pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

pkg_admin audit: false alarm for clamav-0.99.2 (CVE-2016-1405)?

perhaps another one, but the situation is less clear this time:

    Package clamav-0.99.2nb3 has a denial-of-service vulnerability, see

This CVE is not mentioned in the changelogs for 0.99.2, but at least
Ubuntu claims that they fixed it by upgrading to upstream 0.99.2 (from

But they don't seem to know for sure what exactly caused/fixed the
vulnerability ("still no details as to what the fix is as of

Does anybody know for sure?


Home | Main Index | Thread Index | Old Index