Date: Thu, 19 Feb 2004 02:11:27 +0100 From: Oliver Eikemeier <eikemeier@fillmore-labs.com> To: "Jacques A. Vidrine" <nectar@FreeBSD.org> Cc: freebsd-ports@FreeBSD.org Subject: Re: [Fwd: [gentoo-announce] [ GLSA 200402-07 ] Clamav 0.65 DoS vulnerability] Message-ID: <40340D3F.8060805@fillmore-labs.com> In-Reply-To: <20040218215950.GD47727@madman.celabo.org> References: <40337619.1050504@veldy.net> <20040218215950.GD47727@madman.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Jacques A. Vidrine wrote: > On Wed, Feb 18, 2004 at 08:26:33AM -0600, Thomas T. Veldhouse wrote: > >>Attached is a security alert from Gentoo pertaining to clam antivirus. >>It seems that as of this morning, FreeBSD's ports still contain the >>affected version. > > Oliver (the discoverer of the vulnerability) is a FreeBSD developer and > fixed the port some time ago. > > See also > <URL:http://www.vuxml.org/freebsd/74a9541d-5d6c-11d8-80e3-0020ed76ef5a.html>. Btw, it is almost unbearable smart that they include the sequence that triggers the bug in their mail, assuring that users that *have* the vulnerable clamd installed never see the advisory. It *had* a reason that I prefixed the lines with 'X'. Congratulations. -Oliver
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?40340D3F.8060805>