clamav (0.92.1~dfsg2-1.1~dapper3.3) dapper-security; urgency=low
[ Leonel Nunez ]
* SECURITY UPDATE:
* [CVE-2008-5314]: remote attack by sending a specially crafted JPEG
file
libclamav/special.c, libclamav/special.h, libclamav/scanners.c
* [CVE-2008-3912]: libclamav/mbox.c, libclamav/message.c:
out-of-memory null dereferences
* [CVE-2008-3914]: libclamav/htmlnorm.c, libclamav/others.c,
libclamav/sis.c: fd leaks
* [CVE-2008-3913]: freshclam/manager.c: memory leaks
* added 29_CVE-2008-3912.dpatch 30_CVE-2008-3913.dpatch
32_cli_check_jpeg_exploit.dpatch 31_CVE-2008-3914.dpatch
* References: LP #271546, #304017
[ Scott Kitterman ]
* SECURITY UPDATE: re-enable modules disabled due to resolved security
deficiencies:
* References: Clamav svn commit 4550, LP #317923
** Visibility changed to: Public
** Changed in: clamav (Ubuntu Dapper)
Status: Fix Committed => Fix Released
--
Clamav modules still disabled even though security issues are fixed
https://bugs.launchpad.net/bugs/317923
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
