Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 22 Apr 2009 17:43:35 +0200
From: Marcus Meissner <meissner@...e.de>
To: oss-security@...ts.openwall.com, coley@...re.org
Subject: Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive

Stephen,

These two clamav 0.95.1 issues still need CVEs I think.

On Thu, Apr 09, 2009 at 12:15:54PM +0200, Tomas Hoger wrote:
> On Tue, 7 Apr 2009 14:08:15 +0200 Thomas Biege <thomas@...e.de> wrote:
> 
> > These two bugs possibly need a CVE-ID.
> 
> Upstream 0.95.1 seems to fix at least 2 other issues that may be of
> interest:
> 
> https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1552
> https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1553
> 
> svn diff -c 5032 http://svn.clamav.net/svn/clamav-devel/
> 
> -- 
> Tomas Hoger / Red Hat Security Response Team

-- 
Working, but not speaking, for the following german company:
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.