On Tue, 8 Aug 2006, Ralph Angenendt wrote:
> Email Lists wrote:
> > Greetings
> >
> > I was informed on another list about this... im not a serious programming or
> > exploit creation expert yet this appears to me to be fairly serious.....
> >
> > For those of you that have not heard about it, there has been a
> > www.clamav.net update to 88.4
> >
> > I roll my own rpms so I don't wait for upstream on this one... and for all I
> > know they have dealt with it already...
>
> rpmforge has updated packages already, but they're version 0.88.3-2, not
> 0.88.4, fwiw.
The patch was released before the 0.88.4 release. So I had to bring out a
patched 0.88.3. Late last night they released 0.88.4 and I build it. And
this morning uploaded it.
The 0.88.3-2 and the 0.88.4 are identical. The clamav people anticipated
to release 0.89 with the patch included but unfortunately the problem was
disclosed on secunia yesterday. So they released the patch in a rush.
There is a closed mailinglist for clamav packagers where they announce new
releases and security patches before they're made public.
The downside is that people in between 0.88.3-2 and 0.88.4 eventually had
to download the same data twice. The upside is that the security-fix was
released sooner.
Kind regards,
-- dag wieers, dag@xxxxxxxxxx, http://dag.wieers.com/ --
[all I want is a warm bed and a kind word and unlimited power]
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
