Comment 11 for bug 625849

This bug was fixed in the package clamav - 0.96.1+dfsg-3ubuntu5.1

---------------
clamav (0.96.1+dfsg-3ubuntu5.1) maverick; urgency=low

  * SECURITY UPDATE: fix integer overflow in BZ2_decompress()
    - libclamav/nsis/bzlib.c: return error if N is larger than 2*1024^2 which
      keeps us from overflowing but leaves enough room for the 900k maximum
      value of the RUNA/RUNB encoding
    - patch based on upstream bzip2
    - LP: #625849
    - CVE-2010-0405
 -- Jamie Strandboge <email address hidden> Mon, 13 Sep 2010 14:44:01 -0500