Clam AntiVirus RFC2397 Bypass Weakness
SECUNIA ADVISORY ID:
Clam AntiVirus (clamav) 0.x
The vendor has acknowledged a weakness in Clam AntiVirus, which
allows malware to bypass detection.
For more information:
This has been reported to affect Clam AntiVirus. Other versions may
also be affected.
This has been fixed in CVS.
Do not rely solely on gateway / perimeter security.
Apply patches to fix vulnerabilities in client software and apply
other defence in depth measures.
PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.
net-mail, antivirus please advise.
A new clamav version should be released with the fix, so better wait.
Ebuild for 0.81 in CVS.
Arches please test and mark stable.
Stable on x86. Added dependency on fixed zlib version (bug #61749), as suggested by jaervosz.
Ticho: you lack a DEPEND for USE="milter", so if sendmail isn't around it won't compile because libmilter is missing (dunno if there's another provider for it).
Anyway, sparc stable, since it's just a minor compile fix.
Yes, I noticed it earlier today when I tried to compile with +milter. I decided to leave it be for now, because I couldn't think of a way to check for sendmail installed with milter flag. This will probably be best solved by issuing an einfo/ewarn message in pkg_setup().
stable on amd64
Stable on ppc.
Stable on alpha.
ia64 should test and mark stable too.
hppa and ia64 please remember to mark stable to benifit from the GLSA.
ebuild no longer in portage.