Re: [Clamav-users] zlib check newest clamav 0.81.rc1

2005-01-24 Thread Michiel van Es 

Randal, Phil wrote:
Michiel van Es wrote:

Hi,
why is Clamav checking my zlib version and stopping the installer
(./configure) ? I mean...I use a patched zlib version straight from my
Distro..and am not using the newest bleeding edge zlib
version (which is being checked in the ./configure script?) I
would like to test the newest Clamav.0.81 rc1 but am not able
to test it 'cause of this fake failed dependency.
How can I disable this check and let Clamav use my patched
Zlib version ?
FYI:
OS: CentOS
zlib:zlib-1.2.1.2-1
Thanks for your help.

This is one of my long term gripes with RedHat (and its clones).  The
backporting of security fixes to older versions of software may be fine,
but it is a nightmare when you're trying to remember which version is
vulnerable or not.
In this case, the simplest thing to do is to search for zlib over at
rpmfind.net, grab zlib-1.2.2.2-1.src.rpm from the Fedora Core
Development Sources and rebuild it (rpm -ba zlib-1.2.2.2-a.src.rpm) and
install the binary.
Worked for me on Fedora Core 1.
Cheers,
Phil

But I do not want to use sources ..I do not want to check every package 
I install from source when a security exploit comes out and I have to 
recompile everything again.
That's why I rather choose for the rpm's from distro (easy update scheme).
Is there no way I can hold/use my own zlib version and just compile clamav?
And why is it adressed now with this specific version and not the 0.80 ?

Michiel
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Re: [Clamav-users] zlib check newest clamav 0.81.rc1

2005-01-24 Thread Trog 
On Mon, 2005-01-24 at 10:29 +0100, Michiel van Es wrote:
 Hi,
 why is Clamav checking my zlib version and stopping the installer 
 (./configure) ?
 I mean...I use a patched zlib version straight from my Distro..and am 
 not using the newest bleeding edge zlib version (which is being checked 
 in the ./configure script?)
 I would like to test the newest Clamav.0.81 rc1 but am not able to test 
 it 'cause of this fake failed dependency.
 How can I disable this check and let Clamav use my patched Zlib version ?
 

There's a configure option for it, read the help message.

-trog



signature.asc
Description: This is a digitally signed message part
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Re: [Clamav-users] zlib check newest clamav 0.81.rc1

2005-01-24 Thread Kritof Petr 
Michiel van Es wrote:
[..]
But I do not want to use sources ..I do not want to check every 
package I install from source when a security exploit comes out and I 
have to recompile everything again.
That's why I rather choose for the rpm's from distro (easy update 
scheme).
Is there no way I can hold/use my own zlib version and just compile 
clamav?

Michiel,
I doubt you will compile clamav-0.81rc1 on your system easy, cause
RH-7.x clones come with old auto{make,conf} programs.
You must upgrade devel tools to compile clamav and modify sources
to compile with vendor patched zlib.
Petr
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users