debsecan vs. debian-volatile
Hi all, I hope this question is appropriate for this list. Feel free
to chide me appropriately if not :P.
I'm running sarge with clamav from debian-volatile, and debsecan
reports some vulnerabilities with it. I'm fairly sure that the version
I have installed (0.91.2-0volatile1) is in fact okay, and that the
problem is simply that debsecan doesn't understand volatile - based on
the vulnerability descriptions which seem to be telling me that the
vulnerabilities are fixed in the version I'm using.
I would however be grateful if anybody could confirm this to be the
case - or point out if I'm wrong.
Thanks for your time,