Suitability of additional non-security fix for clamav?

To: debian-lts@lists.debian.org
Subject: Suitability of additional non-security fix for clamav?
From: Roberto C. Sánchez <roberto@debian.org>
Date: Sat, 27 Jan 2018 17:34:00 -0500
Message-id: <[🔎] 20180127223400.gov4rbw7spe4ixdr@camaguey.connexer.com>
Mail-followup-to: Roberto C. Sánchez <roberto@debian.org>, debian-lts@lists.debian.org

I am in the process of preparing an update for clamav.

I am curious as to what others might think of including an additional
fix that is not technically security-related.  It fixes a rather serious
bug that causes clamd to crash if a bad virus definition file is
published.  The inclusion of the additional patch in the next wheezy
update was recommended by a clamav maintainer (Scott Kitterman).

https://bugs.debian.org/824196
https://anonscm.debian.org/cgit/pkg-clamav/clamav.git/commit/?id=d7ea9385baefece1a1c2ff29c3c57853fa8011cb

Unless there are objections, I plan to include the patch as just a few
days ago there was a bad virus definition file published that caused
clamav crashes for many users.

Regards,

-Roberto

-- 
Roberto C. Sánchez

Reply to:

Follow-Ups:
- Re: Suitability of additional non-security fix for clamav?
  - From: Moritz Muehlenhoff <jmm@inutil.org>
- Re: Suitability of additional non-security fix for clamav?
  - From: Marc SCHAEFER <schaefer@alphanet.ch>

Prev by Date: Re: Will clamav be updated (CVE-2017-12374 to CVE-2017-12380)?
Next by Date: Re: Suitability of additional non-security fix for clamav?
Previous by thread: Re: Will clamav be updated (CVE-2017-12374 to CVE-2017-12380)?
Next by thread: Re: Suitability of additional non-security fix for clamav?
Index(es):
- Date
- Thread