Thanks Erik, really fast as allways, List, please, update ASAP (i'll do it in next maintenance window) with this new package.
Regards, -----Mensaje original----- De: Alberto Guzzetti [mailto:[EMAIL PROTECTED] Enviado el: lunes, 17 de noviembre de 2008 10:35 Para: qmailtoaster-list@qmailtoaster.com Asunto: Re: [qmailtoaster] (another) Vulnerability in clamav Thanks Erik, you always provide a great support! Kindly Regards, Alberto. Erik A. Espinoza ha scritto: > New clamav is released on the main page. > > Erik > > On Sun, Nov 16, 2008 at 11:58 PM, David Sánchez Martín > <[EMAIL PROTECTED]> wrote: > >> Hi list, >> >> For our own common interest: >> >> http://www.securityfocus.com/bid/32207/discuss >> >> >> ClamAV is prone to an off-by-one heap-based buffer-overflow vulnerability >> because the application fails to perform adequate boundary checks on >> user-supplied data. >> >> Successfully exploiting this issue will allow attackers to execute >> arbitrary code within the context of the affected application. Failed >> exploit attempts will result in a denial-of-service condition. >> >> Versions prior to ClamAV 0.94.1 are vulnerable. >> >> Current clamav-toaster is 0.94, so, there's a chance we are affected by >> this issue. >> >> May be it's time to let clamav package be updated via OS updates? >> >> >> Best regards, >> >> --- >> David Sanchez Martin >> Administrador de Sistemas >> [EMAIL PROTECTED] >> GPG Key ID: 0x37E7AC1F >> >> E2000 Nuevas Tecnologías >> Tel : +34 902 830500 >> >> >> >> > > --------------------------------------------------------------------- > QmailToaster hosted by: VR Hosted <http://www.vr.org> > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- QmailToaster hosted by: VR Hosted <http://www.vr.org> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
smime.p7s
Description: S/MIME cryptographic signature
