After further discussion, bb#1826 should probably be included: 08:30 < mdeslaur> well, it is security relevant in a clamav context 08:30 < mdeslaur> virus laden email hides in cabinet files 08:30 < mdeslaur> they make them slightly corrupted so AV scanners can't open them 08:30 < mdeslaur> this makes clamav open more corrupted cabinet files, so it can scan the files inside 08:31 < mdeslaur> so it's security relevant in a "lets less viruses go though" way 08:33 < jdstrand> will clamav reject it if it is malformed? 08:34 < mdeslaur> it depends on what the software that uses clamav does 08:34 < mdeslaur> It's usually configurable 08:36 < jdstrand> ScottK: based on mdeslaur's comments, let's include it for those people who accept attachments that can't be decompressed
-- Update for clamav security fixes from 0.96 release https://bugs.launchpad.net/bugs/553266 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to clamav in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
