Re: Updating clamav for stable

["Adam D. Barratt" <adam@adam-barratt.org.uk>]

On Tue, 5 Jul 2011 15:40:35 +0200, Camaleón wrote:
> On Sat, 02 Jul 2011 16:25:58 +0100, Adam D. Barratt wrote:
>
> > On Fri, 2011-06-24 at 20:00 +0100, Michael Tautschnig wrote:
> > > ClamAV 0.97.1 is now out for some time and meanwhile both unstable
> > > and testing have seen this new version. We'd also like to update 
> > > the
> > > version in squeeze as, among other fixes, it includes one security
> > > fix for lzma handling (no CVE id). As far as can be told from the
> > > debdiff and from what we know from upstream this version, which 
> > > we'd
> > > name 0.97.1+dfsg-1~squeeze1, should not break any reverse 
> > > dependencies
> > > as the client interface has not changed.
> >
> > Thanks for the information; please feel free to go ahead with the
> > upload
>
> (...)
>
> I hope this is the right place to ask this.

Well, the package maintainers are mostly the right people to ask, so 
not dropping them from the CC would have been helpful... re-added.

> Can we (we = olstable users) expect an update under "volatile" or
> "proposed-updates" given the new ClamAV version closes a security 
> fix?

Clamav maintainers - had you considered a lenny-volatile upload in this 
case?

Regards,

Adam