Bug#776870: marked as done (unblock: clamav/0.98.6+dfsg-1)
Your message dated Wed, 04 Feb 2015 19:44:47 +0000
with message-id <1423079087.12859.8.camel@adam-barratt.org.uk>
and subject line Re: Bug#776870: unblock: clamav/0.98.6+dfsg-1
has caused the Debian Bug report #776870,
regarding unblock: clamav/0.98.6+dfsg-1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
776870: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776870
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package clamav
New upstream release with security fixes. Here is the upstream NEWS:
ClamAV 0.98.6 is a bug fix release correcting the following:
- library shared object revisions.
- installation issues on some Mac OS X and FreeBSD platforms.
- includes a patch from Sebastian Andrzej Siewior making
ClamAV pid files compatible with systemd.
- Fix a heap out of bounds condition with crafted Yoda's
crypter files. This issue was discovered by Felix Groebert
of the Google Security Team.
- Fix a heap out of bounds condition with crafted mew packer
files. This issue was discovered by Felix Groebert of the
Google Security Team.
- Fix a heap out of bounds condition with crafted upx packer
files. This issue was discovered by Kevin Szkudlapski of
Quarkslab.
- Fix a heap out of bounds condition with crafted upack packer
files. This issue was discovered by Sebastian Andrzej Siewior.
CVE-2014-9328.
- Compensate a crash due to incorrect compiler optimization when
handling crafted petite packer files. This issue was discovered
by Sebastian Andrzej Siewior.
The diff is huge and I didn't see a reasonable way to reduce it (I'll try if I
must), but I don't think it's a productive use of time for me to produce it or
you to review it. I'll attach it in a follow-on to the bug so that this one
makes it to the list.
unblock clamav/0.98.6+dfsg-1
--- End Message ---
--- Begin Message ---
On Mon, 2015-02-02 at 13:27 -0500, Scott Kitterman wrote:
> Please unblock package clamav
>
> New upstream release with security fixes. Here is the upstream NEWS:
Unblocked.
Regards,
Adam
--- End Message ---
Reply to: