Bug#784101: jessie-pu: package clamav/0.98.7+dfsg-0+deb8u1
Control: tags -1 + pending
On Sat, 2015-05-02 at 22:43 -0400, Scott Kitterman wrote:
> Once again, new clamav release. Painfully huge debdiff attached.
>
> Four CVEs addressed in this version:
>
> CVE-2015-2668 Infinite loop condition on a crafted "xz" archive file
> CVE-2015-2222 Crash on crafted petite packed file
> CVE-2015-2221 Infinite loop condition on crafted y0da cryptor file
> CVE-2015-2170 Crash in upx decoder with crafted file
>
> There are also a couple of changes to fix regressions when running with
> systemd (some of the configuration options were ignored).
Flagged for acceptance.
Regards,
Adam
Reply to: