Hosting Provided By

Re: [SECURITY] [DSA 1435-1] New clamav packages fix several vulnerabilities

From: Dominic Hargreaves <dom(at)earth.li>
Date: Wed Dec 19 2007 - 14:00:53 EST

On Wed, Dec 19, 2007 at 06:38:04PM +0100, Moritz Muehlenhoff wrote:

> Package : clamav
> Vulnerability : several
> Problem type : remote
> Debian-specific: no
> CVE Id(s) : CVE-2007-6335 CVE-2007-6336

> The old stable distribution (sarge) is not affected by these problems.
> However, since the clamav version from Sarge cannot process all current
> Clam malware signatures any longer, support for the ClamAV in Sarge is
> now discontinued. We recommend to upgrade the the stable distribution
> or run a backport of the stable version.

Are there any updates planned for sarge in volatile.debian.org?

Thanks,

Dominic.

-- 
Dominic Hargreaves | 
http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)


-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Received on Wed Dec 19 14:02:20 2007

This message: [ Message body ]
Next message: paddy(at)panici.net: "Re: Bug#439335: CVE-2007-4131: GNU tar Directory Traversal"
Previous message: Moritz Muehlenhoff: "Re: PCI vulnerability scan - PHP4 on Sarge"
Next in thread: Stephen Gran: "Re: [SECURITY] [DSA 1435-1] New clamav packages fix several vulnerabilities"
Reply: Stephen Gran: "Re: [SECURITY] [DSA 1435-1] New clamav packages fix several vulnerabilities"
Maybe reply: José Ildefonso Camargo Tolosa: "Re: [SECURITY] [DSA 1435-1] New clamav packages fix several vulnerabilities"
Reply: Jim Popovitch: "new updates, no recent DSAs.... Hmmmm"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 06:54:37 EDT