[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 1232-1] New clamav packages fix denial of service

On Sun, Dec 10, 2006 at 01:13:29AM +0000, Stephen Gran wrote:
> This one time, at band camp, Milan P. Stanic said:
> > On Sat, Dec 09, 2006 at 03:43:33PM +0100, Moritz Muehlenhoff wrote:
> > > For the unstable distribution (sid) this problem has been fixed in
> > > version 0.86-1.
> >             ^^
> > Clamav in testing and unstable is version 0.88.6
> Yes, and the problem was fixed in version 0.86.  That was the point of
> that statement.

Shouldn't then the DSA say something like "unstable (sid) and testing
(etch) aren't vulnerable because the problem was fixed in version 0.86
already and the clamav in that two releases is version 0.88.6 which is
not vulnerable"?

As it is now it is ambiguous, at least for me.

Attachment: signature.asc
Description: Digital signature

Reply to: