On Feb 12, 2011, at 3:38 AM, "Steve Holdoway" <st...@greengecko.co.nz> wrote:
> On Fri, 2011-02-11 at 21:26 -0700, Jim Preston wrote: >> >> On 02/11/2011 12:59 PM, Bowie Bailey wrote: >>> On 2/11/2011 2:17 PM, Jan-Frode Myklebust wrote: >>>> We have a strong preference to running only RHEL5+EPEL packages, >>>> so we're kind of stuck on 0.95.1 until EPEL updates or we move to >>>> RHEL6+EPEL which gives us clamav-0.96.1. I expect you will have quite >>>> a few users with the same/similar policy... >>> FWIW, rpmforge has clamav-0.96.5 at the moment. Personally, I would >>> swap repos if epel is going to take over 1.5 years (!) to update an >>> antivirus package. >>> >> And if you are paying for support or RHEL5, I would start bitching >> loudly to RH. It should not take long for a junior engineer to run the >> system through it's paces to validate clamav. Your license and support >> should be worth something, just MHO. >> > Aren't you completely missing the point of a Release, where > functionality is frozen, only security fixes are implemented? In December, Mandriva released a security fix for clamav in their Enterprise Server product: http://www.mandriva.com/en/support/security/advisories/?dis=mes5&name=MDVSA-2010:249 3 potential arbitrary code execution exploits. Seems like an update from Redhat was warranted under your definition of a "Release". _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
