Summary: | <app-antivirus/clamav-0.95.2 CAB,RAR,ZIP parsing engine error | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | antivirus, net-mail+disabled |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Stefan Behte (RETIRED)
2009-06-17 14:10:59 UTC
We usually don't consider virus scanning bypasses as security issues, but the cab issue sounds like it could lead to DoS or even a buffer overflow - I just brought this up on oss-security. 0.95.2 is in CVS. Candidate for stabilization: =app-antivirus/clamav-0.95.2 Net-mail, Antivirus: is it ok to stabilize now? (In reply to comment #3) > Net-mail, Antivirus: is it ok to stabilize now? > I'd say: yes. Arches, please test and mark stable: =app-antivirus/clamav-0.95.2 Target keywords : "alpha amd64 hppa ia64 ppc ppc64 sparc x86" Stable for HPPA. alpha/ia64/sparc/x86 stable amd64 stable ppc64 done ppc done vote: NO No, closing. |