[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] Clamd in 10.3 is outdated.



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



The Thursday 2008-06-12 at 12:13 +0200, Werner Flamme wrote:

@Carlos: did you read the next line? "DON'T PANIC! Read
http://www.clamav.net/support/faq"; :-)

Certainly not!

Because that line is not printed to the /var/log/warn file; I'm getting
the warning every now and then in my warning log, whereas the line you
mention is not logged at 'warn' level. And no, of course I haven't
panicked.

The line resides in my /var/log/freshclam.log and is printed at boot
time on the screen. So I can't understand "certainly", especially
because I do not only look at the warn log but in the respective
application's log, too. Besides, do you know the meaning of :-) ?


cer@nimrodel:~> ls /var/log/freshclam.log
ls: cannot access /var/log/freshclam.log: No such file or directory

Of course, I can find the line if I search for it, buried inside the /var/log/mail between tons of other messages. The "warn" log is the only I continously watch for "new" problems, and the rest I look when I search for extra info. The clamd authors choosed to leave the "don't worry" out of the "warn" log :-p

And sorry, I didn't notice that smiley.

The thing is, if I see a program reporting something unexpected in the warn log file, I take that as important, maybe important enough to report here or in bugzilla.


There was always an update of clamav via YOU (when you use a ftp or http
client to look into the update repo manually, you still see
clamav-0.91.2, 0.92.0, 0.92.1, and 0.93.0), it just takes some time to
testing...
This is one of the reasons for me staying with SUSE, even after they
introduced the 10.1 software management ;-)

No, there has been no update through YOU yet. Marcus said there will be
one such, so I'll wait. No, I do not intend to go to the clamav site and
roll my own. If that's what needs to be done I will uninstall clamd and
continue using antivir instead.

Don't bite me! ;-) I said that there were clamav updates via YOU for all
the recent versions. So I do not see any reason why there will be no YOU
update for the current version. With "no update through YOU yet" you
sure mean the current version of clamav, do you?

Well, of course, I mean for the one that is "official" currently for opensuse 10.3.

There is some problem with the procedure here: the clamd people should tell the distro maintainers in advance that there is going to be a new version and that such versions are to be obsoleted, so that they can prepare the automatic upgrades for their distros without there being any perveived loss of security.

I mean, it doesn't look good if the antivirus says "Hey, I'm obsolete", and the update is not ready.


On the other hand, if updating the engine is not that crucial, then they should not write that message to the warning log. There are many programs and daemons in the distro that keep silent when there is a new version, and many of them are security-wise important.

That's what I think the real problem is: that they shout "Danger, update me! with no real need.


- -- Cheers,
       Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)

iD8DBQFIU6UptTMYHG2NR9URAnAAAJ9bkmpECKrvqRcBgL8H3iS28r7TbQCgmGiU
zrV7ZsR1dhElNf8kgjAQJYE=
=vtgH
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx