[CentOS] clamav-0.85
Marco Garza
testuser at ccskavenger.info
Tue May 17 01:05:03 UTC 2005
Good thing that Dag hasn't made the rpms yet, Clam just announced 0.85.1.
They had to fix some stuff.....
-Marco Garza
----- Original Message -----
From: "Dag Wieers" <dag at wieers.com>
To: "CentOS mailing list" <centos at centos.org>
Sent: Monday, May 16, 2005 12:33 PM
Subject: Re: [CentOS] clamav-0.85
> On Mon, 16 May 2005, Les Mikesell wrote:
>
>> On Mon, 2005-05-16 at 09:46, Dag Wieers wrote:
>>
>> > Yes, I actually asked the clamav people to not break clamav everytime
>> > they
>> > release a new version. It seems so silly to expect everyone to upgrade
>> > the
>> > day a new version is available. Sadly they still show that very
>> > confusing
>> > message, and I get tons of mail from people that think they have to
>> > tell
>> > me that a new version is released...
>>
>> For a virus scanner or other security-related items, it is silly *not*
>> to update the day a new version is released. Well-written exploits are
>> capable of flooding the internet in a day. In clam's case it only
>> matters if the new code is necessary to detect some virus, though, and
>> they may be making the announcements on changes that only affect
>> efficiency.
>
> Fact is that a new release of the scanner is not always a security related
> matter. As long as your virus scanner still can download the latest
> updates (what it didn't do at first), they fixed that but still act as if
> your system stopped working.
>
> A false sense of security is as bad as thinking you have no security even
> when you do. Because there might be more important security problems that
> you are ignoring trying to fix this.
>
> Remark 1: None of the vendors will ship a new clamav the day it is
> released without a proper test. And often even not if the previous did
> not beak anything serious. On the clamav internal mailinglist they
> announce it a few hours before the mirrors are updated and it appears on
> freshmeat.
>
> Remark 2: If you look at Fedora, they still ship Clamav 0.71. Which is
> fine since it still downloads the latest viruslist iirc.
>
> So yes, the current practice is pretty silly. Making people panic for no
> reason is even illegal in some environments :)
>
> Kind regards,
> -- dag wieers, dag at wieers.com, http://dag.wieers.com/ --
> [all I want is a warm bed and a kind word and unlimited power]
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.0.308 / Virus Database: 266.11.11 - Release Date: 5/16/2005
>
>
More information about the CentOS
mailing list