-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------------- Debian Volatile Update Announcement VUA 7-1 http://volatile.debian.net [EMAIL PROTECTED] Martin Zobel-Helas November 07th, 2005 - ---------------------------------------------------------------------------
Package : clamav Version : 0.87.1-0volatile.3 Importance : high CVE IDs : CVE-2005-3239 CVE-2005-3303 CVE-2005-3500 CVE-2005-3501 The following security flaws were found and fixed in clamav: CVE-2005-3239 : Possible loop in ole2_extract in parsing the property tree CVE-2005-3303 : Heap overflow in ClamAV's FSG module CVE-2005-3500 : DoS in CAB parsing CVE-2005-3501 : DoS in mspack parsing For sarge, an updated clamav package is available in sarge/volatile as version 0.87.1-0volatile.3. We recommend that you update your system. Upgrade Instructions - - -------------------- You can get the updated packages at http://volatile.debian.net/debian-volatile/pool/volatile/main/c/clamav/ and install them with dpkg, or add deb http://volatile.debian.net/debian-volatile sarge/volatile main deb-src http://volatile.debian.net/debian-volatile sarge/volatile main to your /etc/apt/sources.list. You can also use any of our mirrors. Please see http://volatile.debian.net/mirrors.html for the full list of mirrors. The archive signing key can be downloaded from http://volatile.debian.net/ziyi-2005.asc For further information about debian-volatile, please refer to http://volatile.debian.net/. If there are any issues, please don't hesitate to get in touch with the volatile team. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFDbvS4ST77jl1k+HARApJ7AJ9UrmtfNtxFlhyTuvfnGKC9s+BmxwCfThMn 4h3mQ5G3dj3hDt1tm1qdmLI= =TZLM -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
