Bug#911186: stretch-pu: package clamav/0.100.1+dfsg-0+deb9u1

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Cc: 911186@bugs.debian.org
Subject: Bug#911186: stretch-pu: package clamav/0.100.1+dfsg-0+deb9u1
From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date: Sat, 20 Oct 2018 11:52:59 +0200
Message-id: <[🔎] 20181020095258.bg57c2rzbfzv5qyi@breakpoint.cc>
Reply-to: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>, 911186@bugs.debian.org
In-reply-to: <[🔎] 1540028526.3141.36.camel@adam-barratt.org.uk>
References: <[🔎] 20181016222619.uug5iolwqrrccy7f@breakpoint.cc> <[🔎] 1540028526.3141.36.camel@adam-barratt.org.uk> <[🔎] 20181016222619.uug5iolwqrrccy7f@breakpoint.cc>

On 2018-10-20 10:42:06 [+0100], Adam D. Barratt wrote:
> On Wed, 2018-10-17 at 00:26 +0200, Sebastian Andrzej Siewior wrote:
> > clamav upstream published a new version which contains security
> > relevant bug fixes, one of them has CVE-2018-15378 assigned.
> 
> Is the expectation that this would be pushed via -updates?

Yes, please.

CVE-2018-15378

	Vulnerability in ClamAV's MEW unpacking feature that could allow an
	unauthenticated, remote attacker to cause a denial-of-service (DoS)
	condition on an affected device.

> Regards,
> 
> Adam

Sebastian

Reply to:

References:
- Bug#911186: stretch-pu: package clamav/0.100.1+dfsg-0+deb9u1
  - From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
- Bug#911186: stretch-pu: package clamav/0.100.1+dfsg-0+deb9u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Processed: libgd2 2.2.4-2+deb9u3 flagged for acceptance
Next by Date: NEW changes in stable-new
Previous by thread: Bug#911186: stretch-pu: package clamav/0.100.1+dfsg-0+deb9u1
Next by thread: Processed: clamav 0.100.2+dfsg-0+deb9u1 flagged for acceptance
Index(es):
- Date
- Thread