In Debian we back port security fixes the same way, but libraries with different SO names are co-installable, so there's generally ways to deal with these things. Clamav itself is an exception since not keeping up in functionality means you lose the arms race.
Scott K On March 3, 2017 7:04:03 PM EST, Chris Conn <cc...@abacom.com> wrote: >Hello, > >Insist :) Well, its considered bad practice to upgrade packages >independently on a RH-based system where dependancies break. Security >fixes are back-ported to older versions to preserve versioning an >compatibility. Thats a Redhat feature I agree, and RHEL5 will be EOL >in >28 days, so perhaps that point will be moot on April 1 2017. > >So insisting on upgrading libraries on a .rpm system in a scenario >where >the distro is not EOL'ed is probably not what the general userbase of >those distros will be able/willing to perform. This particular case >has less weight since the distro is about to go out of support from the > >vendor, however that doesn't mean there won't be anyone still using it. > >I guess once its out of support its not all that hard to start breaking > >package dependancies since there will be no upgrades (although, there >is >an additional "extended life phase" that RHEL5 systems can obtain, so >the April 1st date is not necessarily accurate). > >Your favorite distro probably handles this versioning better than RH >does. > >Chris > >On 3/3/2017 6:53 PM, Scott Kitterman wrote: >> As far as I can tell, pcre 7 came out before 2008. I think a decade >is enough >> time to insist people upgrade. >> >> Scott K >> >> On Friday, March 03, 2017 11:21:30 PM Joel Esler wrote: >>> If we required pcre 7, it would allow us to publish this kind of sig >in the >>> future of 99.3 and high versions by requiring a certain "flevel". >>> >>> -- >>> Sent from my iPhone >>> >>>> On Mar 3, 2017, at 18:18, Chris Conn <cc...@abacom.com> wrote: >>>> >>>> Hello, >>>> >>>> Looks like my off-list email went on the list LOL. So much for not >making >>>> noise. Woops. >>>> >>>> If the 0.99.3 or whatever later version where this would be >implemented >>>> requires PCRE 7, would that break database updates for versions >that have >>>> not upgraded if this pcre format is re-used in the future, or would >it >>>> simply disable pcre support in previous version of clamd that have >not >>>> been upgraded? >>>> >>>> Thanks, >>>> >>>> Chris >>>> >>>>> On 3/3/2017 6:13 PM, Joel Esler (jesler) wrote: >>>>> A new daily with the Sig dropped. >>>>> >>>>> Probably what we will do to prevent this from happening again, is >to have >>>>> 0.99.3 (the upcoming version) require pcre 7. >>>>> >>>>> How does that sound? >>>>> >>>>> -- >>>>> Sent from my iPhone >>>>> >>>>>> On Mar 3, 2017, at 18:08, Chris Conn <cc...@abacom.com> wrote: >>>>>> >>>>>> Hello, >>>>>> >>>>>> I hope you don't mind my contact off-list, I don't want to make >noise on >>>>>> it for all. Apologies. >>>>>> >>>>>> This new build, are we talking about a daily.cvd (23162?) or a >new build >>>>>> of clam/pcre? >>>>>> >>>>>> Thanks again in advance for your help, >>>>>> >>>>>> Chris >>>>>> >>>>>>> On 3/3/2017 4:00 PM, Alain Zidouemba wrote: >>>>>>> We are coming to the same conclusions. >>>>>>> >>>>>>> The issue seem to isolated to using pcre libraries older than >7.0. I >>>>>>> does >>>>>>> not affect users of newer versions of pcre or users of pcre2. >>>>>>> >>>>>>> A new build with the fix is in progress now. >>>>>>> >>>>>>> Apologies for the impact this has caused. >>>>>>> >>>>>>> Alain >>>>>>> >>>>>>> On Fri, Mar 3, 2017 at 2:34 PM, Steve Basford < >>>>>>> >>>>>>> steveb_cla...@sanesecurity.com> wrote: >>>>>>>>> On Fri, March 3, 2017 7:20 pm, Alain Zidouemba wrote: >>>>>>>>> We're pulling the signature causing the issue now, while we >>>>>>>>> investigate >>>>>>>>> the cause. >>>>>>>>> >>>>>>>>> - Alain >>>>>>>> Hi Alain, >>>>>>>> >>>>>>>> I think the fix is... Replace ? with ?P when the PCRE library >is old >>>>>>>> >>>>>>>> ie. ?< to ?P< >>>>>>>> >>>>>>>> On... >>>>>>>> >>>>>>>> Doc.Macro.GenericHeuristic-5901772-0 >>>>>>>> Doc.Macro.GenericHeuristic-5931846-1 >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Cheers, >>>>>>>> >>>>>>>> Steve >>>>>>>> Twitter: @sanesecurity >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> clamav-users mailing list >>>>>>>> clamav-users@lists.clamav.net >>>>>>>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >>>>>>>> >>>>>>>> >>>>>>>> Help us build a comprehensive ClamAV guide: >>>>>>>> https://github.com/vrtadmin/clamav-faq >>>>>>>> >>>>>>>> http://www.clamav.net/contact.html#ml >>>>>>> _______________________________________________ >>>>>>> clamav-users mailing list >>>>>>> clamav-users@lists.clamav.net >>>>>>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >>>>>>> >>>>>>> >>>>>>> Help us build a comprehensive ClamAV guide: >>>>>>> https://github.com/vrtadmin/clamav-faq >>>>>>> >>>>>>> http://www.clamav.net/contact.html#ml >>>>>> _______________________________________________ >>>>>> clamav-users mailing list >>>>>> clamav-users@lists.clamav.net >>>>>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >>>>>> >>>>>> >>>>>> Help us build a comprehensive ClamAV guide: >>>>>> https://github.com/vrtadmin/clamav-faq >>>>>> >>>>>> http://www.clamav.net/contact.html#ml >>>>> _______________________________________________ >>>>> clamav-users mailing list >>>>> clamav-users@lists.clamav.net >>>>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >>>>> >>>>> >>>>> Help us build a comprehensive ClamAV guide: >>>>> https://github.com/vrtadmin/clamav-faq >>>>> >>>>> http://www.clamav.net/contact.html#ml >>>> _______________________________________________ >>>> clamav-users mailing list >>>> clamav-users@lists.clamav.net >>>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >>>> >>>> >>>> Help us build a comprehensive ClamAV guide: >>>> https://github.com/vrtadmin/clamav-faq >>>> >>>> http://www.clamav.net/contact.html#ml >>> _______________________________________________ >>> clamav-users mailing list >>> clamav-users@lists.clamav.net >>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >>> >>> >>> Help us build a comprehensive ClamAV guide: >>> https://github.com/vrtadmin/clamav-faq >>> >>> http://www.clamav.net/contact.html#ml >> _______________________________________________ >> clamav-users mailing list >> clamav-users@lists.clamav.net >> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >> >> >> Help us build a comprehensive ClamAV guide: >> https://github.com/vrtadmin/clamav-faq >> >> http://www.clamav.net/contact.html#ml > >_______________________________________________ >clamav-users mailing list >clamav-users@lists.clamav.net >http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > >Help us build a comprehensive ClamAV guide: >https://github.com/vrtadmin/clamav-faq > >http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml