-----------------------------------------------------------------------
Debian Stable Updates Announcement SUA 147-1 https://www.debian.org
debian-release@lists.debian.org Sebastian A. Siewior
October 20th, 2018
-----------------------------------------------------------------------
Package : clamav
Version : 0.100.2+dfsg-0+deb9u1
Importance : medium
ClamAV is an AntiVirus toolkit for Unix.
Upstream published version 0.100.2.
This is a mostly a bug-fix release. The changes are not strictly
required for operation, but users of the previous version in stretch
may not be able to make use of all current virus signatures and might
get warnings.
Changes since 0.100.1 currently in stretch-updates include fixes for
a security issue.
CVE-2018-15378:
A vulnerability in ClamAV's MEW unpacking feature could allow
an unauthenticated, remote attacker to cause a denial-of-service
(DoS) condition on an affected device.
If you use clamav, we recommend that you install this update.
Upgrade Instructions
--------------------
You can get the updated packages by adding the stable-updates archive
for your distribution to your /etc/apt/sources.list:
deb http://ftp.debian.org/debian stretch-updates main
deb-src http://ftp.debian.org/debian stretch-updates main
You can also use any of the Debian archive mirrors. See
https://www.debian.org/mirrors/list for the full list of mirrors.
For further information about stable-updates, please refer to
https://lists.debian.org/debian-devel-announce/2011/03/msg00010.html
If you encounter any issues, please don't hesitate to get in touch with
the Debian Release Team at debian-release@lists.debian.orgAttachment:
signature.asc
Description: This is a digitally signed message part