Debian
clamav package

clamav 0.98.7+dfsg-0+deb7u1 source package in Debian

Changelog

clamav (0.98.7+dfsg-0+deb7u1) oldstable; urgency=high

  [ Andreas Cadhalpun ]
  * Fix variable name mismatch in clamav-milter.postinst in order to
    make preseeding work correctly. (Closes: #778445)
  * Drop 'XS-Testsuite: autopkgtest' from debian/control.
    Debhelper automatically adds the Testsuite field.
    This fixes the lintian warning xs-testsuite-header-in-debian-control.
  * Fix cleanup on purge in clamav-base.postrm.

  [ Sebastian Andrzej Siewior ]
  * Replace ” with " in debian/common_functions (Closes: #781088)
  * Import new upstream:
    - Improvements to PDF processing: decryption, escape sequence
      handling, and file property collection.
    - Scanning/analysis of additional Microsoft Office 2003 XML format.
    - Fix infinite loop condition on crafted y0da cryptor file. Identified
      and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221.
    - Fix crash on crafted petite packed file. Reported and patch
      supplied by Sebastian Andrzej Siewior. CVE-2015-2222.
    - Fix false negatives on files within iso9660 containers. This issue
      was reported by Minzhuan Gong.
    - Fix a couple crashes on crafted upack packed file. Identified and
      patches supplied by Sebastian Andrzej Siewior.
    - Fix a crash during algorithmic detection on crafted PE file.
      Identified and patch supplied by Sebastian Andrzej Siewior.
    - Fix an infinite loop condition on a crafted "xz" archive file.
      This was reported by Dimitri Kirchner and Goulven Guiheux.
      CVE-2015-2668.
    - Fix compilation error after ./configure --disable-pthreads.
      Reported and fix suggested by John E. Krokes.
    - Apply upstream patch for possible heap overflow in Henry Spencer's
      regex library. CVE-2015-2305 (Closes: #778406).
    - Fix crash in upx decoder with crafted file. Discovered and patch
      supplied by Sebastian Andrzej Siewior. CVE-2015-2170.
    - Fix segfault scanning certain HTML files. Reported with sample by
      Kai Risku.
    - Improve detections within xar/pkg files.
  * update GPG key used to verify releases to get uscan/get_orig.sh working
    again.
  * update symbol version for cl_retflevel due to CL_FLEVEL change.

 -- Sebastian Andrzej Siewior <email address hidden>  Sat, 02 May 2015 22:35:37 +0200

Upload details

Uploaded by:
ClamAV Team
Uploaded to:
Wheezy
Original maintainer:
ClamAV Team
Architectures:
any all
Section:
utils
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
clamav_0.98.7+dfsg-0+deb7u1.dsc 2.8 KiB a109d8300ad94c0edf38533889555eb6c2ecdedd5b14d88b69f56ca260c8b7c1
clamav_0.98.7+dfsg.orig.tar.xz 7.9 MiB 3a153ccdde90702dc175bd251784b66f09431b517da4ca8c99407ecd3e295fa5
clamav_0.98.7+dfsg-0+deb7u1.debian.tar.gz 832.8 KiB a950749d6d13a893abef1d7c2e1594b418a762ed60e516b190152dc2a1ac24e1

No changes file available.

Binary packages built by this source