[Pkg-clamav-devel] A few bugs that could be closed
Michael Tautschnig
mt at debian.org
Wed Apr 28 22:47:22 UTC 2010
Hi!
First of all, thanks again for taking the time to walk through all the
reports!!! Most of those I've already dealt with, just the first one I'm still
curious about.
> Please review and apply what looks good.
>
> Debian Bug report logs - #246669
> --------------------------------
> clamav-daemon: clamd protocol scan result output format is ambiguous,
> poses security risk
>
> Rationale: The "z" prefix in clamd commands addresses the reported
> issue.
>
[...]
What exactly do you mean by a "z" prefix? Have commands been renamed to, e.g.,
zSCAN? How does that fix what the user requested? It's conceivable to craft a
filename that has zSCAN in it...
Best,
Michael
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20100429/48cd733e/attachment.pgp>
More information about the Pkg-clamav-devel
mailing list