Hi,
CVE-2017-11423 has been reported against libmspack. Clamav in Wheezy is
affected because it bundles the libmspack library. Clamav upstream fixed
it via
https://github.com/vrtadmin/clamav-devel/commit/ffa31264a657618a0e40c51c01e4bfc32e244d13
On 2017-07-23 16:52:16 [+0100], Stuart Caie wrote:
> Hello,
Hi Stuart,
> https://github.com/kyz/libmspack/commit/3e3436af6010ac245d7a390c6798e2b81ce09191
> > 2015-05-10 Stuart Caie
> > * cabd_read_string(): correct rejection of empty strings. Thanks to
> > Hanno Böck for