Hey there, I do not want to stress, but does it have any reasons, why it takes so long to patch clamav with severity "grave"? Can you guys may tell me how long you still need to fix clamav in current debian stable (stretch)? ATM clamav is running on our systems for spam mail protection. If you still need some time (> 12h), I'm forced to disable clamav as long as it's not fixed. < 0.99.3 is vulnerable for code execution...
Kindest regards
