[Bug 219031] [NEW] Please Backport clamav-0.92.1~dfsg2-1 from Hardy to Dapper

Scott Kitterman ubuntu at kitterman.com
Fri Apr 18 05:00:35 BST 2008 

Public bug reported:

Source backport required.  Tested.  Ack from ubuntu-backporters.

clamav (0.92.1~dfsg2-1~dapper1) dapper-backports; urgency=high

  * Source backport for dapper-backports.  Changes:
    - Change ${binary:Version} and ${source:Version} depends to
      {Source-Version} in debian/control and drop dpkg-dev
      dependency to (>= 1.13.11) as a result
    - Add CC=gcc-3.4 to configure options in debian/rules and build-dep for
      gcc-3.4 to avoid GCC bug 28045
    - Remove leading comments from debian/clamav-base.templates and
      debian/clamav-freshclam.templates to work around Dapper tool chain
      problem (inserts extra line in the template).

 -- Scott Kitterman <scott at kitterman.com>  Thu, 17 Apr 2008 23:45:03
-0400

clamav (0.92.1~dfsg2-1) unstable; urgency=high

  * libclamav/pe.c: possible integer overflow in wwpack
  * [CVE-2008-1100]: libclamav/pe.c: possible integer overflow in upack
  * [CVE-2008-1387]: libclamav/spin.c: possible integer overflow
  * libclamav/unarj.c: DoS in unarj

 -- Stephen Gran <sgran at debian.org>  Tue, 15 Apr 2008 17:48:43 +0100

clamav (0.92.1~dfsg2-0.1) unstable; urgency=low

  * Non-maintainer upload.
  * Remove non-free unrar files and repack orig.tar.gz (Closes: #470073)

 -- Scott Kitterman <scott at kitterman.com>  Sat, 08 Mar 2008 19:29:19
-0500

clamav (0.92.1~dfsg-1) unstable; urgency=low

  * New upstream bugfix release
    - [2007-6595]: libclamav/others.c: symlink vulnerability
      cli_gentempfd now calls open with O_EXCL (closes: #458532)
    - [CVE-2008-0318]: libclamav/pe.c: possible integer overflow
    - libclamav/mew.c: possible heap corruption
  * Add a note to NEWS.Debian about unrar support being dropped
    (closes: #465203)
  * clamav-milter: off-by-one programming error in pingServer
    (closes: #458204)
  * Copyright now complete (thanks Scott Kitterman <scott at kitterman.com>)
    (closes: #456770)
  * Attempt to work around clamav-milter not bothering to check if another
    instance is running on startup (reported as LP bug 179169)

 -- Stephen Gran <sgran at debian.org>  Tue, 12 Feb 2008 02:25:20 +0000

clamav (0.92~dfsg-3) unstable; urgency=low

  * Copyright clarifications (closes: #456770) (thanks
    Scott Kitterman <scott at kitterman.com>)

 -- Stephen Gran <sgran at debian.org>  Thu, 20 Dec 2007 15:28:12 +0000

** Affects: dapper-backports
     Importance: Medium
         Status: In Progress

-- 
Please Backport clamav-0.92.1~dfsg2-1 from Hardy to Dapper
https://bugs.launchpad.net/bugs/219031
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to Dapper Backports.

More information about the ubuntu-backports mailing list