Re: [SECURITY] [DSA 1680-1] New clamav packages fix potential code execution

To: Dominic Hargreaves <dom@earth.li>
Cc: debian-volatile@lists.debian.org, debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1680-1] New clamav packages fix potential code execution
From: Michael Tautschnig <mt@debian.org>
Date: Fri, 5 Dec 2008 11:53:49 -0800
Message-id: <[🔎] 20081205195348.GA37831@d142-058-185-060.surrey.sfu.ca>
Mail-followup-to: Michael Tautschnig <mt@debian.org>, Dominic Hargreaves <dom@earth.li>, debian-volatile@lists.debian.org, debian-security@lists.debian.org
In-reply-to: <[🔎] 20081205181504.GD1531@urchin.earth.li>
References: <87r64os5w6.fsf@mid.deneb.enyo.de> <[🔎] 20081205181504.GD1531@urchin.earth.li>

[...]
> 
> This looks like quite a serious bug (remote arbitrary code execution).
> Are there any plans for an update to volatile?
> 

The fixed version has been uploaded to volatile already and got accepted [1],
but probably is still being built!?

Best,
Michael

[1] http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/2008-November/000252.html

Attachment: pgpGvRBonUn1e.pgp
Description: PGP signature

Reply to:

References:
- Re: [SECURITY] [DSA 1680-1] New clamav packages fix potential code execution
  - From: Dominic Hargreaves <dom@earth.li>

Prev by Date: Re: [SECURITY] [DSA 1680-1] New clamav packages fix potential code execution
Next by Date: Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking
Previous by thread: Re: [SECURITY] [DSA 1680-1] New clamav packages fix potential code execution
Next by thread: Re: Security update for Debian Testing - 2008-12-06
Index(es):
- Date
- Thread