This one time, at band camp, Aneurin Price said: > Hi all, I hope this question is appropriate for this list. Feel free > to chide me appropriately if not :P. > > I'm running sarge with clamav from debian-volatile, and debsecan > reports some vulnerabilities with it. I'm fairly sure that the version > I have installed (0.91.2-0volatile1) is in fact okay, and that the > problem is simply that debsecan doesn't understand volatile - based on > the vulnerability descriptions which seem to be telling me that the > vulnerabilities are fixed in the version I'm using. > > I would however be grateful if anybody could confirm this to be the > case - or point out if I'm wrong. The version of clamav in volatile does not contain any known vulnerabilities. I assume debsecan is at fault here. -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : sgran@debian.org | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
Attachment:
signature.asc
Description: Digital signature