----------------------------------------------------------------------- Debian Stable Updates Announcement SUA 63-1 http://www.debian.org debian-release@lists.debian.org Scott Kitterman November 27th, 2014 ----------------------------------------------------------------------- Package : clamav Version : 0.98.5+dfsg-0+deb7u1 Importance : high Upstream published version 0.98.5. This is a mostly a bug-fix release. The changes are not strictly required for operation, but users of the previous version in Wheezy may not be able to make use of all current virus signatures and might get warnings. The bug fixes that are part of this release include the resolution of an issue in clamscan, the command line anti-virus scanner included in the package, which could lead to crashes when scanning certain files (CVE-2013-6497). It also resolves an issue in libclamav which caused a heap buffer overflow when scanning a specially crafted y0da Crypter obfuscated PE file (CVE-2014-9050). Note that this is remotely exploitable when ClamAV is used as a mail gateway scanner. If you use clamav, we strongly recommend that you upgrade to this version. Upgrade Instructions -------------------- You can get the updated packages by adding the stable-updates archive for Wheezy to your /etc/apt/sources.list: deb http://ftp.debian.org/debian wheezy-updates main deb-src http://ftp.debian.org/debian wheezy-updates main You can also use any of the Debian archive mirrors. See 'http://www.debian.org/mirrors/list' for the full list of mirrors. For further information about stable-updates, please refer to http://lists.debian.org/debian-devel-announce/2011/03/msg00010.html If you encounter any issues, please don't hesitate to get in touch with the Debian Release Team at 'debian-release@lists.debian.org'
Attachment:
signature.asc
Description: This is a digitally signed message part