On 17/04/2010 11:05, Stefan Hornburg (Racke) wrote:
[...]
This ain't as easy: Upstream can at any time (and this is what they
did this
time as well) choose to release "broken" signature files that can't
be parsed by
clamav-daemon. What sysadmins could do, of course, is simply disabling
freshclam.
At any rate, if the maintainer wants to act upon this the choice
should be
given to the end user whether the "detonator" is active or not.
I would rather choose to get bombed out than getting no more updates.
In the current case, only people with really outdated installations were
affected (all sarge or etch/lenny not using volatile).
I assumed there was a killswitch embedded in the code, because of the
following text from ClamAV:
"Starting from 15 April 2010 our CVD will contain a special signature
which disables all clamd installations older than 0.95 – that is to say
older than 1 year."
-- http://www.clamav.net/lang/en/2009/10/05/eol-clamav-094/
When indeed checking the clamav logs it seems they see an invalid
signature - I'm not sure how to tackle that myself, and I have not
checked if there is any special code to really kill it.
Obviously, not having new signatures and just keep running along is not
good, though notifying the admin would be nice in that case - killing
all mail traffic on a mailserver because amavis can't start clam, or not
even queueing mail in case of using it as an smtp pipeline, is not
terribly nice as well.
I had lenny boxes running without volatile indeed - do new installs
automatically have volatile as sources? I suspect most people don't -
especially not the ones upgrading from previous debian releases.
Tom
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
