Hi Stephen, * Stephen Gran <[EMAIL PROTECTED]> [2008-04-18 18:00]: > This one time, at band camp, Nico Golde said: > > * Moritz Muehlenhoff <[EMAIL PROTECTED]> [2008-04-18 16:09]: > > > > > > Already fixed in etch and unstable (it's the issue referenced as not > > > yet having a CVE ID in the DSA). > > > > Are you sure? Looking at the source code from the unstable > > version I still see the affected lines of code: [...] > > How was this fixed? > > Arg - you may be right - I see the upack vulnerability fixed in > unstable, but it looks like I may not have gotten the wwpack > vulnerability in the patch.
Ok fine. Usually I ask for verification if I don't already know if this is fixed or not if I file a bug, I can be wrong thought ;-P > Sorry - this week has been really bad for > me (I have guests staying and I'm really busy at work, so my > concentration is a bit shot). It looks like I may also have missed it > for volatile. Damn. Happens, stable should be unfixed as well cause I used the stable diff to check for changes. > This appears to be the patch in question: > http://git.debian.org/?p=users/sgran/clamav-devel.git;a=commitdiff;h=65f47ca3711e1bc99970c5eabc0a0598dcd46f26#patch43 > > I'll apply the patch here, but I'm unlikely to be able to upload to > unstable before Monday night - I'm off for a disconnected weekend in 2 > hours, and I'm still at work. Feel free to NMU, if you like. Ok, will do that tomorrow. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpTTg81xq5np.pgp
Description: PGP signature
