[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

New clamav upstream version: Should it go into squeeze?


Two days ago clamav upstream has released a new version (0.96.4) fixing a
number of bugs including memory leaks and problems with corrupted PDF files (if
bytecode support is disabled, this could possibly yield a DOS).

We have prepared updated packages, which have already been uploaded to
lenny-volatile. The question, however, is whether we should also upload to
unstable or rather go for experimental. At this point it seems that uploading to
unstable would only make sense if there is a chance of a freeze exception. To
this end, we have prepared a debdiff [1] between the versions currently in
squeeze and the new packages. Even though quite a bit of the changes is due to
configure having been updated, a diffstat of 
 77 files changed, 4754 insertions(+), 2411 deletions(-)
arguably isn't for the faint of heart. Please let us (pkg-clamav-devel@l.a.d.o)
know whether we should go for unstable (and request a freeze exception) or
experimental, or follow some completely different route.

Thanks a lot,

[1] http://people.debian.org/~mt/clamav-0.96.3_0.96.4.debdiff.gz

PS: Please keep pkg-clamav-devel CC'ed.
PPS: Resent as message+attachment hasn't made it to the lists since more than one

Attachment: pgpmXXlKLeqpm.pgp
Description: PGP signature

Reply to: