CVSROOT: /cvs Module name: ports Changes by: st...@cvs.openbsd.org 2011/10/18 12:48:39
Modified files: security/clamav: Makefile distinfo Log message: update to clamav 0.97.3. in typical clamav tradition, release notes say "ClamAV 0.97.3 is a minor bugfix release and is recommended for all users", secunia says: A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to errors related to the handling of recursion levels within the "cli_bcapi_extract_new()" (libclamav/bytecode_api.c) and "cli_bytecode_runhook()" (libclamav/bytecode.c) functions, which can be exploited to e.g. cause a crash via specially crafted files.