Re: [Pkg-clamav-devel] clamav update in squeeze?

To: Raphael Hertzog <hertzog@debian.org>
Cc: pkg-clamav-devel@lists.alioth.debian.org, debian-lts@lists.debian.org
Subject: Re: [Pkg-clamav-devel] clamav update in squeeze?
From: Scott Kitterman <debian@kitterman.com>
Date: Wed, 18 Feb 2015 07:51:06 -0500
Message-id: <[🔎] 1522539.Fj72fPvuGz@kitterma-e6430>
In-reply-to: <[🔎] 20150218123232.GA25795@breakpoint.cc>
References: <[🔎] 20150218095433.GA9273@home.ouaza.com> <[🔎] 20150218123232.GA25795@breakpoint.cc>

On Wednesday, February 18, 2015 01:32:32 PM Sebastian Andrzej Siewior wrote:
> On Wed, Feb 18, 2015 at 10:54:33AM +0100, Raphael Hertzog wrote:
> > Hello dear maintainer(s),
> 
> Hi,
> 
> > Would you like to take care of this yourself?
> 
> Speaking for myself, I think I have enough todo.
> 
> > If that workflow is a burden to you, feel free to just prepare an
> > updated source package and send it to debian-lts@lists.debian.org
> > (via a debdiff, or with an URL pointing to the the source package,
> > or even with a pointer to your packaging repository), and the members
> > of the LTS team will take care of the rest. Indicate clearly whether you
> > have tested the updated package or not.
> 
> What we do for Wheezy is to take the upstream and package it together what
> we have in unstable. Doing this looks less work than keeping track of
> everything. That said you could take Wheezy branch und use the "old" init
> scripts what you have in Squeeze. The problem with the newer init scripts
> is that pkill and friends don't work properly (or at all).
> Maybe you can team up with Ubuntu. Their LTS (lucid and precise) should be
> about the same age as Squeeze and they have 0.98.6 packaged.
> Scott has probably more details on this.
> 
> > If you don't want to take care of this update, it's not a problem, we
> > will do our best with your package. Just let us know whether you would
> > like to review and/or test the updated package before it gets released.
> 
> This is my feedback. You may want to wait for Scott & Andreas.

This is correct.  Although I haven't tested it, the version of the package for 
Ubuntu 12.04 ought to be source compatible with Squeeze.  You can dget the 
package from here:

https://launchpad.net/ubuntu/+archive/primary/+files/clamav_0.98.6%2Bdfsg-0ubuntu0.12.04.1.dsc

It should be signed by a member of the Ubuntu Security Team (they did the 
upload).  The changes between what's in Jessie or Wheezy S-P-U should be 
reasonably reviewable.

A version update would be generally preferable since with clamav there is 
increased security risk due to lack of capability.

Scott K

Please keep pkg-clamav-devel in CC

Reply to:

References:
- clamav update in squeeze?
  - From: Raphael Hertzog <hertzog@debian.org>
- Re: [Pkg-clamav-devel] clamav update in squeeze?
  - From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

Prev by Date: Re: [Pkg-clamav-devel] clamav update in squeeze?
Next by Date: squeeze update of axis?
Previous by thread: Re: [Pkg-clamav-devel] clamav update in squeeze?
Next by thread: squeeze update of axis?
Index(es):
- Date
- Thread