Your message dated Tue, 28 Apr 2009 23:32:05 +0100
with message-id <[email protected]>
and subject line Re: [Pkg-clamav-devel] Bug#526042: clamav: CVE-2009-1241
malware detection bypass
has caused the Debian Bug report #526042,
regarding clamav: CVE-2009-1241 malware detection bypass
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
526042: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526042
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: clamav
Severity: important
Tags: security
Tags: fixed 0.95+dfsg-1
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for clamav.
CVE-2009-1241[0]:
| Unspecified vulnerability in ClamAV before 0.95 allows remote
| attackers to bypass detection of malware via a modified RAR archive.
This is already fixed in version 0.95+dfsg-1 in unstable. Please
coordinate with the security team ([email protected]) to prepare
packages for the stable releases.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1241
http://security-tracker.debian.net/tracker/CVE-2009-1241
--- End Message ---
--- Begin Message ---
This one time, at band camp, Michael S. Gilbert said:
> Hi,
> the following CVE (Common Vulnerabilities & Exposures) id was
> published for clamav.
>
> CVE-2009-1241[0]:
> | Unspecified vulnerability in ClamAV before 0.95 allows remote
> | attackers to bypass detection of malware via a modified RAR archive.
Debian does not use the Rar code in clamav at all at the current time,
so this bug doesn't affect us.
Cheers,
--
-----------------------------------------------------------------
| ,''`. Stephen Gran |
| : :' : [email protected] |
| `. `' Debian user, admin, and developer |
| `- http://www.debian.org |
-----------------------------------------------------------------
signature.asc
Description: Digital signature
--- End Message ---
_______________________________________________
Pkg-clamav-devel mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/pkg-clamav-devel