John Rudd wrote: > Nigel Horne wrote: > >> Roberto Ullfig wrote: >> >>> Nigel Horne wrote: >>> >>>> A vulnerability was identified by Secunia in 0.92.1 relating to the >>>> PE module. >>>> We immediately disabled this module about a month ago. Since then we >>>> have been >>>> working on, and produced, a fix which is included in 0.93. 0.93 is >>>> due for release >>>> very soon, and all users are advised to update to this release with >>>> immediate effect. >>>> 0.93RC1 does not include the fix. >>>> >>>> Regards, >>>> >>>> >>> By disabling the module do you mean to say that 0.92.1 is not >>> vulnerable? Why does CERT say otherwise? >>> >> As soon as we found out about the vulnerability we issued a "dconf" update >> to switch off the affected module, upack. All 0.92.1 users are advised to >> upgrade to 0.93 immediately. >> > > Oh, and, while we're on the subject, what about 0.88.6? is that version > vulnerable? (don't tell me to upgrade -- I haven't been able to get > newer versions to compile on Mac OS X 10.4.x) > > Just a note. When I first heard of this vulnerability I set ScanPE to no in /usr/local/etc/clamd.conf and restarted. I assume that doing this would prevent the PE scans and hence the vulnerability. Is that assumption correct?
-- Roberto Ullfig - [EMAIL PROTECTED] _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
