Hi, A few hours ago clamav upstream has released a new version (0.96.4) fixing a number of bugs including memory leaks and problems with corrupted PDF files (if bytecode support is disabled, this could possibly yield a DOS). We have prepared updated packages, which are just being uploaded to lenny-volatile. The question, however, is whether we should also upload to unstable or rather go for experimental. At this point it seems that uploading to unstable would only make sense if there is a chance of a freeze exception. To this end, please find attached a debdiff between the versions currently in squeeze and the new packages. Even though quite a bit of the changes is due to configure having been updated, a diffstat of 77 files changed, 4754 insertions(+), 2411 deletions(-) arguably isn't for the faint of heart. Please let us (pkg-clamav-devel@l.a.d.o) know whether we should go for unstable (and request a freeze exception) or experimental, or follow some completely different route. Thanks a lot, Michael PS.: Please keep pkg-clamav-devel CC'ed.
Attachment:
clamav-0.96.3_0.96.4.debdiff.gz
Description: application/gunzip
Attachment:
pgpdyQLnfh5UE.pgp
Description: PGP signature