[Pkg-clamav-devel] Bugfix for #507624 prepared
fw at deneb.enyo.de
Wed Dec 3 18:59:12 UTC 2008
* Michael Tautschnig:
>> * Scott Kitterman:
>> > On Wed, 03 Dec 2008 12:39:59 +0100 Florian Weimer <fw at deneb.enyo.de> wrote:
>> >>Your patch looks fine. Is there a CVE yet?
>> > As of two days ago when I put the Ubuntu change together there was not.
It's CVE-2008-5314 now.
>> Oh well. At least for the other bug, there's a CVE (CVE-2008-5050).
>> What about CVE-2008-1389?
> I've looked at the corresponding patch and the code
> to-be-patched. It seems like the version in etch(-security) is not
> affected, because it does not keep going if part of the parsing
> fails (which some versions in between apparently did).
Thanks, I've recorded that in the tracker.
Would you please upload an update for the two other issues to
More information about the Pkg-clamav-devel