According to the PTS, the new version of clamav (which fixes CVE-2010-4260 and CVE-2010-4261) was uploaded to lenny-volatile on the 3rd Dec. However, it doesn't seem to be available on the mirrors yet (or, more accurately, the Packages file hasn't been updated to this version - the packages themselves are available where they've been built).
I guess this is due to the missing builds on arm and hppa: https://buildd.debian.org/status/package.php?p=clamav&suite=lenny-volatile Does something need prodding to make these packages available? -- Chris Butler <[email protected]> GnuPG Key ID: 4096R/49E3ACD3 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
