This is the mail archive of the cygwin-apps mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Security advisories: clamav

From: Reini Urban <reini dot urban at gmail dot com>
To: cygwin-apps at cygwin dot com
Date: Tue, 18 Oct 2005 14:44:46 +0200
Subject: Re: Security advisories: clamav
References: <4353D3A6.904@users.sourceforge.net>

Sorry, I cannot provide an update/nor fix until 25 of October.
I'm on holidays until then.

On 10/17/05, Yaakov S (Cygwin Ports) <yselkowitz@users.sourceforge.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Clam AntiVirus is subject to vulnerabilities ranging from Denial of
> Service to execution of arbitrary code when handling compressed
> executables.  (CAN-2005-2919, CAN-2005-2920)
>
> Clam AntiVirus is also vulnerable to integer overflows when handling
> several file formats, potentially resulting in the execution of
> arbitrary code.  (CAN-2005-2450)
>
> Solution: update to 0.87.
>
> http://www.gentoo.org/security/en/glsa/glsa-200509-13.xml
> http://bugs.gentoo.org/show_bug.cgi?id=106279
> http://www.gentoo.org/security/en/glsa/glsa-200507-25.xml
> http://bugs.gentoo.org/show_bug.cgi?id=100178
> http://sourceforge.net/project/shownotes.php?release_id=356974
--
Reini Urban

References:
- Security advisories: clamav
  - From: Yaakov S (Cygwin Ports)

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]