LibClamAV Warning: ******************************************************** LibClamAV Warning: *** This version of the ClamAV engine is outdated. *** LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/faq.html *** LibClamAV Warning: ********************************************************
The current version in stable claims that it is a security risk. IMO this should be viewed as a security bug and fixed as such, however, just before I fired off a bug report to that effect I looked at the URL above (I had already checked the Debian package and bug pages) and found the reference to the volatile project. Now this is a problem; I still see a bug here but I'm now not sure who's bug it is. In reality it's probably not a clamav bug because the 'volatile' package fixes it. It probably should be a bug in the policy for security-fix packages but it would appear that that it's a large political problem that it being addressed by the people behind the 'volatile' project. In the mean time I still had to go away from Debian to find that Debian could actually fix the bug with clamav/stable so IMHO there should be a very obvious reference that debian-security is not supporting this package and that you need to go to debian-volatile to get security fixes. So can I suggest that you leave this bug open (perhaps with a can't fix or won't fix flag) so that it can prevent somebody going off and buying f-prot because Debian can't do the job :-) OTOH: If you know where to put a bug against the debian website that might be a good place to assign this ... -- Rob. (Robert de Bath <robert$ @ debath.co.uk>) <http://www.debath.co.uk/> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]