Re: Addressing the recent zlib issue
* Florian Weimer:
> Is anybody looking at this problem in a systematic manner, or should I
> just file bugs on the more likely candidates for a security update
> (dpkg and zysnc, based on the list above and assuming that 1.1 is
> indeed not affected).
In the meantime, I've created Clamav signatures for detecting
potentially vulnerable copies of zlib, based on data provided by Mark
Adler:
http://www.enyo.de/fw/security/zlib-fingerprint/
If you've got a reasonable complete copy of the Debian package pool
and you are willing to run Clamav across it, please respond to this
message.
Reply to: