On 2018-10-20 10:42:06 [+0100], Adam D. Barratt wrote:
> On Wed, 2018-10-17 at 00:26 +0200, Sebastian Andrzej Siewior wrote:
> > clamav upstream published a new version which contains security
> > relevant bug fixes, one of them has CVE-2018-15378 assigned.
>
> Is the expectation that this would be pushed via -updates?
Yes, please.
CVE-2018-15378
Vulnerability in ClamAV's MEW unpacking feature that could allow an
unauthenticated, remote attacker to cause a denial-of-service (DoS)
condition on an affected device.
> Regards,
>
> Adam
Sebastian
