On Wed, Dec 10, 2008 at 07:27, Dominic Hargreaves <[EMAIL PROTECTED]> wrote:
> I don't think that's relevant to volatile versions though.
To Volatile or Not to Volatile. That is the question (now).Is
volatile a dead thing and security now back to real-time updates?
I'm ok with manually downl
On Wed, Dec 10, 2008 at 11:51:49AM +0100, Cyril Brulebois wrote:
> Dominic Hargreaves <[EMAIL PROTECTED]> (10/12/2008):
> > Looks like it is in the etch-proposed-updates/etch dist, though, if
> > you wanted it. Volatile admins, is there something wrong with this
> > package or has it just been forg
Dominic Hargreaves <[EMAIL PROTECTED]> (10/12/2008):
> Looks like it is in the etch-proposed-updates/etch dist, though, if
> you wanted it. Volatile admins, is there something wrong with this
> package or has it just been forgotten about?
Correct according to:
http://release.debian.org/proposed-up
On Tue, Dec 09, 2008 at 11:05:28PM -0500, Jim Popovitch wrote:
> I am seeing the same thing. The fix is on volatile.d.o as
> clamav_0.94.dfsg.2-1~volatile1, but apt-get upgrade is not recognizing
> it. I don't see it in the Releases file either.
Looks like it is in the etch-proposed-updates/etch
On Tue, Dec 9, 2008 at 17:44, Mapper ict department
<[EMAIL PROTECTED]> wrote:
> We have Debian Etch with the volatile clamav installed. This is
> the version:
>
> 0.94.dfsg.1-1~volatile1
>
> That is the one affected if i am not mistaking.
>
> We have the volatile archive in the apt-get sources lis
Mapper ict department wrote:
> DSA-1680-1 clamav -- buffer overflow, stack consumption
> Date Reported: 04 Dec 2008
> In the Debian bugtracking system: Bug 505134, Bug 507624.
> In Mitre's CVE dictionary: CVE-2008-5050, CVE-2008-5314.
[snip]
> We have the volatile archive in the apt-get sources l
DSA-1680-1 clamav -- buffer overflow, stack consumption
Date Reported: 04 Dec 2008
In the Debian bugtracking system: Bug 505134, Bug 507624.
In Mitre's CVE dictionary: CVE-2008-5050, CVE-2008-5314.
Hello,
Im quite new at this so forgive me if i ask stupid questions.
We have Debian Etch with the
[...]
>
> This looks like quite a serious bug (remote arbitrary code execution).
> Are there any plans for an update to volatile?
>
The fixed version has been uploaded to volatile already and got accepted [1],
but probably is still being built!?
Best,
Michael
[1]
http://lists.alioth.debian.or
On 2008-12-05 20:15, Dominic Hargreaves wrote:
> On Thu, Dec 04, 2008 at 09:26:17AM +0100, Florian Weimer wrote:
>
>
>> Moritz Jodeit discovered that ClamAV, an anti-virus solution, suffers
>> from an off-by-one-error in its VBA project file processing, leading to
>> a heap-based buffer overflow
On Thu, Dec 04, 2008 at 09:26:17AM +0100, Florian Weimer wrote:
> Moritz Jodeit discovered that ClamAV, an anti-virus solution, suffers
> from an off-by-one-error in its VBA project file processing, leading to
> a heap-based buffer overflow and potentially arbitrary code execution
> (CVE-2008-5050
10 matches
Mail list logo
