Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 17 Jun 2008 11:55:10 +0300
From: Eren Türkay <>
Subject: Re: CVE id request: Clamav

On 17 Jun 2008 Tue 10:38:13 Eren Türkay wrote:
>   * libclamav/mbox.c, shared/network.c: prevent uninitialized use of
> hostent structure (bb #1003).
> The bug entry says that after zip file's arriving at clamd, it suddenly
> dies and nothing can be retrieved thereafter. Clamav developer also
> comfirms that this happens when MailFollowURLs is enabled.


I talked to Edwin on #clamav channel. He says this is a rare-case and he 
thinks that it's a vulnerability rather than a security flaw.

Edwin, could you please inform us about important vulnerabilities/security 
flaws fixed in 0.93.1?

My best regards,

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.