This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New ClamAV Release

Hi.
I just read, that ClamAV released a new fixed version of its virusscanner (found on heise.de). Will this be implemented in Astaro soon?
Thanks, Thorsten

This thread was automatically locked due to age.

0 Paul_M over 19 years ago

I can't read German - wish I could. What is wrong with the current version? What did they fix?
Cancel
Vote Up 0 Vote Down

Cancel
0 TOHIL over 19 years ago in reply to Paul_M

[ QUOTE ]
I can't read German - wish I could. What is wrong with the current version? What did they fix?

[/ QUOTE ]

The text says that some bugs are fix. in the release notes of clamav is just talked about some small fixes, but the debian securityteam says that this fix close some bugs wich allows an attacker to run code on the box via running clamav.
bugs are an integer overflow in the parser of pe headers. and a format-string error in the logging.both errors can abused by an manipulatet email message, wich will be scanned on virus.
Cancel
Vote Up 0 Vote Down

Cancel