Am 22.11.2007 um 01:54 schrieb David F. Skoll: > >> Just to make you feel better - ClamAV includes two special mechanisms >> that in almost all cases allow us to remotely address such >> vulnerabilities in >> 5 minutes eliminating the need for urgent update of the entire >> package. These >> special features effectively limit wider usage of any exploits >> against ClamAV. > > Could you elaborate please?
If a severe vulnerability is discovered in one of the ClamAV modules - like if one of the unpackers for PE files or something like that and it offers the possibility to compromise the systems security, the team can deactivate the module for certain releases with a database update. The module is then deactivated only for the affected releases and the immediate need for a new release is at least a bit lower so that we have the chance to fix the glitch, test it and ship it without leaving the users in danger. -- Best regards, Christoph _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
