1

Topic: Emergency: Update ClamAV to 0.95.3 to fix Exploit.PDF-9669 issue ASAP

================= UPDATE ==================

- 2010-01-11 ClamAV fixed this issue in clamav database, so running 'freshclam' to update clamav database should
             fix this issue too. But it's still strong recommend to update ClamAV to the lastest version.
- 2010-01-09 Fix incorrect apt-get command. Sorry :(

Hi, all.

As you may already met, ClamAV will mark most of mails which composed in HTML format as 'Exploit.PDF-9669' virus, this is an issue in ClamAV old version, it can be solved by update ClamAV to the lastest 0.95.3 version. So we suggest you update it AS SOON AS POSSIBLE.

All RHEL/CentOS users can update it via below command with iRedMail yum repository:

# yum update clamav clamav-db clamd

Debian/Ubuntu users can update it via apt-get (if no new version available, please push the package maintainers):

# apt-get update
# apt-get upgrade clamav-freshclam clamav-daemon

Big thanks to forum user hoho for his remind smile

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Emergency: Update ClamAV to 0.95.3 to fix Exploit.PDF-9669 issue ASAP

strange, but I could not get update.
[root@mail3 yum.repos.d]# uname -a
Linux XXXX.XXXX.XX 2.6.18-164.el5 #1 SMP Thu Sep 3 03:28:30 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux

[root@mail3 ~]# yum update clamav
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: mirror.neolabs.kz
* base: mirror.neolabs.kz
* extras: centosh.centos.org
* updates: centosf.centos.org
Setting up Update Process
No Packages marked for Update

[root@mail3 yum.repos.d]# yum --enablerepo=iRedMail update clamav
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: mirror.neolabs.kz
* base: mirror.neolabs.kz
* extras: centosh.centos.org
* updates: centosf.centos.org
Setting up Update Process
No Packages marked for Update
[root@mail3 yum.repos.d]#

3

Re: Emergency: Update ClamAV to 0.95.3 to fix Exploit.PDF-9669 issue ASAP

Could you please try again? i've re-generated the yum repo metadata.

If still fail, you can download them directly here (or from Dag repo):
http://www.iredmail.org/yum/rpms/5/

4

Re: Emergency: Update ClamAV to 0.95.3 to fix Exploit.PDF-9669 issue ASAP

ZhangHuangbin wrote:

Could you please try again? i've re-generated the yum repo metadata.

If still fail, you can download them directly here (or from Dag repo):
http://www.iredmail.org/yum/rpms/5/

Which version should be installed?

Installed Packages
clamav.i386             0.95.3-1.el5.rf                 installed

5

Re: Emergency: Update ClamAV to 0.95.3 to fix Exploit.PDF-9669 issue ASAP

Rashef wrote:

Which version should be installed?

As this forum topic title said: Update ClamAV to 0.95.3.

Acutally, i pushed 0.95.3 into yum repository for a long time, maybe you guys already updated to this lastest version.

6

Re: Emergency: Update ClamAV to 0.95.3 to fix Exploit.PDF-9669 issue ASAP

Oh thanks... I thought we need a specific sub-version. :-)

7

Re: Emergency: Update ClamAV to 0.95.3 to fix Exploit.PDF-9669 issue ASAP

if you use the debian-volatile repositories may update clamav

aptitude show clamav
Paquete: clamav
Nuevo: sí
Estado: instalado
Instalado automáticamente: sí
Versión: 0.95.3+dfsg-1~volatile1
Prioridad: opcional
Sección: utils
Desarrollador: ClamAV Team <pkg-clamav-devel@lists.alioth.debian.org>
Tamaño sin comprimir: 500k
Depende de: libc6 (>= 2.7-1), libclamav6 (>= 0.95.3+dfsg), libtommath0, zlib1g (>=
            1:1.1.4), clamav-freshclam | clamav-data
Recomienda: clamav-base