[Bug 1420819] Re: ClamAV 0.98.6 security update for Lucid

Launchpad Bug Tracker 1420819 at bugs.launchpad.net
Thu Feb 12 22:52:42 UTC 2015 

This bug was fixed in the package clamav - 0.98.6+dfsg-0ubuntu0.10.04.1

---------------
clamav (0.98.6+dfsg-0ubuntu0.10.04.1) lucid-security; urgency=medium

  [ Marc Deslauriers ]
  * Updated to 0.98.6 to fix security issues, including CVE-2014-9328.
    (LP: #1420819)
  * Removed upstreamed patches:
    - d/p/0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch
    - d/p/0017-Bump-.so-version-number.patch

  [ Chris Pollock ]
  * Drop dh_autoreconf from build-depends
  * Remove use of dh_autoreconf from debian/rules
  * Adjust list of no LLVM architectures in debian/rules to include powerpc
    to avoid FTBFS on lucid

clamav (0.98.5+addedllvm-0ubuntu0.12.04.1) precise-security;
urgency=medium

  * Updated to 0.98.5 to fix security issues, including CVE-2013-6497.
  * Removed patches no longer needed:
    - d/p/0002-Sebastian-Andrzej-Siewior.patch
    - d/p/0003-configure-use-pkg-config-for-check-so-test-is-detect.patch
    - d/p/0004-Stop-using-a-cargo-culted-syscall-table-and-trust-th.patch
    - d/p/0005-configure.ac-patches-to-got-with-autoreconf-and-auto.patch
    - d/p/0006-Fix-STAT64-definition-and-add-missing-includes.patch
  * Added patches from vivid to fix FTBFS, .so version and other issues:
    - d/p/0002-Add-an-additional-n-after-the-number-in-the-pidfile.patch
    - d/p/0003-unit_tests-increment-test-timeout-from-40secs-to-5mi.patch
    - d/p/0006-remove-unnecessary-harmful-flags-from-libclamav.pc.patch
    - d/p/0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
    - d/p/0017-Bump-.so-version-number.patch
    - d/p/0018-llvm-don-t-use-system-libs.patch
  * debian/clamav-docs.docs: use wildcards, as some docs have changed.
  * debian/clamav-base.postinst.in: added new options.
  * debian/clamav-base.config.in: added new options.
  * debian/clamav-base.templates: added new options.
  * debian/control: added libssl-dev BuildDepends.
  * clamav-testfiles.install: removed rar files.
 -- Chris <cpollock at embarqmail.com>   Sun, 08 Feb 2015 07:54:07 -0600

** Changed in: clamav (Ubuntu)
       Status: In Progress => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-6497

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9328

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to clamav in Ubuntu.
https://bugs.launchpad.net/bugs/1420819

Title:
  ClamAV 0.98.6 security update for Lucid

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/1420819/+subscriptions

More information about the Ubuntu-server-bugs mailing list