-
Committer:
Bazaar Package Importer
-
Author(s):
Scott Kitterman, Leonel Nunez, Scott Kitterman
-
Date:
2009-01-18 00:13:25 UTC
-
Revision ID:
james.westby@ubuntu.com-20090118001325-fto7nrgbc5nrjvcu
Tags: 0.92.1~dfsg2-1.1~dapper3.3
[ Leonel Nunez ]
* SECURITY UPDATE:
* [CVE-2008-5314]: remote attack by sending a specially crafted JPEG
file
libclamav/special.c, libclamav/special.h, libclamav/scanners.c
* [CVE-2008-3912]: libclamav/mbox.c, libclamav/message.c:
out-of-memory null dereferences
* [CVE-2008-3914]: libclamav/htmlnorm.c, libclamav/others.c,
libclamav/sis.c: fd leaks
* [CVE-2008-3913]: freshclam/manager.c: memory leaks
* added 29_CVE-2008-3912.dpatch 30_CVE-2008-3913.dpatch
32_cli_check_jpeg_exploit.dpatch 31_CVE-2008-3914.dpatch
* References: LP #271546, #304017
[ Scott Kitterman ]
* SECURITY UPDATE: re-enable modules disabled due to resolved security
deficiencies:
* References: Clamav svn commit 4550, LP #317923