oss-sec mailing list archives

Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details?

From: Henri Salo <henri () nerv fi>
Date: Wed, 24 Apr 2013 16:49:27 +0300

On Wed, Apr 24, 2013 at 07:59:04AM -0400, Jan Lieskovsky wrote:

Hello Felix,

  this is due the ClamAV 0.97.8 release:
  [1] http://blog.clamav.net/2013/04/clamav-0978-has-been-released.html
  [2] https://github.com/vrtadmin/clamav-devel/blob/0.97/ChangeLog
  [3] https://bugzilla.redhat.com/show_bug.cgi?id=956176
  [4] https://bugzilla.novell.com/show_bug.cgi?id=816865

Could you clarify how many and what kind of possible security issues
has been corrected within this release? (so we would know how many
CVE identifiers should be allocated to these)

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team


Information from Joel Esler. No CVEs assigned yet.

commit 270e368b99e93aa5447d46c797c92c3f9f39f375
commit 24ff855c82d3f5c62bc5788a5776cefbffce2971
commit c6870a6c857dd722dffaf6d37ae52ec259d12492
commit 3cbd8b5668bd0f262a8c00b1fd57eb03c117b00a

---
Henri Salo

Attachment: signature.asc
Description: Digital signature

Current thread:

Multiple potential security issues fixed in ClamAV 0.97.8 - any further details? Jan Lieskovsky (Apr 24)
- Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details? Henri Salo (Apr 24)
  - Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details? Kurt Seifried (Apr 24)
    - Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details? Felix Gröbert (Apr 27)
    - Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details? Kurt Seifried (Apr 29)
    - Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details? Salvatore Bonaccorso (Apr 29)
    - Re: Multiple potential security issues fixed in ClamAV 0.97.8 - any further details? Kurt Seifried (Apr 29)