[Pkg-clamav-devel] Bug#727027: clamav: yet another new upsteam version

Greg Folkert greg at gregfolkert.net
Sun Jan 19 13:45:12 UTC 2014

Package: clamav
Version: 0.97.8+dfsg-1
Followup-For: Bug #727027

Dear Maintainer,

What has led to this situation is "Sourcefire" has released a new verion of 
ClamAV (0.98.1) with additional functionality and possibly fixed your 
compiling issue Noted in your previous listing.

This is becoming a serious issue. Especially for those of us that run PCI 
compliant systems. Our QSA (Qualified Security Assessor) noticed our version 
was behind and they don't particularly care for "behind" versions from vendor 
that aren't either updated to latest version or at least maintained with 
backports of patches to required API versions.

This package is neither at this point and it is forcing me to make my Debian 
systems come under scrutiny that my "RedHat/CentOS" systems aren't coming
under, since they've been updated already. This wouldn't be such a bad thing, 
except Freshclam announces to the world that things are not up to snuff.

What I did exactly: I watch logs from the updating engine FreshClam, telling 
me this version is outdated. Here is the snippet from the relevant log:

    WARNING: Your ClamAV installation is OUTDATED!
    WARNING: Local version: 0.97.8 Recommended version: 0.98.1

Also 0.98 was released September 19th, 2013 and subsequently 0.98.1 was 
released January 15th, 2014.

Please at least make some effort to either update this bug or other 
remediation updates.

I thank you in advance for your work and hope you are well.

Sincerely and best wishes.

greg at gregfolkert.net
PGP key 1024D/B524687C 2003-08-05
Fingerprint: E1D3 E3D7 5850 957E FED0 2B3A ED66 6971 B524 687C
"The only way to enjoy anything in this life is to earn it first."
    -- Ginger Rogers

More information about the Pkg-clamav-devel mailing list