[...] > Obviously, not having new signatures and just keep running along is > not good, though notifying the admin would be nice in that case - > killing all mail traffic on a mailserver because amavis can't start > clam, or not even queueing mail in case of using it as an smtp > pipeline, is not terribly nice as well. >
The Debian security advisory has been sent out about half a year ago. DSAs should hopefully reach a majority of our users - there is simply no one true way to notify the admin! > I had lenny boxes running without volatile indeed - do new installs > automatically have volatile as sources? I suspect most people don't > - especially not the ones upgrading from previous debian releases. > No, volatile is not enabled by default. In future Debian releases, however, we are likely to distribute clamav *only* via volatile. Best, Michael
pgp5Zi016GxIN.pgp
Description: PGP signature
