Resolved Bugs
1183632 – CVE-2013-6892 websvn: arbitrary file access when downloads enabled for users with commit access
1183633 – CVE-2013-6892 websvn: arbitrary file access when downloads enabled for users with commit access [fedora-all]<br
Security fix for CVE-2013-6892

Resolved Bugs
1183632 – CVE-2013-6892 websvn: arbitrary file access when downloads enabled for users with commit access
1183633 – CVE-2013-6892 websvn: arbitrary file access when downloads enabled for users with commit access [fedora-all]<br
Security fix for CVE-2013-6892

Resolved Bugs
1187050 – CVE-2014-9328 clamav: heap out of bounds condition with crafted upack packer files
1187051 – CVE-2014-9328 clamav: heap out of bounds condition with crafted upack packer files [fedora-all]
1186634 – new version avaliable upstream<br
ClamAV 0.98.6
=============
ClamAV 0.98.6 is a bug fix release correcting the following:
* library shared object revisions.
* installation issues on some Mac OS X and FreeBSD platforms.
* includes a patch from Sebastian Andrzej Siewior making ClamAV pid files compatible with systemd.
* Fix a heap out of bounds condition with crafted Yoda’s crypter files. This issue was discovered by Felix Groebert of the Google Security Team.
* Fix a heap out of bounds condition with crafted mew packer files. This issue was discovered by Felix Groebert of the Google Security Team.
* Fix a heap out of bounds condition with crafted upx packer files. This issue was discovered by Kevin Szkudlapski of Quarkslab.
* Fix a heap out of bounds condition with crafted upack packer files. This issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328.
* Compensate a crash due to incorrect compiler optimization when handling crafted petite packer files. This issue was discovered by Sebastian Andrzej Siewior.

Resolved Bugs
1187050 – CVE-2014-9328 clamav: heap out of bounds condition with crafted upack packer files
1187051 – CVE-2014-9328 clamav: heap out of bounds condition with crafted upack packer files [fedora-all]
1186634 – new version avaliable upstream<br
ClamAV 0.98.6
=============
ClamAV 0.98.6 is a bug fix release correcting the following:
* library shared object revisions.
* installation issues on some Mac OS X and FreeBSD platforms.
* includes a patch from Sebastian Andrzej Siewior making ClamAV pid files compatible with systemd.
* Fix a heap out of bounds condition with crafted Yoda’s crypter files. This issue was discovered by Felix Groebert of the Google Security Team.
* Fix a heap out of bounds condition with crafted mew packer files. This issue was discovered by Felix Groebert of the Google Security Team.
* Fix a heap out of bounds condition with crafted upx packer files. This issue was discovered by Kevin Szkudlapski of Quarkslab.
* Fix a heap out of bounds condition with crafted upack packer files. This issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328.
* Compensate a crash due to incorrect compiler optimization when handling crafted petite packer files. This issue was discovered by Sebastian Andrzej Siewior.

Resolved Bugs
1183632 – CVE-2013-6892 websvn: arbitrary file access when downloads enabled for users with commit access
1183635 – CVE-2013-6892 websvn: arbitrary file access when downloads enabled for users with commit access [epel-all]<br
Security fix for CVE-2013-6892

Resolved Bugs
1187050 – CVE-2014-9328 clamav: heap out of bounds condition with crafted upack packer files
1187052 – CVE-2014-9328 clamav: heap out of bounds condition with crafted upack packer files [epel-all]
1186634 – new version avaliable upstream<br
ClamAV 0.98.6
=============
ClamAV 0.98.6 is a bug fix release correcting the following:
* library shared object revisions.
* installation issues on some Mac OS X and FreeBSD platforms.
* includes a patch from Sebastian Andrzej Siewior making ClamAV pid files compatible with systemd.
* Fix a heap out of bounds condition with crafted Yoda’s crypter files. This issue was discovered by Felix Groebert of the Google Security Team.
* Fix a heap out of bounds condition with crafted mew packer files. This issue was discovered by Felix Groebert of the Google Security Team.
* Fix a heap out of bounds condition with crafted upx packer files. This issue was discovered by Kevin Szkudlapski of Quarkslab.
* Fix a heap out of bounds condition with crafted upack packer files. This issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328.
* Compensate a crash due to incorrect compiler optimization when handling crafted petite packer files. This issue was discovered by Sebastian Andrzej Siewior.

Resolved Bugs
1187050 – CVE-2014-9328 clamav: heap out of bounds condition with crafted upack packer files
1187052 – CVE-2014-9328 clamav: heap out of bounds condition with crafted upack packer files [epel-all]
1186634 – new version avaliable upstream<br
ClamAV 0.98.6
=============
ClamAV 0.98.6 is a bug fix release correcting the following:
* library shared object revisions.
* installation issues on some Mac OS X and FreeBSD platforms.
* includes a patch from Sebastian Andrzej Siewior making ClamAV pid files compatible with systemd.
* Fix a heap out of bounds condition with crafted Yoda’s crypter files. This issue was discovered by Felix Groebert of the Google Security Team.
* Fix a heap out of bounds condition with crafted mew packer files. This issue was discovered by Felix Groebert of the Google Security Team.
* Fix a heap out of bounds condition with crafted upx packer files. This issue was discovered by Kevin Szkudlapski of Quarkslab.
* Fix a heap out of bounds condition with crafted upack packer files. This issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328.
* Compensate a crash due to incorrect compiler optimization when handling crafted petite packer files. This issue was discovered by Sebastian Andrzej Siewior.

Resolved Bugs
1187050 – CVE-2014-9328 clamav: heap out of bounds condition with crafted upack packer files
1187052 – CVE-2014-9328 clamav: heap out of bounds condition with crafted upack packer files [epel-all]
1186634 – new version avaliable upstream<br
ClamAV 0.98.6
=============
ClamAV 0.98.6 is a bug fix release correcting the following:
* library shared object revisions.
* installation issues on some Mac OS X and FreeBSD platforms.
* includes a patch from Sebastian Andrzej Siewior making ClamAV pid files compatible with systemd.
* Fix a heap out of bounds condition with crafted Yoda’s crypter files. This issue was discovered by Felix Groebert of the Google Security Team.
* Fix a heap out of bounds condition with crafted mew packer files. This issue was discovered by Felix Groebert of the Google Security Team.
* Fix a heap out of bounds condition with crafted upx packer files. This issue was discovered by Kevin Szkudlapski of Quarkslab.
* Fix a heap out of bounds condition with crafted upack packer files. This issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328.
* Compensate a crash due to incorrect compiler optimization when handling crafted petite packer files. This issue was discovered by Sebastian Andrzej Siewior.

Resolved Bugs
1183632 – CVE-2013-6892 websvn: arbitrary file access when downloads enabled for users with commit access
1183635 – CVE-2013-6892 websvn: arbitrary file access when downloads enabled for users with commit access [epel-all]<br
Security fix for CVE-2013-6892

Mcrypt:
* Fixed possible read after end of buffer and use after free.