Sebastian Harl uploaded a security update for clamav in sarge and etch backports which fixes the following issues: CVE-2007-4510 It was discovered that the RTF and RFC2397 parsers can be tricked into dereferencing a NULL pointer, resulting in denial of service. CVE-2007-4560 It was discovered clamav-milter performs insufficicient input sanitising, resulting in the execution of arbitrary shell commands. For the sarge-backports distribution the problems have been fixed in version 0.91.2-1~bpo31+1. For the etch-backports distribution the problems have been fixed in version 0.91.2-1~bpo40+1. Alex -- Alexander Wirt, formorer@formorer.de CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A
Attachment:
signature.asc
Description: Digital signature