Binary package hint: clamav
Not in Debian yet. From the upstream changelog:
V 0.90.2
* Bugfixes:
- libclamav/chmunpack.c: fix fd leak in chm_decompress_stream
(CVE-2007-1745)
- libclamav/cab.c: fix buffer overflow, reported through iDefense
Vulnerability Contributor Program (CVE-2007-1997)
- shared/cfgparser.c: multiple Clamuko*Path were not being handled properly
(bb#420)
- shared/misc.c: minor fixes to daemonize() (bb#319), thanks to Reinhard Max
- clamconf, clamdscan: add -I$(top_srcdir) to Makefile.am (bb#404)
- freshclam/manager.c: fix log message (bb#411)
- freshclam: release dbdir write-lock before notifying clamd (bb#401)
- freshclam/manager.c: fix error handling in --no-dns mode (bb#418)
- freshclam/manager.c: close and re-open client socket for each connect
attempt (bb#413), patch from Andy Fiddaman
- freshclam/mirman.c: fix --list-mirrors on Solaris/64 (bb#414),
thanks to Andy Fiddaman
- configure.in: use -lthr instead of -pthread on FreeBSD 6.x
- libclamav/pdf.c: Fix fd leak on empty objects. Scan in user memory
- libclamav/pdf.c: When flatedecoder fails point out that the encoder
was to blame for getting the length wrong, not clamAV
- libclamav/lockdb.c: fix fd leak on EACCES/EAGAIN (bb#400)
- libclamav: improve backward compatibility (bb#393)
- libclamav/matcher-ac.c: fix incorrect calculation of maxshift in some
cases (bb#390)
- contrib/entitynorm/: fix entity list generator to support more entities,
including & (bb #391)
- libclamav/entitylist.h: new entitylist generated using
contrib/entitynorm/generate_entitylist (bb #391)
- libclamav/mbox.c: Include the clamAV version in the HTTP request
- libclamav/htmlnorm.c: ampersands were missed in URLs. (bb #377)
- libclamav/htmlnorm.c: Better handling for empty charset in meta tag.
- libclamav/mbox.c: Fix bug 255 and 402
diffstat