[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 1435-1] New clamav packages fix several vulnerabilities


> ----- Original Message ----
> From: Aneurin Price <aneurin.price@gmail.com>
> To: Forrest Houston <fhouston@east.isi.edu>
> Cc: debian-volatile@lists.debian.org; debian-security <debian-security@lists.debian.org>
> Sent: Friday, December 21, 2007 9:55:05 AM
> Subject: Re: [SECURITY] [DSA 1435-1] New clamav packages fix several vulnerabilities

> On 12/20/07, Forrest Houston <fhouston@east.isi.edu> wrote:
> > On Thu, 20 Dec 2007, Stephen Gran wrote:
> > Whenever I run freshclam I get an error about being on version 0.91.2
> > 0.92 is what I should be running.  When I follow the recommended link
> > there doesn't seem to be a new package available.  I thought I had
> > through this process once before by adding this to /etc/apt/sources
> >
> > deb http://volatile.debian.org/debian-volatile etch/volatile main
> > non-free
> >
> > However when I do an "apt-get update" (during which volatile is
> > and then "apt-get upgrade" or "apt-get install clamav" I get a
> > that I'm running the latest version.  What am I missing?
> >
> I have the same thing (except I'm running sarge). Looking at the
> volatile repository, it appears that the updated version of clamav is
> in (sarge|etch)-proposed-updates.
> Presumably this means that the main volatile distributions will be
> updated soon, or have I misunderstood the situation?

The same happened when they updated tzdata, and it took around 24 hours to move from "proposed-updates" to main volatile.

I think it should be about the same here.


Ildefonso Camargo

Looking for last minute shopping deals?  
Find them fast with Yahoo! Search.  http://tools.search.yahoo.com/newsearch/category.php?category=shopping

Reply to: