Bug#951871: buster-pu: package clamav/0.102.2+dfsg-0+deb10u1
On Sat, 2020-02-22 at 20:41 +0100, Sebastian Andrzej Siewior wrote:
> On 2020-02-22 19:33:53 [+0000], Adam D. Barratt wrote:
> > I guess the intent is to push this via stable-updates?
>
> Yes, please. If you need something, please let us know.
How does this seem for an SUA snippet?
========================================
Upstream published version 0.102.2
This is a mostly a bug-fix release. The changes
are not strictly required for operation.
Changes since 0.102.1 currently in buster and stretch include
fixes for a security issue.
CVE-2020-3123
A vulnerability in the Data-Loss-Prevention (DLP) module
could allow an unauthenticated, remote attacker to cause a
denial of service condition on an affected device. An
attacker could exploit this vulnerability by sending a
crafted email file to an affected device.
If you use clamav, we recommend that you install this update.
========================================
Regards,
Adam
Reply to: