Re: clamav 0.97.1 not coming to squeeze-updates ?
On Mon, Jun 27, 2011 at 03:46:32PM +0000, Camaleón wrote:
> On Mon, 27 Jun 2011 12:07:28 -0300, D G Teed wrote:
> > On Mon, Jun 27, 2011 at 11:52 AM, Camaleón <firstname.lastname@example.org> wrote:
> >> On Mon, 27 Jun 2011 13:58:43 +0200, Eric Viseur wrote:
> >> > I have a server complaining about clam not being up to date every
> >> > night, so it's getting a little annoying, and I'd like to avoid apt
> >> > -pinning if possible.
> >> ... for the stable/olstable branch is my understanding that only
> >> security bugfixes are corrected, so if the clamav update does not
> >> closes any serious flaw you will keep seeing the clamav warning at the
> >> logs. But don't worry, your clients are still protected, your AV firms
> >> updated and your files analyzed for any treat.
> > This is incorrect.
> What exactly do you find incorrect?
> > Here are the announcement of squeeze-updates, with a list of reasons
> > why squeeze-updates will push ahead a release...
> > http://lists.debian.org/debian-volatile-announce/2011/msg00000.html
> > It even mentions clamav as one which needs to be current to be useful.
> Of course, "squeeze-updates" is the new "volatile", nothing has changed.
> > Our expectations for squeeze-updates to release clamav ahead of stable
> > merely to be current are correct.
> Then it has to be a new policy. IIRC, not all of the clamav package
> updates reached the stable branch via volatile (now squeeze-updates),
> only those that closed security bugfixes. And I say this because I asked
> this same question here, months ago, and I was told so ;-)
> > Note you don't need to use squeeze-updates, so we are opting into
> > something which can be a little more bleeding edge.
> Please, note that we are not talking about clamav database updates but
> the package itself. If the policy has changed, good and glad to know, but
> to be sincere, I'm not aware of that and would be nice if someone can
> point to it.
. . . This path will be used for updates which many users may wish to
install on their systems before the next point release is made, such as
updates to virus scanners and timezone data. All packages from
squeeze-updates will be included in point releases.
However I take it you are drawing a distinction between security and other
updates. But would not that then concern debian-security rather than
"Microsoft is not the answer. Microsoft is the question. NO (or Linux) is the