Christoph Cordes wrote: > If a severe vulnerability is discovered in one of the ClamAV modules > - like if one of the unpackers for PE files or something like that > and it offers the possibility to compromise the systems security, the > team can deactivate the module for certain releases with a database > update. The module is then deactivated only for the affected releases > and the immediate need for a new release is at least a bit lower so > that we have the chance to fix the glitch, test it and ship it > without leaving the users in danger.
That's an interesting approach. I assume that the deactivation happens only if the database is correctly signed? Regards, David. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
