[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] clamav: Out of bounds read and segfault in xar parser
From: Hanno =?UTF-8?B?QsO2Y2s=?= <hanno () hboeck ! de>
Date: 2018-02-15 20:50:44
Message-ID: 20180215215044.2353a372 () pc1
[Download RAW message or body]
On Tue, 03 Oct 2017 11:34:09 -0400
Joel Esler <joel.esler@me.com> wrote:
> > However, checking just now on Github I do not get the impression at
> > all that development has stalled. Judging purely by number of
> > commits, every month there are consistently a very healthy number.
> > But what has stalled is stable releases; the last one being 0.99.2
> > on 22nd April 2016, so something is not quite right. But I've seen
> > many open source/free software projects stalled over the years and
> > definitely Clamav does not, IMO, fit that description (at least not
> > yet).
>
>
>
> It's not dead. At all. 99.2 as a stable release was released in
> 2016, yes. We have been working on 99.3 since, and are planning 99.4
> and 99.5 now. 99.3 has been in beta for a couple months now, and the
> fix for this issue has been in git since the date mentioned earlier
> in the thread. It's also obviously in 99.3.
Except...
0.99.3 is out now and the fix is not included.
--
Hanno Böck
https://hboeck.de/
mail/jabber: hanno@hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic