> Date: Friday, January 26, 2018 09:54:24 -0500 > From: Jonathan Billings <billings at negate.org> > > On Fri, Jan 26, 2018 at 03:33:24PM +0100, Walter H. wrote: >> On 26.01.2018 15:09, Johnny Hughes wrote: >> > On 01/26/2018 05:55 AM, Walter H. wrote: >> > > Hello, >> > > >> > > are there updates for this CVE with ClamAV f. CentOS 6 in >> > > progress? >> > > >> > The CentOS Project does not release ClamAV. What repo are you >> > getting it from? I see that it does exist in EPEL. >> > >> from EPEL repo > > This is where you file bugs: > > https://apps.fedoraproject.org/packages/clamav/bugs/all > > CentOS doesn't maintain clamav. The ClamAV people just announced the release of production 0.99.3. It addresses CVE-2017- 12374-12380. See <http://blog.clamav.net/> for their details, and as indicated, the epel people for timing of their packaging and release of this.