[Pkg-clamav-devel] Wheezy update of clamav?

Moritz Mühlenhoff jmm at inutil.org
Fri Mar 9 21:21:31 UTC 2018

On Fri, Mar 09, 2018 at 10:17:05PM +0100, Sebastian Andrzej Siewior wrote:
> Clamav was updated via volatile in the past. This moved to
> stable/updates now. The security team is not comfortable with
> security related changes and new features all-in-one release.

That's not the reason. -updates is for fast-changing packages which
regularly need to be updated outside the stable point relases, like
tzdata. clamav as a package which needs updates of it's scan engine
to pick up new malware signature engine features exactly fits that
definition. And if we update a package a package via -updates it
doesn't make sense to selective ship some via security.debian.org
and some not.


More information about the Pkg-clamav-devel mailing list