[Monitoring] 5 Debian package update(s) for hexagon.federez.net

apticron report [Wed, 06 May 2015 10:48:15 +0200] ======================================================================== apticron has detected that some packages need upgrading on: hexagon.federez.net [ 5.39.82.35 2001:41d0:8:9423::1 5.39.82.35 2001:41d0:8:9423::1 ] The following packages are currently pending an upgrade: clamav 0.98.7+dfsg-0+deb7u1 clamav-base 0.98.7+dfsg-0+deb7u1 clamav-daemon 0.98.7+dfsg-0+deb7u1 clamav-freshclam 0.98.7+dfsg-0+deb7u1 libclamav6 0.98.7+dfsg-0+deb7u1 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour clamav (clamav clamav-base clamav-daemon clamav-freshclam libclamav6) --- clamav (0.98.7+dfsg-0+deb7u1) oldstable; urgency=high [ Andreas Cadhalpun ] * Fix variable name mismatch in clamav-milter.postinst in order to make preseeding work correctly. (Closes: #778445) * Drop 'XS-Testsuite: autopkgtest' from debian/control. Debhelper automatically adds the Testsuite field. This fixes the lintian warning xs-testsuite-header-in-debian-control. * Fix cleanup on purge in clamav-base.postrm. [ Sebastian Andrzej Siewior ] * Replace ” with " in debian/common_functions (Closes: #781088) * Import new upstream: - Improvements to PDF processing: decryption, escape sequence handling, and file property collection. - Scanning/analysis of additional Microsoft Office 2003 XML format. - Fix infinite loop condition on crafted y0da cryptor file. Identified and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221. - Fix crash on crafted petite packed file. Reported and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2222. - Fix false negatives on files within iso9660 containers. This issue was reported by Minzhuan Gong. - Fix a couple crashes on crafted upack packed file. Identified and patches supplied by Sebastian Andrzej Siewior. - Fix a crash during algorithmic detection on crafted PE file. Identified and patch supplied by Sebastian Andrzej Siewior. - Fix an infinite loop condition on a crafted "xz" archive file. This was reported by Dimitri Kirchner and Goulven Guiheux. CVE-2015-2668. - Fix compilation error after ./configure --disable-pthreads. Reported and fix suggested by John E. Krokes. - Apply upstream patch for possible heap overflow in Henry Spencer's regex library. CVE-2015-2305 (Closes: #778406). - Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2170. - Fix segfault scanning certain HTML files. Reported with sample by Kai Risku. - Improve detections within xar/pkg files. * update GPG key used to verify releases to get uscan/get_orig.sh working again. * update symbol version for cl_retflevel due to CL_FLEVEL change. -- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Sat, 02 May 2015 22:35:37 +0200 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on hexagon.federez.net -- apticron