CVE-2016-1372 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1372): ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file.
@ Maintainer(s): Can you please rev bump and add the patch for bug 623534 so we can handle stabilization together?
0.99.2-r1 is stable now. @maintainer(s), please clean the vulnerable versions.
Sorry, cleanup will be tracked in bug 636212.