This one time, at band camp, Rainer Zocholl said: > Hello > > it happend that i can't update clamav on a box. > > That was caused by the line > > # cat apt.conf > Apt::Default-Release "stable"; > > > > aptitude remove clamav clamv-base ...., > aptitude clean > aptitude install > > shows: > > Get:1 http://security.debian.org stable/updates/main libclamav1 > 0.84-2.sarge.2 > [252kB] > Get:2 http://security.debian.org stable/updates/main clamav-base > 0.84-2.sarge.2 > [154kB] > Get:3 http://security.debian.org stable/updates/main clamav-freshclam > 0.84-2.sarge.2 [2171kB] > > Why is such an old and broken version still on *security* ? > > Current version is 0.87(!) and all version below 0.86 are remote exploidable.
Debian backports security fixes, rather than upgrading to new versions with new bugs. All of the remote bugs have been fixed (except a few that are only just fixed in 0.87) in 0.84-2sarge.2. If you want to use a newer version of the software, please have a look at http://volatile.debian.net Thanks, -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
signature.asc
Description: Digital signature
