Am 15.04.2008 um 14:58 schrieb Roberto Ullfig: > By disabling the module do you mean to say that 0.92.1 is not > vulnerable? Why does CERT say otherwise?
I think the CERT simply doesn't know about the dconf feature in ClamAV - furthermore they only repeat what they heard. You can't blame them for that, they are simply not that deep into it, since they have a lot of reports to review. Also - for many news sites it wouldn't be worth reporting. I mean, no one wants to read about a vulnerability that has been defused before it became public. -- Best regards, Christoph _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
