CVSROOT: /cvs
Module name: ports
Changes by: st...@cvs.openbsd.org 2011/10/18 12:48:39
Modified files:
security/clamav: Makefile distinfo
Log message:
update to clamav 0.97.3.
in typical clamav tradition, release notes say "ClamAV 0.97.3 is a
minor bugfix release and is recommended for all users", secunia says:
A vulnerability has been reported in ClamAV, which can be exploited by
malicious people to cause a DoS (Denial of Service) and potentially
compromise a vulnerable system.
The vulnerability is caused due to errors related to the handling of
recursion levels within the "cli_bcapi_extract_new()"
(libclamav/bytecode_api.c) and "cli_bytecode_runhook()"
(libclamav/bytecode.c) functions, which can be exploited to e.g. cause
a crash via specially crafted files.
