Security updates for clamav

To: backports-users@lists.backports.org
Subject: Security updates for clamav
From: Alexander Wirt <formorer@debian.org>
Date: Mon, 3 Sep 2007 14:56:31 +0200
Message-id: <[🔎] 20070903125631.GA12672@formorer.de>

Sebastian Harl uploaded a security update for clamav in sarge and etch
backports which fixes the following issues: 

CVE-2007-4510

    It was discovered that the RTF and RFC2397 parsers can be tricked
    into dereferencing a NULL pointer, resulting in denial of service.

CVE-2007-4560

    It was discovered clamav-milter performs insufficicient input
    sanitising, resulting in the execution of arbitrary shell commands.

For the sarge-backports distribution the problems have been fixed in version
0.91.2-1~bpo31+1.

For the etch-backports distribution the problems have been fixed in version
0.91.2-1~bpo40+1.

Alex

-- 
Alexander Wirt, formorer@formorer.de 
CC99 2DDD D39E 75B0 B0AA  B25C D35B BC99 BC7D 020A

Attachment: signature.asc
Description: Digital signature

Reply to:

Prev by Date: Security update for egroupware
Next by Date: Re: Mono 1.2.4 backport for etch?
Previous by thread: Security update for egroupware
Next by thread: Re: Mono 1.2.4 backport for etch?
Index(es):
- Date
- Thread