FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 06-27-2011, 11:58 AM
Eric Viseur
 
Default clamav 0.97.1 not coming to squeeze-updates ?

Hi list,

In my understanding, the stable-updates repo was esthablished in order to replace the volatile repo.* Thus, updated clamav should be pushed in it, but I note it's only available in the testing branch.


Did I misunderstood the role of the stable-updates repo, or is clam 0.97.1 just coming in late ?* I have a server complaining about clam not being up to date every night, so it's getting a little annoying, and I'd like to avoid apt-pinning if possible.



Eric
 
Old 06-27-2011, 02:52 PM
Camaleón
 
Default clamav 0.97.1 not coming to squeeze-updates ?

On Mon, 27 Jun 2011 13:58:43 +0200, Eric Viseur wrote:

> In my understanding, the stable-updates repo was esthablished in order
> to replace the volatile repo. Thus, updated clamav should be pushed in
> it, but I note it's only available in the testing branch. Did I
> misunderstood the role of the stable-updates repo, or is clam 0.97.1
> just coming in late ?

Nope, your understaing is totally correct, but...

> I have a server complaining about clam not being up to date every
> night, so it's getting a little annoying, and I'd like to avoid apt
> -pinning if possible.

... for the stable/olstable branch is my understanding that only security
bugfixes are corrected, so if the clamav update does not closes any
serious flaw you will keep seeing the clamav warning at the logs. But
don't worry, your clients are still protected, your AV firms updated and
your files analyzed for any treat.

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: pan.2011.06.27.14.52.57@gmail.com">http://lists.debian.org/pan.2011.06.27.14.52.57@gmail.com
 
Old 06-27-2011, 02:56 PM
Eric Viseur
 
Default clamav 0.97.1 not coming to squeeze-updates ?

Hi,

Thanks for the answers.* I know the DB still gets updated, but when you're in charge of almost 20 servers, each beginning to cry like babies at every little problem, things like this can get pretty annoying.


Guess I'll have to wait till the release on squeeze-updates.

Eric

2011/6/27 Camaleón <noelamac@gmail.com>


On Mon, 27 Jun 2011 13:58:43 +0200, Eric Viseur wrote:



> In my understanding, the stable-updates repo was esthablished in order

> to replace the volatile repo. *Thus, updated clamav should be pushed in

> it, but I note it's only available in the testing branch. Did I

> misunderstood the role of the stable-updates repo, or is clam 0.97.1

> just coming in late ?



Nope, your understaing is totally correct, but...



> I have a server complaining about clam not being up to date every

> night, so it's getting a little annoying, and I'd like to avoid apt

> -pinning if possible.



... for the stable/olstable branch is my understanding that only security

bugfixes are corrected, so if the clamav update does not closes any

serious flaw you will keep seeing the clamav warning at the logs. But

don't worry, your clients are still protected, your AV firms updated and

your files analyzed for any treat.



Greetings,



--

Camaleón





--

To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org

with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Archive: http://lists.debian.org/pan.2011.06.27.14.52.57@gmail.com
 
Old 06-27-2011, 03:07 PM
Camaleón
 
Default clamav 0.97.1 not coming to squeeze-updates ?

On Mon, 27 Jun 2011 16:56:53 +0200, Eric Viseur wrote:

> 2011/6/27 Camaleón <noelamac@gmail.com>

(...)

>> ... for the stable/olstable branch is my understanding that only
>> security bugfixes are corrected, so if the clamav update does not
>> closes any serious flaw you will keep seeing the clamav warning at the
>> logs. But don't worry, your clients are still protected, your AV firms
>> updated and your files analyzed for any treat.
>
> Thanks for the answers. I know the DB still gets updated, but when
> you're in charge of almost 20 servers, each beginning to cry like babies
> at every little problem, things like this can get pretty annoying. Guess
> I'll have to wait till the release on squeeze-updates.

No further aclarations are needed, I'm in the same boat with servers to
maintain and claiming all day for a new clamav package ;-)

But I'm not sure this update will be available for us...

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: pan.2011.06.27.15.07.14@gmail.com">http://lists.debian.org/pan.2011.06.27.15.07.14@gmail.com
 
Old 06-27-2011, 03:07 PM
D G Teed
 
Default clamav 0.97.1 not coming to squeeze-updates ?

