Re: [SECURITY] [DSA 1232-1] New clamav packages fix denial of service

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1232-1] New clamav packages fix denial of service
From: "Milan P. Stanic" <mps@oss.co.yu>
Date: Sun, 10 Dec 2006 13:19:08 +0100
Message-id: <[🔎] 20061210121908.GB3400@oss.co.yu>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20061210011329.GE845@www.lobefin.net>
References: <20061209144333.GA4225@galadriel.inutil.org> <[🔎] 20061209175614.GA5850@oss.co.yu> <[🔎] 20061210011329.GE845@www.lobefin.net>

On Sun, Dec 10, 2006 at 01:13:29AM +0000, Stephen Gran wrote:
> This one time, at band camp, Milan P. Stanic said:
> > On Sat, Dec 09, 2006 at 03:43:33PM +0100, Moritz Muehlenhoff wrote:
> > > For the unstable distribution (sid) this problem has been fixed in
> > > version 0.86-1.
> >             ^^
> > Clamav in testing and unstable is version 0.88.6
> 
> Yes, and the problem was fixed in version 0.86.  That was the point of
> that statement.

Shouldn't then the DSA say something like "unstable (sid) and testing
(etch) aren't vulnerable because the problem was fixed in version 0.86
already and the clamav in that two releases is version 0.88.6 which is
not vulnerable"?

As it is now it is ambiguous, at least for me.

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- Re: [SECURITY] [DSA 1232-1] New clamav packages fix denial of service
  - From: "Milan P. Stanic" <mps@oss.co.yu>
- Re: [SECURITY] [DSA 1232-1] New clamav packages fix denial of service
  - From: Stephen Gran <sgran@debian.org>

Prev by Date: Re: [SECURITY] [DSA 1232-1] New clamav packages fix denial of service
Next by Date: Re: <Mudança de e-mail - e-mail change>
Previous by thread: Re: [SECURITY] [DSA 1232-1] New clamav packages fix denial of service
Next by thread: Re: [SECURITY] [DSA-1230-1] new l2tpns packages fix buffer overflow
Index(es):
- Date
- Thread