This one time, at band camp, Hendrik Weimer said: > The bug is still present in 0.88.7. Files nested deeper than > --max-mail-recursion are not scanned and there is no error returned > (exit code is 0). When using clamscan I get a warning from libclamav, > but the EICAR string still passes.
There were two bugs: ClamAV would falsely pass an oddly formatted but legitimate MIME encoding. ClamAV could potentially crash on a deeply nested MIME structure. Both of these are fixed. If you would like to open a new bug reporting that ClamAV allows viral attachments when they are nested too deeply, please do so. That was not my understanding of either of the vulnerabilities addressed in these bug reports. Of course, I would like to see a patch that allows ClamAV to efficiently scan infinitely recursively nested MIME parts, since once you set a limit, your complaint always holds - it is just a matter of depth. It could be implemented such that a message with too much recursion generates a pseudo virus tag, but there are alreasdy open bugs about other responses of that type, so I think some will dispute that logic. Take care, -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
signature.asc
Description: Digital signature
