*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: clamav Clamav in Jaunty (0.95.1+dfsg-1ubuntu1.2) has been patched to fix a security vulnerability. The version in Karmic (0.95.1+dfsg-2ubuntu1) ported from Unstable does not seem to be patched, and it thus should be patched ASAP. clamav (0.95.1+dfsg-1ubuntu1.2) jaunty-security; urgency=low * SECURITY UPDATE: clamav-milter.init changes current directory owner to user 'clamav' when run, potentially breaking ssh chroots, user's home directories (LP: #365823) - debian/clamav-milter.init: fixed pidfile chown on startup from Debian clamav git repo - debian/clamav-milter.postinst.in: added cleanup code to search for and restore clamav-owned directories to root and remove rogue /none file (LP: #363796, #363804) ** Affects: clamav (Ubuntu) Importance: Undecided Status: New ** This bug has been flagged as a security vulnerability -- Fix vulnerability in clamav for karmic (fixed in jaunty) https://bugs.launchpad.net/bugs/383422 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-b...@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs -- universe-bugs mailing list universe-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/universe-bugs