This one time, at band camp, Joey Hess said: > Stephen Gran wrote: > > > iDefense discovered several vulnerabilities in ClamAV (< 0.86) allowing > > > attackers to cause a Denial of Service condition. > > > > Thanks for reporting this. I am going to track them as two seperate > > bugs, so that they can be handled seperately. > > > > Clamav was never in woody, so I am removing that tag. these bugs also > > apply to versions in sid, so I tracking it there as well. > > Is the note that it's fixed in 0.86 not correct? sid has 0.86.1 so I > thought it was no longer vulnerable.
It is definitely not fixed in any released version. I checked last night to be sure. Probably at the time iDefense was preparing their announcement, 0.86.1 had not yet released. -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
signature.asc
Description: Digital signature
