Several denial-of-service vulnerabilities have been discovered in
the ClamAV anti-virus toolkit:
Insufficient checking for out-of-memory conditions results in null
pointer dereferences (CVE-2008-3912).
Incorrect error handling logic leads to memory leaks (CVE-2008-3913)
and file descriptor leaks (CVE-2008-3914).
For the stable distribution (etch), these problems have been fixed in
version 0.90.1dfsg-4etch15.
For the unstable distribution (sid) and the testing distribution
(lenny), these problems have been fixed in version 0.94.dfsg-1.
We recommend that you upgrade your clamav package.