About Clamav You can use .rpm from DAG http://dag.wieers.com/packages/clamav/ ZLib yum install zlib Nope? Tiago ----- Original Message ----- From: <smj at littleprojects.org> To: "CentOS discussion and information list" <centos at caosity.org> Sent: Wednesday, February 23, 2005 1:28 PM Subject: Re: [Centos] new version of zlib to CenOS 3.3 ? > On Wed, Feb 23, 2005 at 01:20:19PM +0100, Ulrik S. Kofod wrote: >> Should I then install from http://www.zlib.net or is there a way to make >> yum get it >> from CentOS 3.4? >> >> I would prefre to install as much as possible via yum. >> >> Matt Bottrell sagde: >> > what version ships with CentOS 3.4? >> > >> > >> > On Wed, 23 Feb 2005 11:35:10 +0100 (CET), Ulrik S. Kofod >> > <usk at cybersite.dk> wrote: >> >> I wanted to upgrade my ClamAV but ./configure gave this error >> >> checking for zlib installation... /usr >> >> configure: error: The installed zlib version may contain a security >> >> bug. Please >> >> upgrade to 1.2.2 or later: http://www.zlib.net. You can omit this >> >> check with >> >> --disable-zlib-vcheck but DO NOT REPORT any stablility issues then! > <SNIP> > > RH has a backporting policy that puts security patches into previous > versions. The reason they do this is to minimize bugs that creep into > the features added in later versions. > > They will very rarely upgrade a software package within a version of > RHEL. > > In short, zlib is probably patched. The version you have is most likely > secure. > You need to check the vulnerability in question against the RHEL eratta to > make sure, > but if this is the zlib flaw that got many Linux servers a year or so > ago, then it's been patched in the source for RHEL, and hence CentOS. > > Not only that, it probably does not have any bugs introduced by later > versions. > > Hope this helps, > > Shawn M. Jones > _______________________________________________ > CentOS mailing list > CentOS at caosity.org > http://lists.caosity.org/mailman/listinfo/centos >