This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected Fedora versions. For comments that are specific to the vulnerability please use bugs filed against "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please include this bug ID and the bug IDs of this bug's parent bugs filed against the "Security Response" product (the top-level CVE bugs). Please mention the CVE IDs being fixed in the RPM changelog when available. Bodhi update submission link: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=806092 Please note: this issue affects multiple supported versions of Fedora EPEL. Only one tracking bug has been filed; please ensure that it is only closed when all affected versions are fixed. [bug automatically created by: add-tracking-bugs]
Adding parent bug CVE-2012-1443 New bodhi update url: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=806092,806097
Adding parent bug CVE-2012-1457 New bodhi update url: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=806092,806097,806094
Adding parent bug CVE-2012-1458 New bodhi update url: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=806092,806097,806094,806100
Adding parent bug CVE-2012-1459 New bodhi update url: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=806092,806097,806094,806100,806101
Steven, looks like upstream ClamAV-0.97.5 version has been released recently: http://lurker.clamav.net/message/20120613.184156.a6c0b933.en.html correcting the CVE-2012-1457, CVE-2012-1458, CVE-2012-1459. Could you schedule clamav package updates for Fedora and Fedora EPEL versions, to correct these issues? Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
These were corrected in clamav-0.97.5.