[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#904199: stretch-pu: package clamav/ 0.100.0+dfsg-0+deb9u2



On Sat, 2018-07-21 at 15:02 +0200, Sebastian Andrzej Siewior wrote:
> clamav upstream published a new version which contains security
> relevant bug fixes, two of them have a CVE number assigned:
> 
> CVE-2018-0360
> 	HWP integer overflow, infinite loop vulnerability. Reported by
> Secunia
> 	Research at Flexera.
> 
> CVE-2018-0361
> 	ClamAV PDF object length check, unreasonably long time to parse
> 	relatively small file. Reported by aCaB.

Was the intent that the package would be pushed via -updates?

Regards,

Adam


Reply to: