CVE-2007-6029 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6029): Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary code via a crafted e-mail message. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
Not much we can do right now, but we should keep an eye.
0.92 has been released and is in the tree - dont know if this is fixed by it though...
0.92 is pretty much stable across the board see also bug #207231 and http://packages.gentoo.org/package/app-antivirus/clamav
If no one objects, I'll close this bug in 2 days. Since no one publicly stated details of the sold vulnerability, this is either a dupe of an already fixed bug, or it will be in the future.
closing.
