Re: clamav 0.93.1.dfsg-volatile1.1 update

To: debian-volatile@lists.debian.org
Subject: Re: clamav 0.93.1.dfsg-volatile1.1 update
From: Andreas Metzler <ametzler@downhill.at.eu.org>
Date: Sat, 16 Aug 2008 08:40:23 +0200
Message-id: <[🔎] nb9in5-vd4.ln1@argenau.downhill.at.eu.org>
References: <[🔎] 20080801105255.GA31337@edna.gwendoline.at>

Gerfried Fuchs <rhonda@deb.at> wrote:
> I took the liberty to update the clamav package for volatile. The
> reason being that there happened a security NMU two weeks ago to address
> problems which in the meantime starts to cause serious troubles for
> bigger installations on at least the provider I'm working in.

> The changelog of 0.93.1-1.1 did list the following problem:

>    - CVE-2008-2713: A crafted petite file can trigger an out-of-bound
>      read operation in petite.c resulting in a denial of sevice
>      (Closes: #490925).

> Furthermore this update addresses another CVE ID unlisted in the
> changelog according to Nico Golde, CVE-2008-3215:
> <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3215>

FWIW this still is not part of either volatile or volatile-sloppy.
cu andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

Reply to:

References:
- clamav 0.93.1.dfsg-volatile1.1 update
  - From: Gerfried Fuchs <rhonda@deb.at>

Prev by Date: clamav 0.93.1.dfsg-volatile1.1 update
Previous by thread: clamav 0.93.1.dfsg-volatile1.1 update
Index(es):
- Date
- Thread