oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: clamav 0.97

From: Josh Bressers <bressers () redhat com>
Date: Mon, 21 Feb 2011 14:32:12 -0500 (EST)
----- Original Message -----

A new clamav version is out and as usual, they don't mention if it's
security-relevant.

Though from the changelog
http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97

at least this sounds like security:
* libclamav/vba_extract.c: fix error path double free (bb#2486)



The details here are pretty slim:
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2486

But since it's been reqeusted, let's use CVE-2011-1003.

Thanks.

-- 
    JB
Previous By Date Next
Previous By Thread Next

Current thread: