Bug 95425
| Summary: | [PATCH] security/clamav-devel: update to 20060406 | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Renato Botelho <garga> | ||||
| Component: | Individual Port(s) | Assignee: | Renato Botelho <garga> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Only Me | ||||||
| Priority: | Normal | ||||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
Responsible Changed From-To: freebsd-ports-bugs->garga I'll take it. State Changed From-To: open->feedback Awaiting maintainers feedback State Changed From-To: feedback->closed Committed. Thanks! |
- Update to 20060406 -- fix multiple vulnerabilities * CVE-2006-1614 Damian Put discovered an integer overflow in the PE header parser. This is only exploitable if the ArchiveMaxFileSize option is disabled. * CVE-2006-1615 Format string vulnerabilities in the logging code have been discovered, which might lead to the execution of arbitrary code. * CVE-2006-1630 David Luyer discovered, that ClamAV can be tricked into an invalid memory access in the cli_bitset_set() function, which may lead to a denial of service. - Massive Makefile rework synchronizing with security/clamav port. Added file(s): - files/clamav-clamd.in - files/clamav-freshclam.in - files/clamav-milter.in - files/patch-configure - files/patch-etc_Makefile.in - files/patch-libclamav_zziplib_zzip-conf.h - files/pkg-deinstall.in - files/pkg-install.in Removed file(s): - pkg-deinstall - pkg-install - files/clamav-clamd.sh - files/clamav-freshclam.sh - files/clamav-milter.sh - files/patch-Makefile.am - files/patch-configure.in - files/patch-etc::Makefile.am - files/patch-zziplib.h Generated with FreeBSD Port Tools 0.63