Hi, I am taking a look at clamav's zip bomb issue[0] in jessie. This issue is no-dsa in buster/stretch: "ClamAV is updated via -updates".
What is this -updates mechanism? I might have missed something, does clamav have an auto-update mechanism? regards, Hugo [0] https://bugs.debian.org/934359 -- Hugo Lefeuvre (hle) | www.owl.eu.com RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C
signature.asc
Description: PGP signature
