Hi, Two days ago clamav upstream has released a new version (0.96.4) fixing a number of bugs including memory leaks and problems with corrupted PDF files (if bytecode support is disabled, this could possibly yield a DOS). We have prepared updated packages, which have already been uploaded to lenny-volatile. The question, however, is whether we should also upload to unstable or rather go for experimental. At this point it seems that uploading to unstable would only make sense if there is a chance of a freeze exception. To this end, we have prepared a debdiff  between the versions currently in squeeze and the new packages. Even though quite a bit of the changes is due to configure having been updated, a diffstat of 77 files changed, 4754 insertions(+), 2411 deletions(-) arguably isn't for the faint of heart. Please let us (email@example.com) know whether we should go for unstable (and request a freeze exception) or experimental, or follow some completely different route. Thanks a lot, Michael  http://people.debian.org/~mt/clamav-0.96.3_0.96.4.debdiff.gz PS: Please keep pkg-clamav-devel CC'ed. PPS: Resent as message+attachment hasn't made it to the lists since more than one day.
Description: PGP signature