oss-sec mailing list archives
Re: request for CVE: clamav 0.94 release
From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 4 Sep 2008 12:44:44 -0400 (EDT)
On Wed, 3 Sep 2008, Marcus Meissner wrote:
The full changelog has those apparent security related entries: * fix out-of-memory null dereferenc (bb#1141)
Use CVE-2008-3912, to be filled in later. I have mixed opinions on out-of-memory null dereferences, though in security software it seems reasonable to flag it.
* fix possible invalid memory access (bb#1089)
CVE-2008-1389 as mentioned by Hanno.
* fix error path memleaks and fd leaks (bb#1141)
Use CVE-2008-3913 for the memory leak. Use CVE-2008-3914 for the fd leak. - Steve
Current thread:
- request for CVE: clamav 0.94 release Marcus Meissner (Sep 03)
- Re: request for CVE: clamav 0.94 release Hanno Böck (Sep 04)
- Re: request for CVE: clamav 0.94 release Steven M. Christey (Sep 04)