Package: clamav Version: 0.90.1dfsg-3.1+etch14 Severity: grave Suggests: unrar (>= 3.0-1) which is non-free. I have non-free unrar installed anyway, but it appears that it is not being used.
Bug #484642 had this as normal. Bug #484670 has this as grave. Though not security issue for system itself it makes the package useless and thus is a security issue for systems that would otherwise be protected. With "ArchiveBlockEncrypted true" in my clamd.conf I expected a non zero status for files than can not be decoded. This is not the case. > bash-3.1# clamdscan *.rar; echo $? > /etc/clamav/license.txt.rar: OK > > ----------- SCAN SUMMARY ----------- > Infected files: 0 > Time: 0.002 sec (0 m 0 s) > 0 > bash-3.1# clamscan *.rar; echo $? > LibClamAV Warning: RAR code not compiled-in > license.txt.rar: OK > > ----------- SCAN SUMMARY ----------- > Known viruses: 458539 > Engine version: 0.94 > Scanned directories: 0 > Scanned files: 1 > Infected files: 0 > Data scanned: 0.00 MB > Time: 3.235 sec (0 m 3 s) > 0 -- ZIP ... improving virus operational efficiency by reducing the number of steps needed to process data. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
