[Pkg-clamav-devel] libmspack / clamav issue in Wheezy

Hi, CVE-2017-11423 has been reported against libmspack. Clamav in Wheezy is affected because it bundles the libmspack library. Clamav upstream fixed it via https://github.com/vrtadmin/clamav-devel/commit/ffa31264a657618a0e40c51c01e4bfc32e244d13

Re: [Pkg-clamav-devel] Bug#868956: libmspack: CVE-2017-11423

On 2017-07-23 16:52:16 [+0100], Stuart Caie wrote: > Hello, Hi Stuart, > https://github.com/kyz/libmspack/commit/3e3436af6010ac245d7a390c6798e2b81ce09191 > > 2015-05-10 Stuart Caie > > * cabd_read_string(): correct rejection of empty strings. Thanks to > > Hanno Böck for