* Scott Kitterman: > On Wednesday 03 December 2008 06:52, Florian Weimer wrote: >> * Scott Kitterman: >> > On Wed, 03 Dec 2008 12:39:59 +0100 Florian Weimer <[EMAIL PROTECTED]> > wrote: >> >>Your patch looks fine. Is there a CVE yet? >> > >> > As of two days ago when I put the Ubuntu change together there was not. >> >> Oh well. At least for the other bug, there's a CVE (CVE-2008-5050). >> >> What about CVE-2008-1389? > > That was in clamav 0.94. The patch is svn commit 3749 from upstream. > > I think that's on the list of ones we're looking at in Ubuntu to patch our > 0.92.1 packages. I haven't looked at Etch myself.
I think it makes sense to include this change in the current round of ClamAV patches. Michael, does this sound reasonable? _______________________________________________ Pkg-clamav-devel mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/pkg-clamav-devel
