I agree, they are quite old, I'm mostly curious for posterity's sake. It seems
strange that two separate CVEs with very little detail. The fix commit is
public, looks to be an out of bounds read, just wanted to know if these two
CVEs should be considered as related to the same underlying vulnera
More sync delays (which our new curl pretest scheme mitigates).
First, a 2 hour 15 minute delay:
-- Wednesday 11 July 2018 at 01:03:01
--
/opt/clamav/bin/testclam-external
--> EXT D 24741/24742/24741 B 324/324/324 M 58/58/58
# 4 mor
It is very solid. We are using *all* of their regions. As a result of this,
we've been able to pin point that there are only a couple countries, *in the
world* that *don't* use ClamAV. It's very impressive.
On Jul 10, 2018, at 10:13 PM, Eric Tykwinski
mailto:eric-l...@truenet.com>> wrote:
On 7/11/2018 2:33 PM, Joel Esler (jesler) wrote:
> It is very solid. We are using *all* of their regions. As a result
> of this, we've been able to pin point that there are only a couple
> countries, *in the world* that *don't* use ClamAV. It's very impressive.
Interesting. Any chance you have
[cid:5D12CA40-9AC5-4A67-8169-BAD1535C8B23@vrt.sourcefire.com]
On Jul 11, 2018, at 2:46 PM, Kevin A. McGrail
mailto:kmcgr...@pccc.com>> wrote:
On 7/11/2018 2:33 PM, Joel Esler (jesler) wrote:
It is very solid. We are using *all* of their regions. As a result
of this, we've been able to pin po
Hi Garrett,
Sorry about the delay, I've just marked each of the 3 requested bugzilla
reports as publicly viewable so you find your answers.
Our general policy is to make vulnerability-type tickets public after a version
is released. That said, we usually keep PoC's and in-depth details about
