Date: Mon, 21 Feb 2011 14:32:12 -0500 (EST) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: coley <coley@...re.org> Subject: Re: clamav 0.97 ----- Original Message ----- > A new clamav version is out and as usual, they don't mention if it's > security-relevant. > > Though from the changelog > http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97 > > at least this sounds like security: > * libclamav/vba_extract.c: fix error path double free (bb#2486) > The details here are pretty slim: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2486 But since it's been reqeusted, let's use CVE-2011-1003. Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