Re: clamav 0.93.1.dfsg-volatile1.1 update
Gerfried Fuchs <rhonda@deb.at> wrote:
> I took the liberty to update the clamav package for volatile. The
> reason being that there happened a security NMU two weeks ago to address
> problems which in the meantime starts to cause serious troubles for
> bigger installations on at least the provider I'm working in.
> The changelog of 0.93.1-1.1 did list the following problem:
> - CVE-2008-2713: A crafted petite file can trigger an out-of-bound
> read operation in petite.c resulting in a denial of sevice
> (Closes: #490925).
> Furthermore this update addresses another CVE ID unlisted in the
> changelog according to Nico Golde, CVE-2008-3215:
> <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3215>
FWIW this still is not part of either volatile or volatile-sloppy.
cu andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
Reply to: