Your message dated Wed, 26 Jan 2005 18:42:00 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#290250: fixed in clamav 0.80-0.81rc1-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 13 Jan 2005 07:36:09 +0000
>From [EMAIL PROTECTED] Wed Jan 12 23:36:09 2005
Return-path: <[EMAIL PROTECTED]>
Received: from 208.red-217-126-142.pooles.rima-tde.net (devmaster.w3ping.net)
[217.126.142.208]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CozWa-0001R4-00; Wed, 12 Jan 2005 23:36:09 -0800
Received: from fiol by devmaster.w3ping.net with local (Exim 4.34)
id 1CozW5-0000fi-6O; Thu, 13 Jan 2005 08:35:37 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Antonio Fiol <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: libclamav1: recursion limit not honoured
X-Mailer: reportbug 3.5
Date: Thu, 13 Jan 2005 08:35:36 +0100
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: libclamav1
Version: 0.80-7
Severity: normal
I am using clamd and using STREAM.
If I send a zip file ...
... which contains a zip file ...
... which contains a zip file ...
... which contains a zip file ...
... which contains a zip file ...
... which contains a zip file ...
... which contains a zip file ...
... which contains a zip file ...
... which contains a zip file ...
... which contains a zip file ...
... which contains a zip file ...
... which contains a zip file ...
... which finally contains eicar.com pattern,
On upstream,
clamd detects the eicar.com pattern, thus not honouring the recursion
limit.
On Debian, if I have understood the code correctly, but I have not
tested it, one gets stream: OK.
IMHO, neither is acceptable. The expected behaviour is some kind of
error notification (e.g. in the form of a virus special name).
Upstream has this fixed on CVS, but not on the stable release.
Yours sincerely,
Antonio Fiol
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.8
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Versions of packages libclamav1 depends on:
ii libbz2-1.0 1.0.2-3 high-quality block-sorting file co
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libcurl3 7.12.3-2 Multi-protocol file transfer libra
ii libgmp3 4.1.4-5 Multiprecision arithmetic library
ii libidn11 0.5.2-3 GNU libidn library, implementation
ii libssl0.9.7 0.9.7e-3 SSL shared libraries
ii zlib1g 1:1.2.2-4 compression library - runtime
-- no debconf information
---------------------------------------
Received: (at 290250-close) by bugs.debian.org; 26 Jan 2005 23:53:37 +0000
>From [EMAIL PROTECTED] Wed Jan 26 15:53:37 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Ctwye-0003SC-00; Wed, 26 Jan 2005 15:53:36 -0800
Received: from troup by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1CtwnQ-00071p-00; Wed, 26 Jan 2005 18:42:00 -0500
From: Stephen Gran <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: lisa $Revision: 1.30 $
Subject: Bug#290250: fixed in clamav 0.80-0.81rc1-1
Message-Id: <[EMAIL PROTECTED]>
Sender: James Troup <[EMAIL PROTECTED]>
Date: Wed, 26 Jan 2005 18:42:00 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 9
Source: clamav
Source-Version: 0.80-0.81rc1-1
We believe that the bug you reported is fixed in the latest version of
clamav, which is due to be installed in the Debian FTP archive:
clamav-base_0.80-0.81rc1-1_all.deb
to pool/main/c/clamav/clamav-base_0.80-0.81rc1-1_all.deb
clamav-daemon_0.80-0.81rc1-1_i386.deb
to pool/main/c/clamav/clamav-daemon_0.80-0.81rc1-1_i386.deb
clamav-docs_0.80-0.81rc1-1_all.deb
to pool/main/c/clamav/clamav-docs_0.80-0.81rc1-1_all.deb
clamav-freshclam_0.80-0.81rc1-1_i386.deb
to pool/main/c/clamav/clamav-freshclam_0.80-0.81rc1-1_i386.deb
clamav-milter_0.80-0.81rc1-1_i386.deb
to pool/main/c/clamav/clamav-milter_0.80-0.81rc1-1_i386.deb
clamav-testfiles_0.80-0.81rc1-1_all.deb
to pool/main/c/clamav/clamav-testfiles_0.80-0.81rc1-1_all.deb
clamav_0.80-0.81rc1-1.diff.gz
to pool/main/c/clamav/clamav_0.80-0.81rc1-1.diff.gz
clamav_0.80-0.81rc1-1.dsc
to pool/main/c/clamav/clamav_0.80-0.81rc1-1.dsc
clamav_0.80-0.81rc1-1_i386.deb
to pool/main/c/clamav/clamav_0.80-0.81rc1-1_i386.deb
clamav_0.80-0.81rc1.orig.tar.gz
to pool/main/c/clamav/clamav_0.80-0.81rc1.orig.tar.gz
libclamav-dev_0.80-0.81rc1-1_i386.deb
to pool/main/c/clamav/libclamav-dev_0.80-0.81rc1-1_i386.deb
libclamav1_0.80-0.81rc1-1_i386.deb
to pool/main/c/clamav/libclamav1_0.80-0.81rc1-1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Stephen Gran <[EMAIL PROTECTED]> (supplier of updated clamav package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 21 Jan 2005 00:06:33 -0500
Source: clamav
Binary: clamav libclamav-dev clamav-milter clamav-base clamav-freshclam
clamav-testfiles clamav-daemon libclamav1 clamav-docs
Architecture: source all i386
Version: 0.80-0.81rc1-1
Distribution: unstable
Urgency: medium
Maintainer: Stephen Gran <[EMAIL PROTECTED]>
Changed-By: Stephen Gran <[EMAIL PROTECTED]>
Description:
clamav - antivirus scanner for Unix
clamav-base - base package for clamav, an anti-virus utility for Unix
clamav-daemon - antivirus scanner daemon
clamav-docs - documentation package for clamav, an anti-virus utility for Unix
clamav-freshclam - downloads clamav virus databases from the Internet
clamav-milter - antivirus scanner for sendmail
clamav-testfiles - use these files to test that your Antivirus program works
libclamav-dev - clam Antivirus library development files
libclamav1 - virus scanner library
Closes: 277531 278300 283748 284072 284732 285562 288691 288762 290250 290756
Changes:
clamav (0.80-0.81rc1-1) unstable; urgency=medium
.
* New upstream version
- Fixes endless loop in VBA scan (closes: #288762)
- Fixes parsing of certain invalid MIME boundaries (closes: #277531)
- Fixes X-Virus_Scanned header (closes: #278300)
- Fixes problem with hard links in GNU tar archives (closes: #283748)
- ArchiveBlockMax now also applies to ArchiveMaxRecursion
(closes: #290250)
* urgency is medium due to fixing endless loop and ArchiveBlockMax bug -
these should go into sarge soon, if possible
* Upstream has removed the html documentation from this version, so there
are no more broken links (closes: #284072)
* Add logcheck files for freshclam (closes: #284732)
* New translation:
- fr.po (closes: #285562)
* New subdirectories of /etc/clamav/ and notes in README for run-parts style
scripts on update, error, and virusevent. Allows packagers and admins to
drop scripts in transparently, although feature is disabled by default.
(closes: #288691)
* Split out -docs package (closes: #290756)
* This gives me a chance to rename libclamav1-dev to libclamav-dev, and
totally reorganize packaging of redundant documentation (liberal usage of
dh_link, IOW)
* Properly escape hyphens in clamav-config manpage
* Lowercase all first letters of short descriptions
Files:
d3edb575a5861a791f71ca812702a0f2 880 utils optional clamav_0.80-0.81rc1-1.dsc
f38933eb64d108a9ab3f0e5d6c0a69c1 3018361 utils optional
clamav_0.80-0.81rc1.orig.tar.gz
0742d78426d4083d9e6971f8a76c5dd8 152098 utils optional
clamav_0.80-0.81rc1-1.diff.gz
8919348dbba8c1283908b3425ff39586 109726 utils optional
clamav-base_0.80-0.81rc1-1_all.deb
1363db3365ef576f4c518cf4c2f20bc5 111018 utils optional
clamav-testfiles_0.80-0.81rc1-1_all.deb
436f2b24d5a5de4bd48b7347c34a7b09 357508 utils optional
clamav-docs_0.80-0.81rc1-1_all.deb
128ba6d35bcb7438ec4ecccd3e6a788f 233374 libs optional
libclamav1_0.80-0.81rc1-1_i386.deb
d9e3a28ba7ff955acc6a284bffefc4a1 54062 utils optional
clamav_0.80-0.81rc1-1_i386.deb
e92bfdd02e2bdd194de27d965465ecf6 71572 utils optional
clamav-daemon_0.80-0.81rc1-1_i386.deb
1b4f146bf7e226b640ebca16a8736642 1717262 utils optional
clamav-freshclam_0.80-0.81rc1-1_i386.deb
4bb15cf2b1e10b1e667597b67b3937f1 34852 utils extra
clamav-milter_0.80-0.81rc1-1_i386.deb
a5b3883bbdd2c7e2a3f207702f0fcfe0 149480 libdevel optional
libclamav-dev_0.80-0.81rc1-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFB8I5uSYIMHOpZA44RAra1AJ9H+aBV7wtFsXnGN/u2Xy4DAr+jkwCeMTXG
+mIVrDAWraqn8Md5eWttjCk=
=NLDZ
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
