Comment 10 for bug 317923

clamav (0.92.1~dfsg2-1.1~dapper3.3) dapper-security; urgency=low

  [ Leonel Nunez ]
  * SECURITY UPDATE:
  * [CVE-2008-5314]: remote attack by sending a specially crafted JPEG
    file
    libclamav/special.c, libclamav/special.h, libclamav/scanners.c
  * [CVE-2008-3912]: libclamav/mbox.c, libclamav/message.c:
    out-of-memory null dereferences
  * [CVE-2008-3914]: libclamav/htmlnorm.c, libclamav/others.c,
    libclamav/sis.c: fd leaks
  * [CVE-2008-3913]: freshclam/manager.c: memory leaks
  * added 29_CVE-2008-3912.dpatch 30_CVE-2008-3913.dpatch
     32_cli_check_jpeg_exploit.dpatch 31_CVE-2008-3914.dpatch
  * References: LP #271546, #304017

  [ Scott Kitterman ]
  * SECURITY UPDATE: re-enable modules disabled due to resolved security
    deficiencies:
  * References: Clamav svn commit 4550, LP #317923