if so.

Thanks,
-- 
 -----------------------------------------------------------------
|   ,''`.                                            Stephen Gran |
|  : :' :                                        sgran@debian.org |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |
 -----------------------------------------------------------------
[signature.asc (application/pgp-signature, inline)]

Message sent on to Marcin Owsiany <marcin@owsiany.pl>:
Bug#333566. Full text and rfc822 format available.

Reply sent to Stephen Gran <sgran@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Marcin Owsiany <marcin@owsiany.pl>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #59 received at 333566-close@bugs.debian.org (full text, mbox):

From: Stephen Gran <sgran@debian.org>
To: 333566-close@bugs.debian.org
Subject: Bug#333566: fixed in clamav 0.87.1-1
Date: Thu, 03 Nov 2005 17:32:07 -0800
Source: clamav
Source-Version: 0.87.1-1

We believe that the bug you reported is fixed in the latest version of
clamav, which is due to be installed in the Debian FTP archive:

clamav-base_0.87.1-1_all.deb
  to pool/main/c/clamav/clamav-base_0.87.1-1_all.deb
clamav-daemon_0.87.1-1_i386.deb
  to pool/main/c/clamav/clamav-daemon_0.87.1-1_i386.deb
clamav-docs_0.87.1-1_all.deb
  to pool/main/c/clamav/clamav-docs_0.87.1-1_all.deb
clamav-freshclam_0.87.1-1_i386.deb
  to pool/main/c/clamav/clamav-freshclam_0.87.1-1_i386.deb
clamav-milter_0.87.1-1_i386.deb
  to pool/main/c/clamav/clamav-milter_0.87.1-1_i386.deb
clamav-testfiles_0.87.1-1_all.deb
  to pool/main/c/clamav/clamav-testfiles_0.87.1-1_all.deb
clamav_0.87.1-1.diff.gz
  to pool/main/c/clamav/clamav_0.87.1-1.diff.gz
clamav_0.87.1-1.dsc
  to pool/main/c/clamav/clamav_0.87.1-1.dsc
clamav_0.87.1-1_i386.deb
  to pool/main/c/clamav/clamav_0.87.1-1_i386.deb
clamav_0.87.1.orig.tar.gz
  to pool/main/c/clamav/clamav_0.87.1.orig.tar.gz
libclamav-dev_0.87.1-1_i386.deb
  to pool/main/c/clamav/libclamav-dev_0.87.1-1_i386.deb
libclamav1_0.87.1-1_i386.deb
  to pool/main/c/clamav/libclamav1_0.87.1-1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 333566@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stephen Gran <sgran@debian.org> (supplier of updated clamav package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu,  3 Nov 2005 23:21:30 +0000
Source: clamav
Binary: clamav libclamav-dev clamav-milter clamav-base clamav-freshclam clamav-testfiles clamav-daemon libclamav1 clamav-docs
Architecture: source all i386
Version: 0.87.1-1
Distribution: unstable
Urgency: low
Maintainer: Stephen Gran <sgran@debian.org>
Changed-By: Stephen Gran <sgran@debian.org>
Description: 
 clamav     - antivirus scanner for Unix
 clamav-base - base package for clamav, an anti-virus utility for Unix
 clamav-daemon - antivirus scanner daemon
 clamav-docs - documentation package for clamav, an anti-virus utility for Unix
 clamav-freshclam - downloads clamav virus databases from the Internet
 clamav-milter - antivirus scanner for sendmail
 clamav-testfiles - use these files to test that your Antivirus program works
 libclamav-dev - clam Antivirus library development files
 libclamav1 - virus scanner library
Closes: 322396 330240 333400 333566
Changes: 
 clamav (0.87.1-1) unstable; urgency=low
 .
   * New upstream release
     - Upstream fix for possible infinite loop
       libclamav/tnef.c: IDEF1169]
     - Upstream fix for possible infinite loop
       libclamav/mspack/cabd.c: IDEF1180]
     - Upstream fix for buffer size calculation
       libclamav/fsg.c: ZDI-CAN-004]
     - Upstream fix for possible infinite loop
       libclamav/others.c,h, libclamav/ole2_extract.c: CAN-2005-3239]
       (closes: #333566)
     - Upstream fix for boundary checks
       libclamav/petite.c]
     - Upstream fix to scan attachments that have no file names
       libclamav/mbox.c]
   * Some more lsb changes to init scripts
   * New Translations:
     - it (Thanks Cristian Rigamonti <cri@linux.it>)(closes: #330240)
     - sv (Thanks Daniel Nylander <po@danielnylander.se>)(closes: #333400)
   * Move to dpatch for patch management, and add build-dependencies (dpatch
     and cpp)
   * Apply patch for bus error on sparc in zzip routines (closes: #322396)
Files: 
 38cde2f3590f4512a314de2b3ac75f2e 875 utils optional clamav_0.87.1-1.dsc
 bf9f038edf0b6d5f76552e1b8d014b81 4468992 utils optional clamav_0.87.1.orig.tar.gz
 1db07c66d0d83a4c47e8715c2e7cf2b2 467697 utils optional clamav_0.87.1-1.diff.gz
 264744d2f0e1ff5e70f72c9e11c68064 168582 utils optional clamav-base_0.87.1-1_all.deb
 303256fba60b651617b168aa90b88b00 127758 utils optional clamav-testfiles_0.87.1-1_all.deb
 dcf9b25c4d279133b0a7a5276b49b36e 795146 utils optional clamav-docs_0.87.1-1_all.deb
 ccad02c67f00bf678c6c1ae360a3259a 258530 libs optional libclamav1_0.87.1-1_i386.deb
 77bfd295cb6b7f7db642ce369ac3439e 65456 utils optional clamav_0.87.1-1_i386.deb
 2859c7c5aafecddb18ea84abd4466741 38450 utils optional clamav-daemon_0.87.1-1_i386.deb
 acec551989ab1f0025979dca3e3c851e 2771638 utils optional clamav-freshclam_0.87.1-1_i386.deb
 fed04b33e8f41dbf63e48e2c3cc6a447 37854 utils extra clamav-milter_0.87.1-1_i386.deb
 f1ea9b5693aefdc77d69ad5eb59edde4 159284 libdevel optional libclamav-dev_0.87.1-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDarEgSYIMHOpZA44RAnd3AJ990y6B9d1yiTByFX8y+jYxTonHIACggHvm
xBA7Kt3txmSu8FPWb4PqDG0=
=5GjH
-----END PGP SIGNATURE-----




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 18 Jun 2007 13:58:51 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Mon Apr 21 12:25:09 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.