Note to -stable ports maintainers: This should probably be put into -stable
since the ClamAV people do not provide virus data to outdated scan engines.
ok simon
fixes:
- ClamAV CAB File Unstore Buffer Overflow Vulnerability
- File descriptor leak in CHM handler
- PDF fd leak
From the original annoucement:
**Important note**: on April 16th CHM, CAB and PDF handlers will be
disabled for 0.90 and 0.90.1 users through the dynamic engine
configuration module (DCONF). Please upgrade to 0.90.2 immediately.
This release improves virus detection and fixes zip handling on 64-bit
architectures.
SECURITY
This release fixes a possible security problem in freshclam.
See http://www.clamav.net/security/0.88.2.html for a full security report.
Notes: This version fixes vulnerabilities in handling of UPX and FSG compressed
executables. Support for PE files, Zip and Cabinet archives has been improved
and other small bugfixes have been made. The new option "--on-outdated-execute"
allows freshclam to run a command when system reports a new engine version.
