This bug was fixed in the package clamav - 0.94.dfsg.2-1ubuntu0.3~hardy4 --------------- clamav (0.94.dfsg.2-1ubuntu0.3~hardy4) hardy-security; urgency=low * No change rebuild from backports for use with ClamAV 0.94 clamav (0.94.dfsg.2-1ubuntu0.3~hardy3) hardy-backports; urgency=low * Update Hardy backport to include the latest apparmor profile fixes from Jaunty development clamav (0.94.dfsg.2-1ubuntu0.3~hardy2) hardy-backports; urgency=low * Drop deny rule in freshclam apparmor profile since deny is not supported in Hardy's apparmor (LP: #360919) clamav (0.94.dfsg.2-1ubuntu0.3~hardy1) hardy-backports; urgency=low * Source backport for Hardy (lsb-base not present in sufficient version) (LP: #354190, #360502) - Drop versioning of lsb-base depends - Revert lsb status changes from maintainer scripts * Update existing backport with security fixes from 0.95 and 0.95.1 * Update apparmor profile with fixes from Jaunty clamav (0.94.dfsg.2-1ubuntu0.3) intrepid-security; urgency=high * SECURITY UPDATE: (LP: #360502) * References * libclamav/others.h: harden CLI_ISCONTAINED macro (bb#1552) (Denial of service) * Note: clamav-milter bugs such as 1499, 1522, 1524, and 1531 are not relevant to clamav 0.94.2 and earlier versions * Note: The code related to clamav bug 1553 was substantially rewritten in 0.95, so it is also not relevant to clamav 0.94.2 and earlier versions * Bump CL_FLEVEL_DCONF to 0.95.1 level since relevant security patches are applied * Added CVE references for 0.94.dfsg.2-1ubuntu0.2 now that they've been assigned clamav (0.94.dfsg.2-1ubuntu0.2) intrepid-security; urgency=high * SECURITY UPDATE (LP: #354190): * References Clamav #1335, #1462, CVE 2008-6680, CVE 2009-1270 * libclamav/pe.c: division by zero with --detect-broken (bb#1335) (Denial of service) * libclamav/untar.c: infloop in tar.c (bb#1462) (Denial of Service) * Add dconf_renable patch from 0.95 (previously backported to 0.92.2) - Bump CL_FLEVEL_DCONF to 0.95 level since security patches are applied clamav (0.94.dfsg.2-1ubuntu0.1) intrepid-security; urgency=low * SECURITY UPDATE: (LP: #304017) - Fix recursive stack overflow in jpeg parsing code * Other changes: - debian/control: Recommends apparmor >= 2.1+1075-0ubuntu6 for clamav-daemon and clamav-freshclam - add debian/usr.bin.freshclam and debian/usr.sbin.clamd - debian/clamav-(daemon|freshclam).dirs: add etc/apparmor.d/force-complain - debian/clamav-(daemon|freshclam).install: install profiles - debian/clamav-(daemon|freshclam).preinst: create symlink for force-complain/ on pre-feisty upgrades, upgrades where apparmor-profiles profile is unchanged (ie non-enforcing) and upgrades where the profile doesn't exist. - debian/clamav-(daemon|freshclam).postrm: remove symlink in force-complain/ on purge. - debian/clamav-(daemon|freshclam).postinst.in: reload apparmor - update README.Debian with note on Apparmor - Enable upstream test suite in debian/rules clamav (0.94.dfsg.2-1) unstable; urgency=low [ Stephen Gran ] * New upstream version [ Michael Meskes ] * Removed unused debconf templates and unfuzzied all translations. [ Michael Tautschnig ] * Removed --unzip from clampipe script (closes: #506055) * Moved clamav-milter specific stuff from its specific README.Debian to clamav-global one. * Sync start of clamav-milter with clamav-daemon when clamav-daemon is being upgraded (closes: #309067) * The TemporaryDirectory option has been added long ago, no need for hacks via clamav-daemon.default anymore (closes: #253080) clamav (0.94.dfsg.1-1ubuntu0.1) intrepid-security; urgency=low * SECURITY UPDATE: (LP: #296704) - Fix off-by-one heap overflow * Other changes: - debian/control: Recommends apparmor >= 2.1+1075-0ubuntu6 for clamav-daemon and clamav-freshclam - add debian/usr.bin.freshclam and debian/usr.sbin.clamd - debian/clamav-(daemon|freshclam).dirs: add etc/apparmor.d/force-complain - debian/clamav-(daemon|freshclam).install: install profiles - debian/clamav-(daemon|freshclam).preinst: create symlink for force-complain/ on pre-feisty upgrades, upgrades where apparmor-profiles profile is unchanged (ie non-enforcing) and upgrades where the profile doesn't exist. - debian/clamav-(daemon|freshclam).postrm: remove symlink in force-complain/ on purge. - debian/clamav-(daemon|freshclam).postinst.in: reload apparmor - update README.Debian with note on Apparmor * Update apparmor profile for clamd to work with TCP sockets (LP: #288942) clamav (0.94.dfsg.1-1) unstable; urgency=low [ Stephen Gran ] * New upstream version (closes: #505134, #502165, #501298) * Handle new option SubmitDetectionStats in freshclam.conf * Remove RAR from the description, since we really don't handle it anymore * Skip 'sleep until -e socket' logic if socket is of type inet (LP #296086) [ Michael Meskes ] * Added myself as uploader. * Changed watch file to account for dfsg extension. * Do not configure temporary directory in clamd.conf anymore unless it is already configured there. * Added Basque debconf translation (closes: #500007) [ Michael Tautschnig ] * Use lsb's status_of_proc function to determine the status of the process and return with according exit codes (closes: #486076) * Updated Dutch debconf translation (thanks Paul Gevers