CVSROOT: /cvs
Module name: ports
Changes by: [EMAIL PROTECTED] 2008/09/14 09:00:43
Modified files:
security/clamav: Makefile distinfo
security/clamav/patches: patch-clamav_milter-clamav_milter_c
patch-clamd_Makefile_in
patch-database_Makefile_in
patch-etc-clamd_conf
patch-etc_Makefile_in
patch-libclamav_Makefile_in
patch-libclamav_str_c
Added files:
security/clamav: systrace.filter
Removed files:
security/clamav/patches: patch-clamd_clamd_c
patch-clamd_scanner_c
patch-clamd_scanner_h
patch-clamd_session_c
patch-clamd_session_h
patch-clamdscan_client_c
patch-configure
Log message:
SECURITY and other bug fixes.
- A vulnerability in ClamAV's chm-parser allowed remote attackers to
cause a denial of service (application crash) via a malformed CHM file
(CVE-2008-1389).
- A vulnerability in libclamav would allow attackers to cause a
denial of service via vectors related to an out-of-memory condition
(CVE-2008-3912).
- Multiple memory leaks were found in ClamAV that could possibly allow
attackers to cause a denial of service via excessive memory consumption
(CVE-2008-3913).
- A number of unspecified vulnerabilities in ClamAV were reported that
have an unknown impact and attack vectors related to file descriptor
leaks (CVE-2008-3914).
various OpenBSD patches rolled in upstream. thanks to sturm@
for looking over systrace.filter (needed for the test of sendmsg()
in configure to enable FD passing).
