Thanks Erik,
you always provide a great support!
Kindly Regards,
Alberto.
Erik A. Espinoza ha scritto:
New clamav is released on the main page.
Erik
On Sun, Nov 16, 2008 at 11:58 PM, David Sánchez Martín
<[EMAIL PROTECTED]> wrote:
Hi list,
For our own common interest:
http://www.securityfocus.com/bid/32207/discuss
ClamAV is prone to an off-by-one heap-based buffer-overflow vulnerability
because the application fails to perform adequate boundary checks on
user-supplied data.
Successfully exploiting this issue will allow attackers to execute
arbitrary code within the context of the affected application. Failed
exploit attempts will result in a denial-of-service condition.
Versions prior to ClamAV 0.94.1 are vulnerable.
Current clamav-toaster is 0.94, so, there's a chance we are affected by
this issue.
May be it's time to let clamav package be updated via OS updates?
Best regards,
---
David Sanchez Martin
Administrador de Sistemas
[EMAIL PROTECTED]
GPG Key ID: 0x37E7AC1F
E2000 Nuevas Tecnologías
Tel : +34 902 830500
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
