This bug was fixed in the package clamav - 0.99.2+dfsg-6ubuntu2
--------------- clamav (0.99.2+dfsg-6ubuntu2) artful; urgency=medium
* SECURITY UPDATE: DoS via crafted e-mail message - debian/patches/CVE-2017-6418.patch: fix invalid read in libclamav/message.c. - CVE-2017-6418 * SECURITY UPDATE: DoS via WWPack compression - debian/patches/CVE-2017-6420.patch: add bounds checks to libclamav/wwunpack.c. - debian/patches/CVE-2017-6420-2.patch: fix unit tests in libclamav/wwunpack.c, unit_tests/check_jsnorm.c. - CVE-2017-6420 * debian/patches/fix_newer_zlib.patch: fix compatibility with zlib 1.2.9 and newer (LP: #1692073).
-- Marc Deslauriers <email address hidden> Tue, 15 Aug 2017 16:04:46 -0400
This bug was fixed in the package clamav - 0.99.2+ dfsg-6ubuntu2
--------------- dfsg-6ubuntu2) artful; urgency=medium
clamav (0.99.2+
* SECURITY UPDATE: DoS via crafted e-mail message patches/ CVE-2017- 6418.patch: fix invalid read in /message. c. patches/ CVE-2017- 6420.patch: add bounds checks to /wwunpack. c. patches/ CVE-2017- 6420-2. patch: fix unit tests in /wwunpack. c, unit_tests/ check_jsnorm. c. patches/ fix_newer_ zlib.patch: fix compatibility with zlib
- debian/
libclamav
- CVE-2017-6418
* SECURITY UPDATE: DoS via WWPack compression
- debian/
libclamav
- debian/
libclamav
- CVE-2017-6420
* debian/
1.2.9 and newer (LP: #1692073).
-- Marc Deslauriers <email address hidden> Tue, 15 Aug 2017 16:04:46 -0400