[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 233-1] clamav security and upstream version update



Package        : clamav
Version        : 0.98.7+dfsg-0+deb6u1
CVE ID         : CVE-2014-9328 CVE-2015-1461 CVE-2015-1462 CVE-2015-1463
                 CVE-2015-2170 CVE-2015-2221 CVE-2015-2222 CVE-2015-2668

Upstream published version 0.98.7.  This update updates sqeeze-lts to the
latest upstream release in line with the approach used for other Debian
releases.

The changes are not strictly required for operation, but users of the previous
version in Squeeze may not be able to make use of all current virus signatures
and might get warnings.

The bug fixes that are part of this release include security fixes related
to packed or crypted files (CVE-2014-9328, CVE-2015-1461, CVE-2015-1462,
CVE-2015-1463, CVE-2015-2170, CVE-2015-2221, CVE-2015-2222, and CVE-2015-2668)
and several fixes to the embedded libmspack library, including a potential
infinite loop in the Quantum decoder (CVE-2014-9556).

If you use clamav, we strongly recommend that you upgrade to this version.

Attachment: signature.asc
Description: This is a digitally signed message part.


Reply to: