Debian Package Tracker

general

source: clamav (source, utils)
version: 0.99.3~beta1+dfsg-1
maintainer: ClamAV Team (archive) [DMD]
uploaders: Michael Tautschnig [DMD] – Scott Kitterman [DMD] – Michael Meskes [DMD] – Andreas Cadhalpun [DMD] – Sebastian Andrzej Siewior [DMD]
arch: all any
std-ver: 3.9.8
VCS: Git (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.99+dfsg-0+deb7u2
o-o-sec: 0.99.2+dfsg-0+deb7u2
o-o-upd: 0.99+dfsg-0+deb7u2
oldstable: 0.99.2+dfsg-0+deb8u2
old-upd: 0.99+dfsg-0+deb8u2
stable: 0.99.2+dfsg-6
testing: 0.99.2+dfsg-6
unstable: 0.99.3~beta1+dfsg-1

versioned links

0.99+dfsg-0+deb7u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.99+dfsg-0+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.99.2+dfsg-0+deb7u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.99.2+dfsg-0+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.99.2+dfsg-6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.99.3~beta1+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

clamav
clamav-base
clamav-daemon
clamav-docs
clamav-freshclam
clamav-milter
clamav-testfiles
clamdscan
libclamav-dev
libclamav7

action needed

2 security issues in wheezy

high

There are 2 open security issues in wheezy.

2 important issues:

CVE-2017-6418: libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
CVE-2017-6420: The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.

Please fix them.

Created: 2017-08-07 Last update: 2017-08-11 01:20

2 security issues in buster

high

There are 2 open security issues in buster.

2 important issues:

CVE-2017-6418: libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
CVE-2017-6420: The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.

Please fix them.

Created: 2017-08-07 Last update: 2017-08-11 01:20

Standards version of the package is outdated.

high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.0.1 instead of 3.9.8).

Created: 2017-07-10 Last update: 2017-08-07 07:04

Does not build reproducibly during testing

normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2016-12-16 Last update: 2017-08-23 01:38

Depends on packages which need a new maintainer

normal

The packages that clamav depends on which need a new maintainer are:

sendmail (#740070)
- Depends: libmilter1.0.1
- Build-Depends: libmilter-dev

Created: 2015-07-05 Last update: 2017-08-23 01:32

The package has not entered testing even though the delay is over

normal

The package has not entered testing even though the 5-day delay is over. Check why.

Created: 2017-08-13 Last update: 2017-08-23 01:23

1 bug tagged patch in the BTS

normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2017-08-12 Last update: 2017-08-23 01:08

lintian reports 18 warnings

normal

Lintian reports 18 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2017-07-11 Last update: 2017-08-09 01:09

2 ignored security issues in jessie

low

There are 2 open security issues in jessie.

2 issues skipped by the security teams:

CVE-2017-6418: libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
CVE-2017-6420: The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.

Please fix them.

Created: 2017-08-07 Last update: 2017-08-11 01:20

2 ignored security issues in stretch

low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2017-6418: libclamav/message.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted e-mail message.
CVE-2017-6420: The wwunpack function in libclamav/wwunpack.c in ClamAV 0.99.2 allows remote attackers to cause a denial of service (use-after-free) via a crafted PE file with WWPack compression.

Please fix them.

Created: 2017-08-07 Last update: 2017-08-11 01:20

Build log checks report 2 warnings

low

Build log checks report 2 warnings

Created: 2014-07-02 Last update: 2015-12-05 07:01

testing migrations

excuses:
- Migration status: BLOCKED: Maybe temporary, maybe blocked but Britney is missing information (check below or the buildds)
- 16 days old (needed 5 days)
- missing build on mips64el: clamav, clamav-base, clamav-daemon, clamav-docs, clamav-freshclam, clamav-milter, clamav-testfiles, clamdscan, libclamav-dev, libclamav7 (from 0.99.2+dfsg-6)
- Piuparts tested OK - https://piuparts.debian.org/sid/source/c/clamav.html
- Not considered

news

[rss feed]

[2017-08-08] Removed 0.99.3~snapshot20170704+dfsg-1 from experimental (Debian FTP Masters)
[2017-08-08] Removed 0.99.3~snapshot20170704+dfsg-1 from experimental (Debian FTP Masters)
[2017-08-06] Accepted clamav 0.99.3~beta1+dfsg-1 (source) into unstable (Sebastian Andrzej Siewior)
[2017-07-09] Accepted clamav 0.99.3~snapshot20170704+dfsg-1 (source) into experimental (Sebastian Andrzej Siewior)
[2017-02-07] clamav 0.99.2+dfsg-6 MIGRATED to testing (Debian testing watch)
[2017-02-04] Accepted clamav 0.99.2+dfsg-6 (source) into unstable (Sebastian Andrzej Siewior)
[2016-12-15] clamav 0.99.2+dfsg-5 MIGRATED to testing (Debian testing watch)
[2016-12-04] Accepted clamav 0.99.2+dfsg-5 (source) into unstable (Sebastian Andrzej Siewior)
[2016-10-12] clamav 0.99.2+dfsg-4 MIGRATED to testing (Debian testing watch)
[2016-10-06] Accepted clamav 0.99.2+dfsg-4 (source) into unstable (Sebastian Andrzej Siewior)
[2016-08-31] clamav 0.99.2+dfsg-3 MIGRATED to testing (Debian testing watch)
[2016-08-25] Accepted clamav 0.99.2+dfsg-3 (source) into unstable (Sebastian Andrzej Siewior)
[2016-07-13] Accepted clamav 0.99.2+dfsg-0+deb7u2 (source all amd64) into oldstable, oldstable (signed by: Donald Scott Kitterman)
[2016-07-07] Accepted clamav 0.99.2+dfsg-0+deb8u2 (source all) into proposed-updates->stable-new, proposed-updates (Sebastian Andrzej Siewior)
[2016-05-25] Accepted clamav 0.99.2+dfsg-0+deb8u1 (source all) into proposed-updates->stable-new, proposed-updates (Sebastian Andrzej Siewior)
[2016-05-25] clamav 0.99.2+dfsg-2 MIGRATED to testing (Debian testing watch)
[2016-05-19] Accepted clamav 0.99.2+dfsg-2 (source) into unstable (Sebastian Andrzej Siewior)
[2016-05-13] clamav 0.99.2+dfsg-1 MIGRATED to testing (Debian testing watch)
[2016-05-07] Accepted clamav 0.99.2+dfsg-1 (source) into unstable (Sebastian Andrzej Siewior)
[2016-03-17] clamav 0.99.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2016-03-11] Accepted clamav 0.99.1+dfsg-1 (source) into unstable (Sebastian Andrzej Siewior)
[2016-02-28] Accepted clamav 0.99+dfsg-0+deb6u1 (source all amd64) into squeeze-lts, squeeze-lts (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2016-02-27] clamav 0.99+dfsg-2 MIGRATED to testing (Debian testing watch)
[2016-02-23] Accepted clamav 0.99+dfsg-0+deb7u2 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Sebastian Andrzej Siewior)
[2016-02-23] Accepted clamav 0.99+dfsg-0+deb8u2 (source all) into proposed-updates->stable-new, proposed-updates (Sebastian Andrzej Siewior)
[2016-02-21] Accepted clamav 0.99+dfsg-2 (source) into unstable (Sebastian Andrzej Siewior)
[2016-02-18] Accepted clamav 0.99+dfsg-0+deb7u1 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Sebastian Andrzej Siewior) (signed by: Donald Scott Kitterman)
[2016-02-05] Accepted clamav 0.99+dfsg-0+deb8u1 (source all) into proposed-updates->stable-new, proposed-updates (Sebastian Andrzej Siewior)
[2015-12-10] clamav 0.99+dfsg-1 MIGRATED to testing (Debian testing watch)
[2015-12-04] Accepted clamav 0.99+dfsg-1 (source) into unstable (Sebastian Andrzej Siewior)

bugs [bug history graph]

all: 16
RC: 1
I&N: 7
M&W: 7
F&P: 1

links

homepage
lintian (0, 18)
buildd: logs, checks, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.99.2+dfsg-6ubuntu2
38 bugs (1 patch)
patches for 0.99.2+dfsg-6ubuntu2