Security vulnerability in ClamAV
Bug #66510 reported by
Guy Van Sanden
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| clamav (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
| Dapper |
Fix Released
|
High
|
Unassigned | ||
Bug Description
Binary package hint: clamav
"Multiple vulnerabilities have been fixed with the release of version 0.88.5 of the free and open-source ClamAV AntiVirus product related to the handling of PE files and the unpacking of CHM help files. The PE handling issue poses a significant risk and users of versions prior to ClamAV 0.88.5 are urged to upgrade ASAP."
This would also affect Ubuntu (Dapper) as it is still at 0.88.2.
As far as I can tell, the vulnerability allows for remote exploit, so it is quite critical to fix it.
Revision history for this message
| Nicola (nicola) wrote | #1 |
Revision history for this message
| Kees Cook (kees) wrote | #2 |
| Changed in clamav: | |
| status: | Unconfirmed → Confirmed |
Revision history for this message
| Kees Cook (kees) wrote | #3 |
| Changed in clamav: | |
| status: | Confirmed → Fix Released |
Revision history for this message
| Martin Pitt (pitti) wrote | #4 |
| Changed in clamav: | |
| importance: | Undecided → High |
| status: | Fix Released → In Progress |
Revision history for this message
| Martin Pitt (pitti) wrote | #5 |
| Changed in clamav: | |
| importance: | Undecided → High |
| status: | Unconfirmed → In Progress |
| Changed in clamav: | |
| status: | In Progress → Fix Released |
| status: | In Progress → Fix Released |
Revision history for this message
| Kees Cook (kees) wrote | #6 |
Revision history for this message
| Kees Cook (kees) wrote | #7 |
To post a comment you must log in.
Look at this bug report:
https:/
is there since July ...
seems no developer care about ...