On Mon, Jun 27, 2011 at 11:52 AM, Camaleón <noelamac@gmail.com> wrote:

On Mon, 27 Jun 2011 13:58:43 +0200, Eric Viseur wrote:



> In my understanding, the stable-updates repo was esthablished in order

> to replace the volatile repo. *Thus, updated clamav should be pushed in

> it, but I note it's only available in the testing branch. Did I

> misunderstood the role of the stable-updates repo, or is clam 0.97.1

> just coming in late ?



Nope, your understaing is totally correct, but...



> I have a server complaining about clam not being up to date every

> night, so it's getting a little annoying, and I'd like to avoid apt

> -pinning if possible.



... for the stable/olstable branch is my understanding that only security

bugfixes are corrected, so if the clamav update does not closes any

serious flaw you will keep seeing the clamav warning at the logs. But

don't worry, your clients are still protected, your AV firms updated and

your files analyzed for any treat.
*This is incorrect. Here are the announcement of squeeze-updates,
with a list of reasons why squeeze-updates will push ahead a release...

http://lists.debian.org/debian-volatile-announce/2011/msg00000.html

It even mentions clamav as one which needs to be current to be useful.


Our expectations for squeeze-updates to release clamav ahead of stable
merely to be current are correct.

Note you don't need to use squeeze-updates, so we are opting into something
which can be a little more bleeding edge.


If you only want security and bug fixes that is handled by security repo
and standard stable repo.
 
Old 06-27-2011, 03:46 PM
Camaleón
 
Default clamav 0.97.1 not coming to squeeze-updates ?

On Mon, 27 Jun 2011 12:07:28 -0300, D G Teed wrote:

> On Mon, Jun 27, 2011 at 11:52 AM, Camaleón <noelamac@gmail.com> wrote:
>
>> On Mon, 27 Jun 2011 13:58:43 +0200, Eric Viseur wrote:

(...)

>> > I have a server complaining about clam not being up to date every
>> > night, so it's getting a little annoying, and I'd like to avoid apt
>> > -pinning if possible.
>>
>> ... for the stable/olstable branch is my understanding that only
>> security bugfixes are corrected, so if the clamav update does not
>> closes any serious flaw you will keep seeing the clamav warning at the
>> logs. But don't worry, your clients are still protected, your AV firms
>> updated and your files analyzed for any treat.
>>
>>
> This is incorrect.

What exactly do you find incorrect?

> Here are the announcement of squeeze-updates, with a list of reasons
> why squeeze-updates will push ahead a release...
> http://lists.debian.org/debian-volatile-announce/2011/msg00000.html
>
> It even mentions clamav as one which needs to be current to be useful.

Of course, "squeeze-updates" is the new "volatile", nothing has changed.

> Our expectations for squeeze-updates to release clamav ahead of stable
> merely to be current are correct.

Then it has to be a new policy. IIRC, not all of the clamav package
updates reached the stable branch via volatile (now squeeze-updates),
only those that closed security bugfixes. And I say this because I asked
this same question here, months ago, and I was told so ;-)

> Note you don't need to use squeeze-updates, so we are opting into
> something which can be a little more bleeding edge.

Please, note that we are not talking about clamav database updates but
the package itself. If the policy has changed, good and glad to know, but
to be sincere, I'm not aware of that and would be nice if someone can
point to it.

> If you only want security and bug fixes that is handled by security repo
> and standard stable repo.

I think you are talking about a different issue.

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: pan.2011.06.27.15.46.32@gmail.com">http://lists.debian.org/pan.2011.06.27.15.46.32@gmail.com
 
Old 06-27-2011, 05:39 PM
Freeman
 
Default clamav 0.97.1 not coming to squeeze-updates ?

