CVE-2016-1371 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1371): ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable.
@Maintainers could you please keep in mind to remove versions before 0.99.2 after bug 619302 is closed? Thank you
all stable arches complete. @maintainer(s), please cleanup the vulnerable versions.
(In reply to Aaron Bauman from comment #2) > all stable arches complete. > > @maintainer(s), please cleanup the vulnerable versions. Stabilization is complete for newer 0.99.2-r1 that is.
Tree is clean: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aa01111921a913485ee84f1496c9d8293ef0bdba