Sync'ed for Hardy. More issues than just the one initially described:
clamav (0.92.1~dfsg2-1) unstable; urgency=high
.
* libclamav/pe.c: possible integer overflow in wwpack
* [CVE-2008-1100]: libclamav/pe.c: possible integer overflow in upack
* [CVE-2008-1387]: libclamav/spin.c: possible integer overflow
* libclamav/unarj.c: DoS in unarj
** Changed in: clamav (Ubuntu)
Importance: Undecided => Medium
Status: Fix Committed => Fix Released
** Changed in: clamav (Ubuntu Dapper)
Assignee: (unassigned) => Scott Kitterman (kitterman)
Status: New => In Progress
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1387
--
ClamAV Upack Processing Buffer Overflow Vulnerability
https://bugs.launchpad.net/bugs/217256
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
