* Michael Tautschnig: >> * Scott Kitterman: >> >> > On Wed, 03 Dec 2008 12:39:59 +0100 Florian Weimer <[EMAIL PROTECTED]> >> > wrote: >> > >> >>Your patch looks fine. Is there a CVE yet? >> > >> > As of two days ago when I put the Ubuntu change together there was not.
It's CVE-2008-5314 now. >> Oh well. At least for the other bug, there's a CVE (CVE-2008-5050). >> >> What about CVE-2008-1389? >> > > I've looked at the corresponding patch and the code > to-be-patched. It seems like the version in etch(-security) is not > affected, because it does not keep going if part of the parsing > fails (which some versions in between apparently did). Thanks, I've recorded that in the tracker. Would you please upload an update for the two other issues to stable-security? Thanks. _______________________________________________ Pkg-clamav-devel mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/pkg-clamav-devel
