http://blog.zoller.lu/2009/05/advisory-clamav-generic-bypass.html Changelog: Wed Jun 10 18:04:53 CEST 2009 (tk) ---------------------------------- * libclamav: detect and handle archives hidden inside other files (eg. images), which can be unpacked by WinZip, WinRAR and other tools (bb#1554) Reported by ROGER Mickael and Thierry Zoller Wed Jun 10 18:02:31 CEST 2009 (tk) ---------------------------------- * libclamav/mspack.c, cab.c: don't rely on file sizes stored in CAB headers (bb#1562) Reported by Thierry*Zoller <Thierry*Zoller.lu> Wed Jun 10 17:58:47 CEST 2009 (acab) ------------------------------------ * libclamunrar/unrarvm.c: fix handling of some broken rar files
We usually don't consider virus scanning bypasses as security issues, but the cab issue sounds like it could lead to DoS or even a buffer overflow - I just brought this up on oss-security.
0.95.2 is in CVS. Candidate for stabilization: =app-antivirus/clamav-0.95.2
Net-mail, Antivirus: is it ok to stabilize now?
(In reply to comment #3) > Net-mail, Antivirus: is it ok to stabilize now? > I'd say: yes.
Arches, please test and mark stable: =app-antivirus/clamav-0.95.2 Target keywords : "alpha amd64 hppa ia64 ppc ppc64 sparc x86"
Stable for HPPA.
alpha/ia64/sparc/x86 stable
amd64 stable
ppc64 done
ppc done
vote: NO
No, closing.