This one time, at band camp, Martin S said: > Jan Luehr skrev: > >What Do you think about this? Do you know reasons for ClamAV's unusual > >high number of bugs? Would you abandon ClamAV for server side mail > >scanning in favor of other scanners? > Are you sure it has a "unusual high" number of bugs? I have no > experience in OS antivirus solutions, using Clamav on our experimental > server (we're looking to migrate from our messaging server of several > years). As far as I am currently concerned, as long as updates are > provided in a timely manner I'm fine. But I am perhaps not worried enough. > I also do wonder if the latest advisory for Debian DSA 1549 also relates > to Clamav compiled from source. The latest version thereof is 0.93 while > the DSA (naturally) only mentions the (earlier) distribution version. I > looked at the Clamav site, perhaps in the wrong place, but found no > mention of any security updates there. 0.93 contains security fixes in addition to other changes. For Debian stable, the applicable security fixes have been applied. If you look a the CVEs that corresponds to the DSA, you'll see the versions it applies to. And yes, there are a lot of security issues. -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : sgran@debian.org | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
Attachment:
signature.asc
Description: Digital signature