Date: Tue, 06 Apr 2010 15:03:54 -0500 From: Jamie Strandboge <jamie@...onical.com> To: oss-security <oss-security@...ts.openwall.com> Subject: ClamAV small issues FYI, not sure if these should get a CVE, but it seems that a crafted archive could bypass scanning without these commits: 158c35e81a25ea5fda55a2a7f62ea9fec2e883d9 libclamav/mspack.c: improve unpacking of malformed cabinets (bb#1826) 224fee54dd6cd8933d7007331ec2bfca0398d4b4 libclamav/mspack.c: fix Quantum decompressor (bb#1771)  http://git.clamav.net/gitweb?p=clamav-devel.git;a=log -- Jamie Strandboge | http://www.canonical.com Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.