[CentOS] clamav-0.85

Mon May 16 17:33:32 UTC 2005
Dag Wieers <dag at wieers.com>

On Mon, 16 May 2005, Les Mikesell wrote:

> On Mon, 2005-05-16 at 09:46, Dag Wieers wrote:
> 
> > Yes, I actually asked the clamav people to not break clamav everytime they 
> > release a new version. It seems so silly to expect everyone to upgrade the 
> > day a new version is available. Sadly they still show that very confusing 
> > message, and I get tons of mail from people that think they have to tell 
> > me that a new version is released...
> 
> For a virus scanner or other security-related items, it is silly *not*
> to update the day a new version is released.  Well-written exploits are
> capable of flooding the internet in a day. In clam's case it only
> matters if the new code is necessary to detect some virus, though, and
> they may be making the announcements on changes that only affect
> efficiency.

Fact is that a new release of the scanner is not always a security related 
matter. As long as your virus scanner still can download the latest 
updates (what it didn't do at first), they fixed that but still act as if 
your system stopped working.

A false sense of security is as bad as thinking you have no security even 
when you do. Because there might be more important security problems that 
you are ignoring trying to fix this.

Remark 1: None of the vendors will ship a new clamav the day it is 
released without a proper test. And often even not if the previous did 
not beak anything serious. On the clamav internal mailinglist they 
announce it a few hours before the mirrors are updated and it appears on 
freshmeat.

Remark 2: If you look at Fedora, they still ship Clamav 0.71. Which is 
fine since it still downloads the latest viruslist iirc.

So yes, the current practice is pretty silly. Making people panic for no 
reason is even illegal in some environments :)

Kind regards,
--   dag wieers,  dag at wieers.com,  http://dag.wieers.com/   --
[all I want is a warm bed and a kind word and unlimited power]