Hi All!
Clamav-milter Segmentation fault wiht this log:
LibClamAV Warning: RFC2231 parameter continuations are not yet handled
LibClamAV Warning: messageFindArgument: no '=' sign found in MIME header
'filename'
(filename*0*=windows-1251''%FD%EB%F2%E5%F5%ED%E8%EA%F1%%20%EF%EE%E7%E4%F0%E0)
LibClam
Christoph Cordes wrote:
> If a severe vulnerability is discovered in one of the ClamAV modules
> - like if one of the unpackers for PE files or something like that
> and it offers the possibility to compromise the systems security, the
> team can deactivate the module for certain releases wi
On Wed, 21 Nov 2007 19:54:17 -0500
"David F. Skoll" <[EMAIL PROTECTED]> wrote:
> Tomasz Kojm wrote:
>
> > Just to make you feel better - ClamAV includes two special mechanisms
> > that in almost all cases allow us to remotely address such
> > vulnerabilities in 5 minutes eliminating the need for
On Thu, 22 Nov 2007, Christoph Cordes wrote:
> - after a new release ClamAV should mimic the behavior of the preceding
> version by default unless it's a major release (.x0) or the user enabled
> possible new features explicitly. furthermore the default behavior
> should be as conservative as possi
Am 22.11.2007 um 01:54 schrieb David F. Skoll:
>
>> Just to make you feel better - ClamAV includes two special mechanisms
>> that in almost all cases allow us to remotely address such
>> vulnerabilities in
>> 5 minutes eliminating the need for urgent update of the entire
>> package. These
>>
Am 22.11.2007 um 00:45 schrieb Steve Wray:
> Christoph Cordes wrote:
>> Am 20.11.2007 um 11:06 schrieb Sean Doherty:
>>
>>> Anyone know if there is any substance to this vulnerability claim?
>>>
>>> http://wabisabilabi.blogspot.com/2007/11/focus-on-clamav-remote-
>>> code-execution.html
>>
>> No.
Steve Wray wrote:
> Christoph Cordes wrote:
>> Hello,
>>
>> so in the end it boils down to this:
>>
>> - after a new release ClamAV should mimic the behavior of the
>> preceding version by default unless it's a major release (.x0) or the
>> user enabled possible new features explicitly. further
Tomasz Kojm wrote:
> Just to make you feel better - ClamAV includes two special mechanisms
> that in almost all cases allow us to remotely address such vulnerabilities in
> 5 minutes eliminating the need for urgent update of the entire package. These
> special features effectively limit wider usag
Christoph Cordes wrote:
> Am 20.11.2007 um 11:06 schrieb Sean Doherty:
>
>> Anyone know if there is any substance to this vulnerability claim?
>>
>> http://wabisabilabi.blogspot.com/2007/11/focus-on-clamav-remote-
>> code-execution.html
>
> No.
Ok, slight ambiguity here.
On the face of it you
On Tue, 20 Nov 2007 12:06:00 +0200
Sean Doherty <[EMAIL PROTECTED]> wrote:
> Anyone know if there is any substance to this vulnerability claim?
>
> http://wabisabilabi.blogspot.com/2007/11/focus-on-clamav-remote-code-execution.html
>
Just to make you feel better - ClamAV includes two special me
Christoph Cordes wrote:
> Hello,
>
> so in the end it boils down to this:
>
> - after a new release ClamAV should mimic the behavior of the
> preceding version by default unless it's a major release (.x0) or the
> user enabled possible new features explicitly. furthermore the
> default beha
Christoph Cordes wrote:
> - after a new release ClamAV should mimic the behavior of the
> preceding version by default unless it's a major release (.x0) or the
> user enabled possible new features explicitly. furthermore the
> default behavior should be as conservative as possible. Did i get
Hello,
so in the end it boils down to this:
- after a new release ClamAV should mimic the behavior of the
preceding version by default unless it's a major release (.x0) or the
user enabled possible new features explicitly. furthermore the
default behavior should be as conservative as possib
Am 20.11.2007 um 11:06 schrieb Sean Doherty:
> Anyone know if there is any substance to this vulnerability claim?
>
> http://wabisabilabi.blogspot.com/2007/11/focus-on-clamav-remote-
> code-execution.html
No.
--
Best regards,
Christoph
___
Help
G.W. Haywood wrote:
>
> Please either make a
> positive contribution or find another list on which to make trouble.
He IS trying to make a positive contribution. He's trying to establish
a best practice that fits for any production environment where the
sysadmins care about their quality of
gypsy wrote:
> I have posted to the Wiki in vain. Where is the correct place to post a
> request for a feature?
https://wwws.clamav.net/bugzilla/
Please mark your "bug" report as "enhancement".
-aCaB
___
Help us build a comprehensive ClamAV guide: vis
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thanks Noel. I've got to do more thinking on your explanation but I wanted to
express appreciation for your time.
On Mon, 19 Nov 2007 16:08:06 -0600
Noel Jones <[EMAIL PROTECTED]> wrote:
> Derick Centeno wrote:
> > -BEGIN PGP SIGNED MESSAGE-
G.W. Haywood wrote:
>> Clam has a rather checkered security history, and some of its code
>> is pretty convoluted.
> Tomasz isn't the only one who finds this boring. Please either make a
> positive contribution or find another list on which to make trouble.
I have contributed (financially and a
First off, thanks for all your help guys. It turns out patience was my
worst enemy. It took more than 5-10 minutes for clamd to start up and
create the socket. All is well now, guess its time to upgrade clamav.
Thanks again,
Morgan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[E
Hi there,
On Tue, 13 Nov 2007 David F. Skoll wrote:
> ...I think on-by-default code that is inefficient, badly-written, a
> source of false-positives and of dubious value in a virus-scanner is
> pretty important to discuss.
and on Wed, 21 Nov 2007 David F. Skoll wrote:
> Clam has a rather check
20 matches
Mail list logo
