LibClamAV Warning: ********************************************************
LibClamAV Warning: *** This version of the ClamAV engine is outdated. ***
LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/faq.html ***
LibClamAV Warning: ********************************************************
The current version in stable claims that it is a security risk.
IMO this should be viewed as a security bug and fixed as such, however,
just before I fired off a bug report to that effect I looked at the URL
above (I had already checked the Debian package and bug pages) and found
the reference to the volatile project.
Now this is a problem; I still see a bug here but I'm now not sure
who's bug it is. In reality it's probably not a clamav bug because the
'volatile' package fixes it. It probably should be a bug in the policy
for security-fix packages but it would appear that that it's a large
political problem that it being addressed by the people behind the
'volatile' project.
In the mean time I still had to go away from Debian to find that Debian
could actually fix the bug with clamav/stable so IMHO there should be
a very obvious reference that debian-security is not supporting this
package and that you need to go to debian-volatile to get security fixes.
So can I suggest that you leave this bug open (perhaps with a can't fix
or won't fix flag) so that it can prevent somebody going off and buying
f-prot because Debian can't do the job :-)
OTOH: If you know where to put a bug against the debian website that
might be a good place to assign this ...
--
Rob. (Robert de Bath <robert$ @ debath.co.uk>)
<http://www.debath.co.uk/>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
