[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] Re: openSUSE-RU-2015:2060-1: moderate: Recommended update for clamav-database

On Sat, Nov 21, 2015 at 04:30:28PM +0100, Andreas Stieger wrote:
> Hello,
> On 11/21/2015 03:51 PM, Christian Boltz wrote:
> > Am Freitag, 20. November 2015 schrieben Sie:
> > >    openSUSE Recommended Update: Recommended update for clamav-database
> >
> > >    This is the weekly internal clamav database refresh on November
> > > 16th.
> >
> > Does shipping weekly updates of the virus signatures really make sense?
> > They are probably already outdated when the update is released,
> > especially when it comes to catching new viruses/malware/etc.
> >
> > Wouldn't it be better to setup an (at least) daily cronjob that runs
> > freshclam?
> This package is not primarily intended for the use case you are
> describing. Yes many users should use freshclam. The clamav-database
> package is for disconnected / sneakernetted users as well as
> environments where no network connection is available, e.g. as in
> openSUSE's own build service where it is used to scan incoming source
> submissions for threats.

It is actually only used on the SLES side currently, Leap was not set up
this way.

If there is interest in post-build virus scanning we could set up the same for Leap.

Ciao, Marcus
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx