[Pkg-clamav-devel] Bugfix for #507624 prepared
Florian Weimer
fw at deneb.enyo.de
Wed Dec 3 12:50:40 UTC 2008
* Scott Kitterman:
> On Wednesday 03 December 2008 06:52, Florian Weimer wrote:
>> * Scott Kitterman:
>> > On Wed, 03 Dec 2008 12:39:59 +0100 Florian Weimer <fw at deneb.enyo.de>
> wrote:
>> >>Your patch looks fine. Is there a CVE yet?
>> >
>> > As of two days ago when I put the Ubuntu change together there was not.
>>
>> Oh well. At least for the other bug, there's a CVE (CVE-2008-5050).
>>
>> What about CVE-2008-1389?
>
> That was in clamav 0.94. The patch is svn commit 3749 from upstream.
>
> I think that's on the list of ones we're looking at in Ubuntu to patch our
> 0.92.1 packages. I haven't looked at Etch myself.
I think it makes sense to include this change in the current round of
ClamAV patches.
Michael, does this sound reasonable?
More information about the Pkg-clamav-devel
mailing list