Comment 5 for bug 83065

As an interim measure we want to go ahead and backport 0.88.7 while we work out the API change issues with 0.9x. Debian/changelog since the last Edgy version (in edgy-security):

clamav (0.88.7-1ubuntu1) feisty; urgency=low

  * Merge from debian unstable, remaining changes:
    - debian/clamav-base.init-stub, debian/clamav-daemon.init,
      debian/rules: init script stub for common setup functions.

 -- Kees Cook <email address hidden> Tue, 12 Dec 2006 16:04:26 -0800

clamav (0.88.7-1) unstable; urgency=medium

  * New upstream version
    [ CVE-2006-6406 ] MIME encoding scan bypass (closes: #401873)
    [ CVE unavailable ] Nested multipart recursion DoS (closes: #401874)

 -- Stephen Gran <email address hidden> Tue, 12 Dec 2006 00:38:02 +0000

clamav (0.88.6-1ubuntu1) feisty; urgency=low

  * Merge from debian unstable.
  * Remaining Ubuntu changes:
    - debian/clamav-base.init-stub, debian/clamav-daemon.init,
      debian/rules: init script stub for common setup functions.

 -- Kees Cook <email address hidden> Tue, 28 Nov 2006 21:22:48 -0800

clamav (0.88.6-1) unstable; urgency=low

  * New upstream version
    - incorporates freshclam non-block patch, thus dropping it from patches/

 -- Stephen Gran <email address hidden> Mon, 6 Nov 2006 11:19:38 +0000

clamav (0.88.5-3) unstable; urgency=low

  * Fix broken configure.in patch. Never mattered on systems where sendmail
    wasn't installed, but would make the build system fail to pick up local
    versions of sendmail on custom arrangements

 -- Stephen Gran <email address hidden> Mon, 23 Oct 2006 23:18:59 +0100

clamav (0.88.5-2) unstable; urgency=high

  * Fix FTBFS with nullmailer (closes: #393672)
  * Urgency high because this was keeping security fixes out of testing
  * Noted here since they were unavailable at previous upload time:
    - IDEF1597 is CVE-2006-4182 (libclamav/rebuildpe.c)
    - IDEF1736 is CVE-2006-5295 (libclamav/chmunpack.c)

 -- Stephen Gran <email address hidden> Thu, 19 Oct 2006 12:30:07 +0100

clamav (0.88.5-1) unstable; urgency=medium

  * New upstream version
    - libclamav/rebuildpe.c: fix possible heap overflow [IDEF1597]
    - libclamav/chmunpack.c: fix possible crash [IDEF1736]
    - urgency medium for this reason

 -- Stephen Gran <email address hidden> Mon, 16 Oct 2006 01:40:57 +0100

clamav (0.88.4-4) unstable; urgency=low

  * Versioned build-dep on dpkg-dev so I can use ${binary:Version}
  * Actually remove Magnus this time
  * Add Recommends clamav-base to clamav (closes: #391038)
  * Fix parse problem is slurp_config() (closes: #384046)

 -- Stephen Gran <email address hidden> Sun, 8 Oct 2006 13:39:15 +0100

clamav (0.88.4-3) unstable; urgency=low

  * Move logrotate handling to clamav-daemon.postrm (closes: #384011)
  * Apply upstream freshclam timeout patch (closes: #334911, #382353)
  * Actually install changelogs, symlink other docs.
  * Make binary packages binNMU'able
  * lsb init comments added to init scripts
  * Remove Magnus from Uploaders field, as it looks like he's really not
    coming back to it. Thanks for all your work, Magnus!
  * Add shlibsdeps to clamav-dbg

 -- Stephen Gran <email address hidden> Mon, 2 Oct 2006 19:47:06 +0100

clamav (0.88.4-2) unstable; urgency=low

  * Just to note here for the security team, 0.88.4-1 fixed
    [CVE-2006-4018]: libclamav/upx.c: buffer overflow
    (CVE unavailable at upload time)
  * Fix up arguments to start_daemon() in init scripts (closes: #382092)
  * Fix override disparity

 -- Stephen Gran <email address hidden> Tue, 8 Aug 2006 21:38:43 +0100