On Mon, Jun 27, 2011 at 03:46:32PM +0000, Camaleón wrote:
> On Mon, 27 Jun 2011 12:07:28 -0300, D G Teed wrote:
>
> > On Mon, Jun 27, 2011 at 11:52 AM, Camaleón <noelamac@gmail.com> wrote:
> >
> >> On Mon, 27 Jun 2011 13:58:43 +0200, Eric Viseur wrote:
>
> (...)
>
> >> > I have a server complaining about clam not being up to date every
> >> > night, so it's getting a little annoying, and I'd like to avoid apt
> >> > -pinning if possible.
> >>
> >> ... for the stable/olstable branch is my understanding that only
> >> security bugfixes are corrected, so if the clamav update does not
> >> closes any serious flaw you will keep seeing the clamav warning at the
> >> logs. But don't worry, your clients are still protected, your AV firms
> >> updated and your files analyzed for any treat.
> >>
> >>
> > This is incorrect.
>
> What exactly do you find incorrect?
>
> > Here are the announcement of squeeze-updates, with a list of reasons
> > why squeeze-updates will push ahead a release...
> > http://lists.debian.org/debian-volatile-announce/2011/msg00000.html
> >
> > It even mentions clamav as one which needs to be current to be useful.
>
> Of course, "squeeze-updates" is the new "volatile", nothing has changed.
>
> > Our expectations for squeeze-updates to release clamav ahead of stable
> > merely to be current are correct.
>
> Then it has to be a new policy. IIRC, not all of the clamav package
> updates reached the stable branch via volatile (now squeeze-updates),
> only those that closed security bugfixes. And I say this because I asked
> this same question here, months ago, and I was told so ;-)
>
> > Note you don't need to use squeeze-updates, so we are opting into
> > something which can be a little more bleeding edge.
>
> Please, note that we are not talking about clamav database updates but
> the package itself. If the policy has changed, good and glad to know, but
> to be sincere, I'm not aware of that and would be nice if someone can
> point to it.
>
> > If you only want security and bug fixes that is handled by security repo
> > and standard stable repo.
>
> I think you are talking about a different issue.
>

I seen this twice prior. Not running a server, I didn't concern myself with
it extensively, but I did observe in consternation.

The Volatile package is outdated but the the sid or testing package isn't.
The wait is somewhere between 2-6 months.

Bug reports happen.

Eventually it shows up in Volatile.

Nothing has changed except the name.


--
Regards,
Freeman

"Microsoft is not the answer. Microsoft is the question. NO (or Linux) is the
answer." --Somebody


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110627173940.GA4061@Deneb.office">http://lists.debian.org/20110627173940.GA4061@Deneb.office
 
Old 06-27-2011, 05:51 PM
Freeman
 
Default clamav 0.97.1 not coming to squeeze-updates ?

On Mon, Jun 27, 2011 at 03:46:32PM +0000, Camaleón wrote:
> On Mon, 27 Jun 2011 12:07:28 -0300, D G Teed wrote:
>
> > On Mon, Jun 27, 2011 at 11:52 AM, Camaleón <noelamac@gmail.com> wrote:
> >
> >> On Mon, 27 Jun 2011 13:58:43 +0200, Eric Viseur wrote:
>
> (...)
>
> >> > I have a server complaining about clam not being up to date every
> >> > night, so it's getting a little annoying, and I'd like to avoid apt
> >> > -pinning if possible.
> >>
> >> ... for the stable/olstable branch is my understanding that only
> >> security bugfixes are corrected, so if the clamav update does not
> >> closes any serious flaw you will keep seeing the clamav warning at the
> >> logs. But don't worry, your clients are still protected, your AV firms
> >> updated and your files analyzed for any treat.
> >>
> >>
> > This is incorrect.
>
> What exactly do you find incorrect?
>
> > Here are the announcement of squeeze-updates, with a list of reasons
> > why squeeze-updates will push ahead a release...
> > http://lists.debian.org/debian-volatile-announce/2011/msg00000.html
> >
> > It even mentions clamav as one which needs to be current to be useful.
>
> Of course, "squeeze-updates" is the new "volatile", nothing has changed.
>
> > Our expectations for squeeze-updates to release clamav ahead of stable
> > merely to be current are correct.
>
> Then it has to be a new policy. IIRC, not all of the clamav package
> updates reached the stable branch via volatile (now squeeze-updates),
> only those that closed security bugfixes. And I say this because I asked
> this same question here, months ago, and I was told so ;-)
>
> > Note you don't need to use squeeze-updates, so we are opting into
> > something which can be a little more bleeding edge.
>
> Please, note that we are not talking about clamav database updates but
> the package itself. If the policy has changed, good and glad to know, but
> to be sincere, I'm not aware of that and would be nice if someone can
> point to it.
>

http://wiki.debian.org/StableUpdates

. . . This path will be used for updates which many users may wish to
install on their systems before the next point release is made, such as
updates to virus scanners and timezone data. All packages from
squeeze-updates will be included in point releases.

