[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SUA 63-1] Updated clamav version

Debian Stable Updates Announcement SUA 63-1       http://www.debian.org
debian-release@lists.debian.org                         Scott Kitterman
November 27th, 2014

Package              : clamav
Version              : 0.98.5+dfsg-0+deb7u1
Importance           : high

Upstream published version 0.98.5.

This is a mostly a bug-fix release. The changes are not strictly required
for operation, but users of the previous version in Wheezy may not be
able to make use of all current virus signatures and might get warnings.

The bug fixes that are part of this release include the resolution of an
issue in clamscan, the command line anti-virus scanner included in the
package, which could lead to crashes when scanning certain files 
(CVE-2013-6497).  It also resolves an issue in libclamav which caused a
heap buffer overflow when scanning a specially crafted y0da Crypter
obfuscated PE file (CVE-2014-9050). Note that this is remotely exploitable
when ClamAV is used as a mail gateway scanner.

If you use clamav, we strongly recommend that you upgrade to this version.

Upgrade Instructions

You can get the updated packages by adding the stable-updates archive
for Wheezy to your /etc/apt/sources.list:

 deb http://ftp.debian.org/debian wheezy-updates main
 deb-src http://ftp.debian.org/debian wheezy-updates main

You can also use any of the Debian archive mirrors.  See
'http://www.debian.org/mirrors/list' for the full list of mirrors.

For further information about stable-updates, please refer to

If you encounter any issues, please don't hesitate to get in touch with
the Debian Release Team at 'debian-release@lists.debian.org'

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: