This was an oversight on my part. I recently took over the lead developer role for ClamAV. I made an effort to address a set up vulns that were approaching the traditional 90 day disclosure window. As I was preparing the patch, I was informed that there were a couple of other missing CVE patches so I applied them to 0.99.3.
Unfortunately, I didn’t realize there were others that had been neglected before I joined. I am sorry and will address them asap for the next 0.99.3 patch release. Regards, Micah Micah Snyder Software Engineer Talos Cisco Systems, Inc. On Jan 28, 2018, at 3:25 PM, Marcus Schopen <li...@localguru.de<mailto:li...@localguru.de>> wrote: Hi, does anyone know why the CVE-2017-6419 patch is not part of 0.99.3? Ciao! _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