However I take it you are drawing a distinction between security and other
updates. But would not that then concern debian-security rather than
squeeze-updates?

--
Regards,
Freeman

"Microsoft is not the answer. Microsoft is the question. NO (or Linux) is the
answer." --Somebody


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110627175128.GB4061@Deneb.office">http://lists.debian.org/20110627175128.GB4061@Deneb.office
 
Old 06-28-2011, 02:44 AM
Andrew Reid
 
Default clamav 0.97.1 not coming to squeeze-updates ?

> On Mon, 27 Jun 2011 12:07:28 -0300, D G Teed wrote:
> > On Mon, Jun 27, 2011 at 11:52 AM, Camaleón <noelamac@gmail.com> wrote:

> Of course, "squeeze-updates" is the new "volatile", nothing has changed.
>
> > Our expectations for squeeze-updates to release clamav ahead of stable
> > merely to be current are correct.
>
> Then it has to be a new policy. IIRC, not all of the clamav package
> updates reached the stable branch via volatile (now squeeze-updates),
> only those that closed security bugfixes. And I say this because I asked
> this same question here, months ago, and I was told so ;-)

I don't know about policy, but my experience with clamav from
lenny-volatile was that the engine itself actually did update,
typically within a few weeks after it started squawking.

My understanding for squeeze-updates was that it was intended
to serve the same role for squeeze, i.e. that time-critical new
versions which were not necessarily security-related would come
through this pipe.

ClamAV is the archetypical example for this, but given the recent
announcements, I wonder if iceweasel might find itself in this
channel also....

-- A.
--
Andrew Reid / reidac@bellatlantic.net


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 201106272244.26736.reidac@bellatlantic.net">http://lists.debian.org/201106272244.26736.reidac@bellatlantic.net
 
Old 06-28-2011, 11:59 AM
Camaleón
 
Default clamav 0.97.1 not coming to squeeze-updates ?

On Mon, 27 Jun 2011 10:51:28 -0700, Freeman wrote:

> On Mon, Jun 27, 2011 at 03:46:32PM +0000, Camaleón wrote:

(...)

>> > Note you don't need to use squeeze-updates, so we are opting into
>> > something which can be a little more bleeding edge.
>>
>> Please, note that we are not talking about clamav database updates but
>> the package itself. If the policy has changed, good and glad to know,
>> but to be sincere, I'm not aware of that and would be nice if someone
>> can point to it.
>>
>>
> http://wiki.debian.org/StableUpdates
>
> . . . This path will be used for updates which many users may wish to
> install on their systems before the next point release is made, such as
> updates to virus scanners and timezone data. All packages from
> squeeze-updates will be included in point releases.
>
> However I take it you are drawing a distinction between security and
> other updates. But would not that then concern debian-security rather
> than squeeze-updates?

I only know how this went for lenny.

Lenny shipped with a clamav version (0.94) different than the one
available at lenny's volatile repo (0.97) and AFAICT, this was how it
worked: volatile repo was aimed to get upgrades for a small set of
packages that changed from time to time (like clamav, SA or tzdata) but
this upgrades were in paralel from the ones coming from stable branch,
that is, you can be running lenny with either clamav packages (stock
ones, 0.94 or volatile, 0.97).

Indeed, I asked the same question here not much ago:

ClamAV update to 0.97
http://lists.debian.org/debian-user/2011/02/msg01759.html

I'm still with lenny (now oldstable) but I was even told that not all
security flaws reached votatile, just some, depending of the nature of
the flaw...

And again, if this policy has recently changed is more than very welcome,
my clamav is also claiming for an update and oldstable is still supported.

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: pan.2011.06.28.11.59.44@gmail.com">http://lists.debian.org/pan.2011.06.28.11.59.44@gmail.com
 

Thread Tools




All times are GMT. The time now is 09:42 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org