On Wednesday 03 December 2008 06:39, Florian Weimer wrote: > * Michael Tautschnig: > >> * Michael Tautschnig: > >> > The attached patch provides a fix for etch-security. It does, > >> > however, not include the previously sent patch for #505134. We could > >> > upload a package containing both bugfixes at any time. If you prefer > >> > to only include one of those, this is also prepared easily. > >> > >> Does the package in etch still work with current signature databases? > >> (I've recently seen a report to the contrary.) > > > > I don't think that there are any incompatibilities introduced in > > post-etch versions, even though the version in etch may be unable to make > > use of all of the features in current signature databases. > > I've just checked, and freshclam runs just fine (for some values of > "fine", of course, given that some signatures are ignored). Looks > like the report was wrong. Sorry for the noise. > > Your patch looks fine. Is there a CVE yet?
I'm told the jpeg recursion issue got CVE-2008-5314. Scott K _______________________________________________ Pkg-clamav-devel mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/pkg-clamav-devel
