oss-security February 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] clamav 0.97

Re: [oss-security] clamav 0.97

From: Josh Bressers <bressers_at_nospam>
Date: Mon Feb 21 2011 - 19:32:12 GMT
To: oss-security@lists.openwall.com

----- Original Message -----
> A new clamav version is out and as usual, they don't mention if it's
> security-relevant.
>
> Though from the changelog
> http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97
>
> at least this sounds like security:
> * libclamav/vba_extract.c: fix error path double free (bb#2486)
>

The details here are pretty slim:
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2486

But since it's been reqeusted, let's use CVE-2011-1003.

Thanks.

-- JB