Christopher X. Candreva wrote:
I disagree with that statement because it's incomplete.. The purpose of this
update was to make running software break WITH A DESCRIPTIVE ERROR .
Important difference.
The alternative being breaking with an incomprehensable hex ump
I think that's sums it up... that, to me, seemed like the ONLY aim.
I even contacted ISC the day before and gave them a reminder:
http://isc.sans.org/diary.html?storyid=8635&rss
I did see an interesting idea on the devel mailing list from David "I
have a feature suggestion: Incorporate the version number in your
DNS TXT records and download URLs. Your download mirrors can use
symlinks in most cases (when versions are completely compatible) and
you can easily stop older machines from attempting to download by
stopping updates on the 0.96.whatever.clamav.net TXT record. "
Source: http://lurker.clamav.net/message/20100408.011105.c584f530.en.html
Would this idea help minimise any future issues like this?
Cheers,
Steve
Sanesecurity
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
