[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: clamav triage (updated via -updates)


On Sat, Aug 10, 2019 at 10:03:38AM +0200, Hugo Lefeuvre wrote:
> I am taking a look at clamav's zip bomb issue[0] in jessie. This issue is
> no-dsa in buster/stretch: "ClamAV is updated via -updates".
> What is this -updates mechanism? I might have missed something, does clamav
> have an auto-update mechanism?

that's stable-updates, not security updates. stable-updates is
maintained by the stable release managers as well, but unlike point
releases those updates are issued at any time and usually used for very
few packages only, eg. tzdata is another regular candidate for them.


       PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C

Attachment: signature.asc
Description: PGP signature

Reply to: