[Pkg-clamav-devel] ClamAV. again
Steffen Joeris
steffen.joeris at skolelinux.de
Mon Sep 8 11:11:13 UTC 2008
On Sat, 6 Sep 2008 02:06:30 am Stephen Gran wrote:
> Hello all,
>
> Attached is my proposed upload for the latest round of security problems
> in clamav. It seems that CVE-2008-1389 does not apply to etch security,
> and CVE-2008-3914 only partially applies (that is, they appear to have
> added new fd leaks in versions after etch).
>
> I realize none of these are critical vulnerabilities, so if you don't
> want me to upload, that's fine. The upload is prepared if you want it.
>
> Please include the mailing list in replies.
Thanks for your work. For lenny, can we get the four issues list here[0] fixed
somehow? The diff between the lenny and the sid version is rather large, so I
guess it won't be included in lenny, but if you have the patches for the
issues filtered out, we could get it fixed via testing-security.
I'll leave the patch you've sent us to someone from stable-security.
Cheers
Steffen
[0]: http://security-tracker.debian.net/tracker/status/dtsa-candidates
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20080908/b6450a25/attachment.pgp
More information about the Pkg-clamav-devel
mailing list