clamav-0.85

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Good thing that Dag hasn't made the rpms yet, Clam just announced 0.85.1. 
They had to fix some stuff.....


-Marco Garza



----- Original Message ----- 
From: "Dag Wieers" <dag@xxxxxxxxxx>
To: "CentOS mailing list" <centos@xxxxxxxxxx>
Sent: Monday, May 16, 2005 12:33 PM
Subject: Re:  clamav-0.85


> On Mon, 16 May 2005, Les Mikesell wrote:
>
>> On Mon, 2005-05-16 at 09:46, Dag Wieers wrote:
>>
>> > Yes, I actually asked the clamav people to not break clamav everytime 
>> > they
>> > release a new version. It seems so silly to expect everyone to upgrade 
>> > the
>> > day a new version is available. Sadly they still show that very 
>> > confusing
>> > message, and I get tons of mail from people that think they have to 
>> > tell
>> > me that a new version is released...
>>
>> For a virus scanner or other security-related items, it is silly *not*
>> to update the day a new version is released.  Well-written exploits are
>> capable of flooding the internet in a day. In clam's case it only
>> matters if the new code is necessary to detect some virus, though, and
>> they may be making the announcements on changes that only affect
>> efficiency.
>
> Fact is that a new release of the scanner is not always a security related
> matter. As long as your virus scanner still can download the latest
> updates (what it didn't do at first), they fixed that but still act as if
> your system stopped working.
>
> A false sense of security is as bad as thinking you have no security even
> when you do. Because there might be more important security problems that
> you are ignoring trying to fix this.
>
> Remark 1: None of the vendors will ship a new clamav the day it is
> released without a proper test. And often even not if the previous did
> not beak anything serious. On the clamav internal mailinglist they
> announce it a few hours before the mirrors are updated and it appears on
> freshmeat.
>
> Remark 2: If you look at Fedora, they still ship Clamav 0.71. Which is
> fine since it still downloads the latest viruslist iirc.
>
> So yes, the current practice is pretty silly. Making people panic for no
> reason is even illegal in some environments :)
>
> Kind regards,
> --   dag wieers,  dag@xxxxxxxxxx,  http://dag.wieers.com/   --
> [all I want is a warm bed and a kind word and unlimited power]
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
>
>
> -- 
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.0.308 / Virus Database: 266.11.11 - Release Date: 5/16/2005
>
>
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux