[Pkg-clamav-devel] New clamav upstream version: Should it go into squeeze?

Michael Tautschnig mt at debian.org
Wed Oct 27 05:58:23 UTC 2010


Hi,

Two days ago clamav upstream has released a new version (0.96.4) fixing a
number of bugs including memory leaks and problems with corrupted PDF files (if
bytecode support is disabled, this could possibly yield a DOS).

We have prepared updated packages, which have already been uploaded to
lenny-volatile. The question, however, is whether we should also upload to
unstable or rather go for experimental. At this point it seems that uploading to
unstable would only make sense if there is a chance of a freeze exception. To
this end, we have prepared a debdiff [1] between the versions currently in
squeeze and the new packages. Even though quite a bit of the changes is due to
configure having been updated, a diffstat of 
 77 files changed, 4754 insertions(+), 2411 deletions(-)
arguably isn't for the faint of heart. Please let us (pkg-clamav-devel at l.a.d.o)
know whether we should go for unstable (and request a freeze exception) or
experimental, or follow some completely different route.

Thanks a lot,
Michael

[1] http://people.debian.org/~mt/clamav-0.96.3_0.96.4.debdiff.gz

PS: Please keep pkg-clamav-devel CC'ed.
PPS: Resent as message+attachment hasn't made it to the lists since more than one
day.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20101027/ab5347b1/attachment-0001.pgp>


More information about the Pkg-clamav-devel mailing list