Comment 29 for bug 365823

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package clamav - 0.95.1+dfsg-1ubuntu1.2

---------------
clamav (0.95.1+dfsg-1ubuntu1.2) jaunty-security; urgency=low

  * SECURITY UPDATE: clamav-milter.init changes current directory owner
    to user 'clamav' when run, potentially breaking ssh chroots, user's
    home directories (LP: #365823)
    - debian/clamav-milter.init: fixed pidfile chown on startup from Debian
      clamav git repo
    - debian/clamav-milter.postinst.in: added cleanup code to search for
      and restore clamav-owned directories to root and remove rogue /none
      file (LP: #363796, #363804)

 -- Imre Gergely <email address hidden> Fri, 01 May 2009 18:23:20 +0300