[Pkg-clamav-devel] [Clamav-binary] New ClamAV Package

Micah Snyder (micasnyd) micasnyd at cisco.com
Mon Jan 22 22:49:54 UTC 2018


To answer Sebastian’s question:   “0.99.3-beta2” included the security related fixes that were cherry-picked into the security release that Joel Esler mentioned today.

There is a lot of concern that the “0.99.2.1” name will break version checks that expect a 3-number version string.  We had a lot of back and forth on this one.  We have finally settled on using the “0.99.3” version string for the security release.  ClamAV will continue to use the “Major.Minor.Patch” version scheme and will reserve the Patch number for security patches and other urgent bugfixes.

0.99.3 suffered of scope creep and included more than just security patches and urgent bugfixes.  As such, I would like to re-target these features for an upcoming “0.100.0” version.  We are presently investigating to validate that the “100” number will not break other things that we’re aware of.  If all is okay, we would immediately re-release 0.99.3-beta2 as 0.100.0-beta and continue to address the few remaining issues blocking us from the 0.100.0 release candidate and release.  If not, we may have to use the 0.99.4 version string for until the technical issues can be resolved.

We will update you shortly when we are certain.


Micah Snyder
Software Engineer
Talos
Cisco Systems, Inc.



On Jan 22, 2018, at 4:13 PM, Larry Rosenman <ler at FreeBSD.org<mailto:ler at FreeBSD.org>> wrote:

On Mon, Jan 22, 2018 at 09:59:36PM +0100, Sebastian Andrzej Siewior wrote:
On 2018-01-22 13:40:52 [+0000], Joel Esler (jesler) wrote:
Just a heads up to all binary maintainers.  We will be performing a security release of ClamAV this week (planning for Wednesday at the latest).

Tentatively, unless decided otherwise between now and Wednesday, we are planning on this release version being named 0.99.2.1. Please let us know if this will cause any problems by writing back on the list.

Works here. I have the latest beta2 in Debian unstable. Are there any
security related fixes on top beta2 or is everything already somewhere
between 0.99.2 and 0.99.3-beta2 that is now cherry-picked into 0.99.2.1
?
Works for me on FreeBSD.

--
Larry Rosenman                         https://people.FreeBSD.org/~ler/
Phone: +1 214-642-9640                 E-Mail: ler at FreeBSD.org<mailto:ler at FreeBSD.org>
US Mail: 5708 Sabbia Drive, Round Rock, TX 78665-2106
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-binary
http://www.clamav.net/contact.html#ml

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20180122/db80513b/attachment.html>
-------------- next part --------------
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-binary
http://www.clamav.net/contact.html#ml


More information about the Pkg-clamav-devel mailing list